Grant Limberg
|
fa21fdc1cc
|
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
|
4 years ago |
|
Grant Limberg
|
43433cdb5a
|
integrate rust build of zeroidc to linux
|
4 years ago |
|
Grant Limberg
|
8d39c9a861
|
plumbing full flow from controller -> client network
|
4 years ago |
|
Grant Limberg
|
3818351287
|
use pqxx::pipeline for online update thread
|
5 years ago |
|
Grant Limberg
|
4d26b5a868
|
no reason for this to be a pointer
|
5 years ago |
|
Grant Limberg
|
ac0dc7844f
|
rework commit thread & some connection pool borrowing issues
|
5 years ago |
Adam Ierymenko
|
eabe091038
|
Backport only the COM mitigation instead of everything from 1.8
|
5 years ago |
|
Adam Ierymenko
|
75a45eeb27
|
Revert "Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed."
This reverts commit 48ce7632fa.
|
5 years ago |
|
Adam Ierymenko
|
48ce7632fa
|
Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed.
|
5 years ago |
|
Adam Ierymenko
|
134d33c218
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
5 years ago |
|
Grant Limberg
|
46adc1f059
|
ifdef this out
|
5 years ago |
|
Grant Limberg
|
9002555596
|
ensure count > 0
|
5 years ago |
|
Adam Ierymenko
|
7c3166e9be
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
5 years ago |
|
Grant Limberg
|
a20a290836
|
ifdef this out
|
5 years ago |
|
Grant Limberg
|
83265768c1
|
ensure count > 0
|
5 years ago |
|
Grant Limberg
|
c3a42bf590
|
remove heartbeat log
|
5 years ago |
|
Grant Limberg
|
8b95afa96a
|
logging
|
5 years ago |
|
Grant Limberg
|
6a49a766ca
|
logging
|
5 years ago |
|
Grant Limberg
|
16ff14bda7
|
identify controller in pool stats
|
5 years ago |
|
Grant Limberg
|
57c1d96b71
|
math
|
5 years ago |
|
Grant Limberg
|
40f376e2b9
|
print db pool stats periodically
|
5 years ago |
|
Grant Limberg
|
dc61f78916
|
set psql application_name in startup script
|
5 years ago |
|
Grant Limberg
|
a2ffe8c05e
|
dont generate nonce for deleted members
|
5 years ago |
|
Grant Limberg
|
d0f4cfe6b4
|
print load status messages a little less often now that things go brrrrrrrrr
|
5 years ago |
|
Grant Limberg
|
3ec23f92ec
|
helps to add part of the query
|
5 years ago |
|
Grant Limberg
|
6baac1b4e0
|
more query optimizations
|
5 years ago |
|
Grant Limberg
|
50b0b2e2e9
|
query optimization
|
5 years ago |
|
Grant Limberg
|
20721491e8
|
kill some noisy logs
|
5 years ago |
|
Grant Limberg
|
eec46a137e
|
optimize data loading from psql on startup
|
5 years ago |
|
Grant Limberg
|
9eae444104
|
kill some verbose logs
|
5 years ago |
|
Adam Ierymenko
|
576b4f03a5
|
Adjust deauth time window and send revocation when SSO members expire.
|
5 years ago |
|
Adam Ierymenko
|
461810b06a
|
Move return so record gets created before URL.
|
5 years ago |
|
Grant Limberg
|
613d7b5ece
|
fix backwards logic
|
5 years ago |
|
Adam Ierymenko
|
c101d71d7c
|
Tweak auth timeout notify.
|
5 years ago |
|
Adam Ierymenko
|
663e748b8d
|
Deauth expiring members right away.
|
5 years ago |
|
Adam Ierymenko
|
0cf62d334d
|
Remove pointless check.
|
5 years ago |
|
Adam Ierymenko
|
0872012cd9
|
small fix
|
5 years ago |
|
Adam Ierymenko
|
c2d8fe46d5
|
About ready to test notify of SSO timeout...
|
5 years ago |
|
Adam Ierymenko
|
0310bfa3e3
|
Include authentication URL in config
|
5 years ago |
|
Adam Ierymenko
|
efe0e8aa7b
|
Notification of about-to-expire status... almost there.
|
5 years ago |
|
Adam Ierymenko
|
34de579c91
|
Handling of soon-to-expire members
|
5 years ago |
|
Grant Limberg
|
73ddea8864
|
use network ID, not controller ID for looking up network data
|
5 years ago |
|
Grant Limberg
|
10215af96d
|
whoops
|
5 years ago |
|
Grant Limberg
|
e67fee0264
|
debug logging
|
5 years ago |
|
Grant Limberg
|
5ece4f734a
|
fix error message
|
5 years ago |
|
Grant Limberg
|
f8ea7fdc2b
|
Fix for GitHub #859
Wrong DB::get() method being called to look up the network member for deletes
|
5 years ago |
|
Grant Limberg
|
364ad87e2b
|
add ssoEnabled flag to network config
|
5 years ago |
|
Grant Limberg
|
9380ef708a
|
debug strings & query fixes
|
5 years ago |
|
Grant Limberg
|
fd174b3459
|
fix auth time lookup
|
5 years ago |
|
Grant Limberg
|
21d27c314c
|
HMACSHA384 the nonce bytes, not the hex encoded nonce bytes
|
5 years ago |
