a-c-m
/
community.crypto
mirror of https://github.com/ansible-collections/community.crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
645 Commits
3 Branches
90 Tags
24 MiB
Commit Graph

39 Commits (9614b09f7a5b744ebb59e9a1b82cb301dc3859cd)

Author SHA1 Message Date
Felix Fontein 9614b09f7a
Add function for retrieval of ARI information. (#738) 2024-04-29 23:37:55 +02:00
Felix Fontein af5f4b57f8
acme module utils: add functions for parsing Retry-After header values and computation of ARI certificate IDs (#737) 
* Implement Retry-After value parse.

* Add cert ID computation function.

* Add tests and links to MDN.
 2024-04-29 23:06:35 +02:00
Felix Fontein c6fbe58382
Implement certificate information retrieval code in the ACME backends. (#736) 2024-04-29 22:29:43 +02:00
Felix Fontein afe7f7522c
Split up the default acme docs fragment to allow modules ot not need account data. (#735) 2024-04-29 22:22:38 +02:00
Felix Fontein ae548de502
Use timezone aware functionality when using cryptography >= 42.0.0 (#727) 
* Use timezone aware functionality when using cryptography >= 42.0.0.

* Adjust OpenSSH certificate code to avoid functions deprecated in Python 3.12.

* Strip timezone info from isoformat() output.

* InvalidityDate.invalidity_date currently has no _utc variant.
 2024-04-18 05:49:53 +00:00
Felix Fontein 1b75f1aa9c
Add and use CryptoBackend.get_ordered_csr_identifiers(). (#725) 2024-04-13 22:43:14 +02:00
Felix Fontein 6b1a3d6e68
Add conversion filters for serial numbers (#713) 
* Refactoring.

* Add parse_filter and to_filter plugins.

* Mention filters when serial numbers are accepted or returned.
 2024-02-18 21:27:48 +01:00
Felix Fontein 170d837122
Increase retry count from 5 to 10. (#685) 2023-12-08 21:36:20 +01:00
Felix Fontein b5269b25a3
Improve error reporting. (#684) 2023-12-08 20:57:49 +01:00
Felix Fontein 5d5a21fddf
Directly handle unexpected non-JSON results. (#682) 2023-12-07 22:26:04 +01:00
Felix Fontein 67f1d1129b
Fix handling of non-existing ACME accounts with Digicert ACME endpoint (#681) 
* Compatibility for DigiCert CA: also accept 404 instead of 400 for non-existing accounts.

* Add changelog fragment.

* Fix URL.
 2023-12-07 22:25:54 +01:00
Felix Fontein e4ba0861e5
Retry also on certain connection errors. (#680) 2023-12-04 21:34:51 +01:00
Felix Fontein 526b3c4393
Allow type to be missing. (#652) 2023-08-21 20:49:55 +02:00
Felix Fontein d823382732
Validate challenges in parallel instead of serially. (#617) 2023-06-09 06:04:34 +02:00
Felix Fontein 9305bfe190
Fix typo. (#616) 2023-06-04 20:12:35 +02:00
Felix Fontein aea3713484
Remove unneccessary imports (#569) 
* Remove unneccessary imports.

* Add noqas.

* Add comment which name is actually ignored.
 2023-02-09 11:57:54 +01:00
Felix Fontein 9ba0e25bfe
Handle new nonce call more gracefully when it does not return nonce. (#525) 2022-11-02 08:32:01 +00:00
Felix Fontein 4533b3e934
Include symbolic HTTP status codes in error and log messages when available. (#524) 2022-10-31 21:33:27 +01:00
Felix Fontein 516be406e0
Improve import error handling for ACME modules (#519) 
* Improve import error handling for ACME modules

* Update plugins/module_utils/acme/acme.py

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
 2022-10-17 21:38:54 +02:00
Felix Fontein c24e5c63e8
acme modules: also support 503 for retries (#513) 
* Also support 503 for retries.

* Forgot to adjust status code comparison.

* Also support 408.
 2022-09-21 13:50:26 +02:00
Felix Fontein a0d862e1f1
Support 429 Too Many Requests for acme module_utils. (#508) 2022-09-19 20:10:03 +02:00
Felix Fontein fd1263c9aa
Fix some new linting errors (#499) 
* Fix some new linting errors.

* More linting errors.

ci_complete
 2022-08-12 08:34:51 +02:00
Felix Fontein 6bf3ef47e1
Move licenses to LICENSES/, use SPDX-License-Identifier, mention all licenses in galaxy.yml (#491) 
* Add SPDX license identifiers, mention all licenses in galaxy.yml.

* Add default copyright headers.

* Add headers for documents.

* Fix/add more copyright statements.

* Add copyright / license info for vendored code.

* Add extra sanity test.

* Add changelog fragment.

* Comment PSF-2.0 license out in galaxy.yml for now.

* Remove colon after 'Copyright'.

* Avoid colon after 'Copyright' in lint script.

* Mention correct filename.

* Add BSD-3-Clause.

* Improve lint script.

* Update README.

