self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-22 02:03:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
2050 commits 3216 branches 4173 tags 1.3 GiB
Commit graph

373 commits

Author SHA1 Message Date
Ev Kontsevoy 2035ace860 Dead code elimination and more comments 
This commit does not change the behavior
 2016-12-30 12:30:55 -08:00
Ev Kontsevoy ed8604f757 Semi-serious connection overhaul of Teleport SSH 
- Added idle timeout handling to every SSH connection.
- A bit of code refactoring (removing unused code paths)

Most importantly:

Added a custom SSH handshake between SSH Teleport proxies
and SSH Teleport servers. This handshake sends a custom JSON payload
from a proxy to a server, allowing to exchange additional information,
like the true IP of a client.
 2016-12-30 01:21:28 -08:00
Ev Kontsevoy 4ed536a2f0 First pass at cleaning up DynamoDB and locks 
- Added ability to read AWS config from `~/.aws` directory for testing
- Fixed TTL bug in DynamoDB back-end
- Made FS back-end return similar error types as Boltdb does
- Cleaned up buggy tests for DynamoDB
- Removed unnecessary locks everywhere in code
 2016-12-27 00:12:59 -08:00
Ev Kontsevoy 5df0cf03c7 Merge branch 'master' into sasha/dynamic 2016-12-25 00:37:38 -08:00
Sasha Klizhentas 629d837064 pass token TTL, fixes #660 2016-12-24 15:53:56 -08:00
Sasha Klizhentas 8ab3add372 map OIDC scopes to roles, implements #620 2016-12-24 14:42:33 -08:00
Sasha Klizhentas d214f5d5e2 address code review comments 2016-12-22 19:06:07 -08:00
Sasha Klizhentas e054fd0fb0 fix more tests 2016-12-21 15:43:59 -08:00
Sasha Klizhentas c8217f6d35 add missing pieces 2016-12-21 14:58:26 -08:00
Sasha Klizhentas aa41f032a3 more fixes 2016-12-20 14:01:46 -08:00
Sasha Klizhentas 4222822a4e cover lock logic by tests and fix some bugs 2016-12-20 12:27:20 -08:00
Sasha Klizhentas dfd58dccb6 several fixes 2016-12-20 11:04:11 -08:00
Sasha Klizhentas b87bef2378 create default namespace on start 2016-12-19 09:48:55 -08:00
Sasha Klizhentas 5abf6d44d5 continue fixing tests and code 2016-12-18 16:58:53 -08:00
Sasha Klizhentas cb143dab46 ssh server tests recovered 2016-12-18 13:36:02 -08:00
Sasha Klizhentas 13d61781b7 recover auth server tests 2016-12-18 12:00:17 -08:00
Sasha Klizhentas 1fee2980f2 login attempts fix 2016-12-16 19:33:18 -08:00
Sasha Klizhentas 66a52519fc recovered more tests 2016-12-16 15:22:34 -08:00
Sasha Klizhentas 5755f7f74f recovering tests 2016-12-16 13:57:13 -08:00
Sasha Klizhentas cedacb92aa migrate users, add role per user 2016-12-16 11:25:17 -08:00
Sasha Klizhentas 4ce3a7992c fix OIDC 2016-12-16 09:02:31 -08:00
Sasha Klizhentas 44e9580041 add bunch of notest 2016-12-15 20:12:17 -08:00
Sasha Klizhentas e513a789c5 Add signing constraints 2016-12-15 20:08:48 -08:00
Sasha Klizhentas 4f7ddfed92 Integrate roles with auth server 2016-12-15 17:10:43 -08:00
Sasha Klizhentas eae8c2a00d fix 2016-12-15 09:42:44 -08:00
Sasha Klizhentas c56ae26635 more work 2016-12-14 18:16:00 -08:00
Sasha Klizhentas 2dceb42547 Merge branch 'master' into sasha/rbac 2016-12-14 16:36:55 -08:00
Sasha Klizhentas 7e97b10032 add support for namespaces almost everywhere 2016-12-14 15:48:36 -08:00
Sasha Klizhentas f8be49d3db apiserver work and refactoring 2016-12-13 18:18:44 -08:00
Sasha Klizhentas 698e615fd7 make API backwards compatible with pre-namespaces 2016-12-13 14:20:52 -08:00
Sasha Klizhentas 9cba8efd32 APIServer refactoring 2016-12-12 19:26:59 -08:00
Sasha Klizhentas 3678cf56e0 new permission checking system 2016-12-11 16:52:22 -08:00
jcj83429 2e43b34f30 Merge branch 'master' into u2f-devel 2016-12-10 20:50:11 -08:00
jcj83429 f2e589ee53 fix hiding of u2f-related things in web ui when u2f is disabled 2016-12-10 20:01:12 -08:00
Sasha Klizhentas 0f4db522b9 add interface support 2016-12-09 17:31:05 -08:00
jcj83429 a81164a86e mocku2f: add support for different key handles 
and general code cleanup
 2016-12-09 15:44:15 -08:00
jcj83429 4920164616 add comments to U2F related functions in tun.go 2016-12-09 14:50:00 -08:00
jcj83429 3771689d2e new_web_user.go: use trace.DebugReport to log error 2016-12-09 14:43:27 -08:00
jcj83429 0f113f18bd new_web_user.go: rename u2fRegReq -> request 2016-12-09 14:11:48 -08:00
jcj83429 c9ebd8ce3e new_web_user.go: avoid repeatedly constructing lock path 2016-12-09 14:11:05 -08:00
Alex Charles 75a95a7916 mocku2f uses trace for err handling 2016-12-08 02:32:07 -08:00
Alex Charles 9e743f803a Some cleanup for PR. Mostly appId -> appID, U2f -> U2F 2016-12-08 02:23:51 -08:00
jcj83429 0274afba8d group the u2f configs in auth_service 
OLD:
auth_service:
  u2fappid: https://mycorp.com/appid.js
  u2ftrustedfacets:
  - https://proxy1.mycorp.com:3080
  - https://proxy2.mycorp.com:3080

NEW:
auth_service:
  u2f:
    enabled: yes
    appid: https://mycorp.com/appid.js
    facets:
    - https://proxy1.mycorp.com:3080
    - https://proxy2.mycorp.com:3080
 2016-12-07 19:37:22 -08:00
jcj83429 0f0cea1009 rename web APIs 
signinpreauth -> signin/preauth
u2f/inviteregisterrequest -> u2f/signuptokens
u2f/newuser -> u2f/users
u2f/signrequest/:user -> u2f/users/:user/sign
 2016-12-07 17:25:16 -08:00
Sasha Klizhentas 6a9b847c56 move test 2016-12-06 17:03:22 -08:00
Sasha Klizhentas f3a3104934 lift permission restriction 2016-12-06 16:43:43 -08:00
Sasha Klizhentas ab19c70032 implement cert gen CLI tool 2016-12-06 10:43:19 -08:00
Jay ade8b1dc7b Fixed merge conflicts with original repository 2016-11-30 17:08:20 -08:00
Jay b06d3c5f98 Fixed Format for Merging 2016-11-30 16:41:07 -08:00
jcj83429 06b33cca59 rename u2f apis to remove underscores 2016-11-30 12:05:50 -08:00