Tree: 626f488cb4

devx-1.4.0

master

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '626f488cb4'

${ noResults }

Commit Graph

238 Commits (626f488cb4d12c5b11c80d3a05535d3d111e9fc4)

Author	SHA1	Message	Date
Adam Ierymenko	ef08346a74	Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.	4 years ago
Adam Ierymenko	912036b260	Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.	4 years ago
Adam Ierymenko	a4e8847664	Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.	4 years ago
Adam Ierymenko	c492bf7eea	Forgot to send error on v0 auth expiry.	4 years ago
Adam Ierymenko	cb086ff97f	Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.	4 years ago
Adam Ierymenko	55a99f34d0	Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.	4 years ago
Adam Ierymenko	58119598ae	comment out some new deauth code	4 years ago
Adam Ierymenko	42a2afaef9	This may improve controller behavior with SSO and mixed SSO, needs testing!	4 years ago
Grant Limberg	b3fbbd3124	refresh tokens now working ... Still investigating the best way to do a couple things, but we have something working	4 years ago
Grant Limberg	7cce23ae79	wip	4 years ago
Grant Limberg	a33d7c64fe	more fixin	4 years ago
Grant Limberg	fa21fdc1cc	rename stuff for clarity ... authenticationURL will still be used by the client for v1 and v2 of sso	4 years ago
Grant Limberg	43433cdb5a	integrate rust build of zeroidc to linux	4 years ago
Grant Limberg	8d39c9a861	plumbing full flow from controller -> client network	4 years ago
Adam Ierymenko	eabe091038	Backport only the COM mitigation instead of everything from 1.8	5 years ago
Adam Ierymenko	75a45eeb27	Revert "Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed." ... This reverts commit 48ce7632fa.	5 years ago
Adam Ierymenko	48ce7632fa	Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed.	5 years ago
Adam Ierymenko	134d33c218	Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.	5 years ago
Adam Ierymenko	7c3166e9be	Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.	5 years ago
Grant Limberg	20721491e8	kill some noisy logs	5 years ago
Grant Limberg	9eae444104	kill some verbose logs	5 years ago
Adam Ierymenko	576b4f03a5	Adjust deauth time window and send revocation when SSO members expire.	5 years ago
Adam Ierymenko	461810b06a	Move return so record gets created before URL.	5 years ago
Grant Limberg	613d7b5ece	fix backwards logic	5 years ago
Adam Ierymenko	663e748b8d	Deauth expiring members right away.	5 years ago
Adam Ierymenko	0cf62d334d	Remove pointless check.	5 years ago
Adam Ierymenko	0310bfa3e3	Include authentication URL in config	5 years ago
Adam Ierymenko	efe0e8aa7b	Notification of about-to-expire status... almost there.	5 years ago
Adam Ierymenko	34de579c91	Handling of soon-to-expire members	5 years ago
Grant Limberg	10215af96d	whoops	5 years ago
Grant Limberg	e67fee0264	debug logging	5 years ago
Grant Limberg	364ad87e2b	add ssoEnabled flag to network config	5 years ago
Grant Limberg	e6b4fb5af7	add "ssoRedirectURL" to local.conf ... plumbed it through to the central controller code	5 years ago
Adam Ierymenko	1dfe909bab	Increase authentication URL sizes.	5 years ago
Grant Limberg	74a678c1e1	chicken or egg problem. ... member must exist in the database before we can generate a nonce & SSO URL	5 years ago
Grant Limberg	f27d193cf6	.	5 years ago
Grant Limberg	7ca2ecb421	put expiry time back on nc object	5 years ago
Grant Limberg	0702e581a1	remove some noisy log lines & fix a query error	5 years ago
Grant Limberg	c78792a705	moar temporary debug printfs	5 years ago
Grant Limberg	287c19e822	move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not	5 years ago
Grant Limberg	4f521baafd	Big SSO update ... make things hopefully work	5 years ago
Grant Limberg	fc6d90a04a	set the correct default	5 years ago
Grant Limberg	d2f1d05a06	handle cases where authenticationURL and authenticationExpiryTime don't exist	5 years ago
Adam Ierymenko	c470c6255e	Postgres code for SSO (almost certainly needs work)	5 years ago
Adam Ierymenko	6b3a7ec827	Fix a few things...	5 years ago
Adam Ierymenko	1ce71f9dc0	Build fix.	5 years ago
Adam Ierymenko	18508b5a2e	Build fix.	5 years ago
Adam Ierymenko	621898f3c5	Forgot to set auth info in NetworkConfig.	5 years ago
Adam Ierymenko	2c1d7f3dcc	CLI printing of URL.	5 years ago
Adam Ierymenko	b270d527f4	Basic plumbing for authentication requirement and piping through of URL information.	5 years ago