* Symlinks...
 2022-07-21 07:27:26 +02:00
Jonas Verhofsté c16d9f78b8
Make request timeout configurable for all acme modules (#448) 
* Make request timeout configurable for all acme modules

Fixes #447.

* Log change made in #448
 2022-05-03 17:29:38 +02:00
Felix Fontein 62272296da
Small docs improvements (#374) 
* Small improvements.

* Document behavior changes.
 2022-01-10 12:05:09 +00:00
Felix Fontein a539cd6939
Prepare for distutils.version being removed in Python 3.12 (#353) 
* Prepare for distutils.version being removed in Python 2.12.

* Fix copy'n'paste error.

* Re-add Loose prefix.

* Fix Python version typo.

* Improve formulation.

* Move message into own line.

* Fix casing, now that the object is no longer called Version.
 2021-12-24 11:28:14 +01:00
Felix Fontein 5de50b9f91
Fix compatibility to fetch_url change in ansible-core devel (#339) 
* Fix compatibility to fetch_url change in ansible-core devel.

* Adjust tests.
 2021-11-17 21:26:49 +01:00
Felix Fontein 51b6bb210d
acme_certificate: fix crash when using fullchain_dest (#324) 
* Fix crash when using fullchain_dest.

* Adjust changelog.

* Update plugins/module_utils/acme/backend_cryptography.py

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
 2021-11-05 08:51:43 +01:00
Felix Fontein 589e7c72ef
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) 
* Allow to specify subject (for CSRs) and issuer (for CRLs) ordered.

* Forgot import.

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Fix typo.

* Simplify error handling, reject empty values outright.

* Document d497231e1c.

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
 2021-10-31 15:05:04 +01:00
Felix Fontein a581f1ebcd
Remove other deprecations (#290) 
* Remove deprecated redirects.

* Remove deprecations.

* Add changelog fragment.

* Add some forgotten pieces.

* Bump version to 2.0.0.

* Fix formulation.
 2021-10-16 21:00:48 +02:00
Felix Fontein 871a185ecb
Remove vendored copy of ipaddress (#287) 
* Remove vendored copy of ipaddress.

* Forgot an import.

* Remove sanity ignores and checks related to ipaddress.

* Remove octal IPv4 address.

Such IPs are no longer accepted by ipaddress in Python's standard library (CVE-2021-29921).

* Remove unused import.

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
 2021-10-06 14:53:40 +02:00
Felix Fontein 04958ece31
Deprecate ACME v1 (#288) 
* Deprecate ACME v1.

* Fix syntax error.
 2021-09-29 06:44:31 +02:00
Felix Fontein 598cdf0a21
Older openssl versions (1.0.1/1.0.2) do not seem to support '-' for /dev/stdin. (#279) 2021-09-15 20:42:52 +02:00
Felix Fontein 9658a34605
Replace ansible.module_utils._text by ansible.module_utils.common.text.converters. (#253) 2021-06-26 13:45:28 +02:00
Felix Fontein f4334d7307
acme_* modules: make sure 'meta' is always in directory (#221) 
* Make sure 'meta' is always in directory.

* Update plugins/module_utils/acme/acme.py
 2021-04-28 07:31:06 +02:00
Felix Fontein 0e1f0fd730
ACME exception fixes (#217) 
* Fix wrong usages of ACMEProtocolException.

* Add changelog fragment.

* Fix error handling when content could not be decoded.

* Make sure that content_json is a dict or None.

* Improve acme_inspect's ACMEProtocolException handling.

* Improve error handling.

* Add tests.

* Fix challenge error.

* Add challenges tests.

* Provide content if available.

* Add some order tests.

* Linting.
 2021-04-11 14:44:44 +02:00
Felix Fontein f5fd5fdf5b
acme: improve error handling in backend's parse_key() (#208) 
* Improve error handling in backend's parse_key().

* Adjust unit tests.
 2021-03-22 07:30:06 +01:00
Felix Fontein e85554827f
acme_* modules: support private key passprases (#207) 
* Support private key passprases.

* Use c.c modules for key generation, add first passphrase tests.

* Some more passphrase tests.
 2021-03-21 17:53:20 +01:00
Felix Fontein 5d32937321
ACME modules refactor (#187) 
* Move acme.py to acme/__init__.py to prepare splitup.

* Began moving generic code out.

* Creating backends.

* Update unit tests.

* Move remaining new code out.

* Use new interface.

* Rewrite module init code.

* Add changelog.

* Add BackendException for crypto backend errors.

* Improve / uniformize ACME error reporting.

* Create ACMELegacyAccount for backwards compatibility.

* Split up ACMEAccount into ACMEClient and ACMEAccount.

* Move get_keyauthorization into module_utils.acme.challenges.

* Improve error handling.

* Move challenge and authorization handling code into module_utils.

* Add split_identifier helper.

* Move order code into module_utils.

* Move ACME v2 certificate handling code to module_utils.

* Fix/move ACME v1 certificate retrieval to module_utils as well.

* Refactor alternate chain handling code by splitting it up into simpler functions.

* Make chain matcher creation part of backend.
 2021-03-21 09:40:25 +01:00