Grant Limberg
|
fa21fdc1cc
|
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
|
4 years ago |
|
Grant Limberg
|
43433cdb5a
|
integrate rust build of zeroidc to linux
|
4 years ago |
|
Grant Limberg
|
8d39c9a861
|
plumbing full flow from controller -> client network
|
4 years ago |
Adam Ierymenko
|
eabe091038
|
Backport only the COM mitigation instead of everything from 1.8
|
5 years ago |
|
Adam Ierymenko
|
75a45eeb27
|
Revert "Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed."
This reverts commit 48ce7632fa.
|
5 years ago |
|
Adam Ierymenko
|
48ce7632fa
|
Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed.
|
5 years ago |
|
Adam Ierymenko
|
134d33c218
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
5 years ago |
|
Adam Ierymenko
|
7c3166e9be
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
5 years ago |
|
Grant Limberg
|
20721491e8
|
kill some noisy logs
|
5 years ago |
|
Grant Limberg
|
9eae444104
|
kill some verbose logs
|
5 years ago |
|
Adam Ierymenko
|
576b4f03a5
|
Adjust deauth time window and send revocation when SSO members expire.
|
5 years ago |
|
Adam Ierymenko
|
461810b06a
|
Move return so record gets created before URL.
|
5 years ago |
|
Grant Limberg
|
613d7b5ece
|
fix backwards logic
|
5 years ago |
|
Adam Ierymenko
|
663e748b8d
|
Deauth expiring members right away.
|
5 years ago |
|
Adam Ierymenko
|
0cf62d334d
|
Remove pointless check.
|
5 years ago |
|
Adam Ierymenko
|
0310bfa3e3
|
Include authentication URL in config
|
5 years ago |
|
Adam Ierymenko
|
efe0e8aa7b
|
Notification of about-to-expire status... almost there.
|
5 years ago |
|
Adam Ierymenko
|
34de579c91
|
Handling of soon-to-expire members
|
5 years ago |
|
Grant Limberg
|
10215af96d
|
whoops
|
5 years ago |
|
Grant Limberg
|
e67fee0264
|
debug logging
|
5 years ago |
|
Grant Limberg
|
364ad87e2b
|
add ssoEnabled flag to network config
|
5 years ago |
|
Grant Limberg
|
e6b4fb5af7
|
add "ssoRedirectURL" to local.conf
plumbed it through to the central controller code
|
5 years ago |
|
Adam Ierymenko
|
1dfe909bab
|
Increase authentication URL sizes.
|
5 years ago |
|
Grant Limberg
|
74a678c1e1
|
chicken or egg problem.
member must exist in the database before we can generate a nonce & SSO URL
|
5 years ago |
|
Grant Limberg
|
f27d193cf6
|
.
|
5 years ago |
|
Grant Limberg
|
7ca2ecb421
|
put expiry time back on nc object
|
5 years ago |
|
Grant Limberg
|
0702e581a1
|
remove some noisy log lines & fix a query error
|
5 years ago |
|
Grant Limberg
|
c78792a705
|
moar temporary debug printfs
|
5 years ago |
|
Grant Limberg
|
287c19e822
|
move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not
|
5 years ago |
|
Grant Limberg
|
4f521baafd
|
Big SSO update
make things hopefully work
|
5 years ago |
|
Grant Limberg
|
fc6d90a04a
|
set the correct default
|
5 years ago |
|
Grant Limberg
|
d2f1d05a06
|
handle cases where authenticationURL and authenticationExpiryTime don't exist
|
5 years ago |
|
Adam Ierymenko
|
c470c6255e
|
Postgres code for SSO (almost certainly needs work)
|
5 years ago |
|
Adam Ierymenko
|
6b3a7ec827
|
Fix a few things...
|
5 years ago |
|
Adam Ierymenko
|
1ce71f9dc0
|
Build fix.
|
5 years ago |
|
Adam Ierymenko
|
18508b5a2e
|
Build fix.
|
5 years ago |
|
Adam Ierymenko
|
621898f3c5
|
Forgot to set auth info in NetworkConfig.
|
5 years ago |
|
Adam Ierymenko
|
2c1d7f3dcc
|
CLI printing of URL.
|
5 years ago |
|
Adam Ierymenko
|
b270d527f4
|
Basic plumbing for authentication requirement and piping through of URL information.
|
5 years ago |
|
Grant Limberg
|
ff23d3051f
|
self hosted controller JSON format fix for DNS
|
6 years ago |
|
Adam Ierymenko
|
06730c7d1d
|
BSL date bump
|
6 years ago |
|
Grant Limberg
|
c0c215c83c
|
single dns config per network
|
6 years ago |
|
Grant Limberg
|
058d888311
|
More debug logging cleanup
|
6 years ago |
|
Grant Limberg
|
6868e98904
|
Get stuff building on Windows
Been a minute since any of this has been updated
|
6 years ago |
|
Grant Limberg
|
88a3c685fb
|
latest
|
6 years ago |
|
Grant Limberg
|
2e52a1eebf
|
forgot a couple queries in postgres. trying to pull dns of member not network in embedded network controller
also some debug logging
|
6 years ago |
|
Grant Limberg
|
387039456d
|
Pass 1 at adding DNS to controller
|
6 years ago |
Suad Halilovic
|
ffebcd247f
|
2020/07/16, Minor optmizations
|
6 years ago |
|
Grant Limberg
|
154470b570
|
add original hiredis
|
6 years ago |
|
Grant Limberg
|
73b1d57b13
|
rip out rabbitMQ
|
6 years ago |
