mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
399 commits 17 branches 59 tags 246 MiB
Commit graph

152 commits

Author SHA1 Message Date
Firstyear ea34dc08a9
Add email syntax (#465) 
Part one of #461 - this adds the syntax to support email addresses and validation of their content, and a method to serialise to the DB that can be extended with attribute tagging in the future. Part two will address administration of these values.
 2021-06-12 10:01:44 +10:00
Firstyear 7da4fa9d7e
Add some openid stubs (#464) 2021-06-05 15:41:42 +10:00
Firstyear 2493dad4fb
Add auth docs (#463) 2021-06-02 09:42:40 +10:00
Firstyear 807af81184
64 120 session claims (#462) 2021-06-02 09:30:37 +10:00
Firstyear 033b977906
Add ldap vattr mapping (#459) 2021-05-29 12:50:16 +10:00
Firstyear e8b1089bfd
414 clear stale credentials (#447) 2021-05-26 16:11:00 +10:00
Firstyear d1f2d197eb
Fix multivalue setting of description attribute (#457) 2021-05-24 12:51:56 +10:00
James Hodgkinson 6ef4ad616a
simpler ip logging (#454) 2021-05-23 10:15:21 +10:00
James Hodgkinson ca446ddca5
I might have become clippy this time (#449) 
* clippiness

* it is really handy that we have tests

* it is still really handy that we have tests
 2021-05-22 14:48:08 +10:00
James Hodgkinson 35c1de4c45
Calming clippy's nerves, Friday edition (#448) 
* whoa clippy you are very helpful
 2021-05-21 16:35:09 +10:00
Firstyear 9d5296a34b
This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) 2021-05-19 18:49:31 +10:00
James Hodgkinson 1229669785
adding env vars, making clippy happier, cleaning up some error messages (#438) 2021-05-09 22:06:58 +10:00
Firstyear e88ac01aca
20210509 cleanup clippy and audit name (#437) 2021-05-09 22:06:04 +10:00
Firstyear ebdebcaef8
277 radius pw not accept for main pw (#435) 2021-05-07 13:01:13 +10:00
Firstyear 6901a5a545
Orca - a load testing framework for Kanidm (#431) 2021-05-06 21:15:12 +10:00
Firstyear 644eb0b0d6
Add verification of name indexes (#433) 2021-05-06 21:12:02 +10:00
Firstyear 1eb777485e
Add ability to pick a server role (#432) 2021-05-06 20:58:22 +10:00
James Hodgkinson e6f34d5dc5
Adding a new verb group remove_members (#434) 
Co-authored-by: William Brown <william@blackhats.net.au>
 2021-05-06 20:47:28 +10:00
vcwai 2bd8606cb6
397 Caching password badlist (#425) 2021-05-05 14:38:32 +10:00
James Hodgkinson 77381c1a2a
User feedback improvements, also handling a permissions issue (#424) 2021-04-26 11:52:13 +10:00
William Brown f9dd0a78dc Fix concat issue 2021-04-25 11:41:50 +10:00
James Hodgkinson de431451f4
Making clippy happy (#420) 2021-04-25 11:35:56 +10:00
Firstyear 6f222f6408
62 idm qs cleanup (#419) 2021-04-25 11:35:02 +10:00
Firstyear 8da89613e3
Rough working login page (#417) 2021-04-24 10:53:19 +10:00
James Hodgkinson f97a3bf596
Make clippy happy (#415) 2021-04-19 10:20:24 +10:00
James Hodgkinson 1f991c84da
More debug messages (#413) 2021-04-16 10:49:24 +10:00
Firstyear 72dfe1b035
Idlset2, query cache, acp resolve cache (#409) 2021-04-14 09:56:40 +10:00
Firstyear 19ce30a5ef
Add lto thin (#410) 2021-04-13 12:04:27 +10:00
James Hodgkinson af1081e878
phrasing (#401) 2021-04-06 10:10:13 +10:00
William Brown b3b48b6c43 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:20 +10:00
William Brown 9bf4b0f052 Release Prep 2021-04-01 10:29:09 +10:00
Firstyear 988944a085
Add auth session header type (#398) 2021-04-01 07:14:15 +10:00
vcwai 8a2f3b65ec
Add badlist checking when using password login (#394) 2021-03-31 11:19:03 +10:00
Firstyear 6bc719cdb2
Base web UI (#391) 
Initial web ui (not-functional yet)
 2021-03-26 11:22:00 +10:00
Firstyear a22c8efe9e
Fix posix extend to correctly remove the matching attribute during set. (#387) 2021-03-25 10:33:37 +10:00
Firstyear db3904759d
fix displayname (#390) 2021-03-23 19:14:04 +10:00
OttoHollmann 8eb2bd9ee1
Fix Dockerfile to check return values. (#389) 2021-03-23 09:34:40 +10:00
Firstyear 29c0481cb2
Correctly return displayname (#386) 2021-03-23 09:27:01 +10:00
William Brown e1cbd325a5 Update sshkeys to resolve ssh issue 2021-03-15 10:20:54 +10:00
Firstyear adb3f819ba
Add the unixd tasks daemon (#349) 
Fixes #180 - this adds an oddjobd style tasks daemon to the unix tools. This supports creation of home directories and the maintenance of alias symlinks to these allowing user renames. The tasks daemon is written to require root, but is seperate from the unixd daemon. Communication is via a root-only unix socket that the task daemon connects into to reduce the possibility of exploit.

Fixes #369 due to the changes to call_daemon_blocking
 2021-03-13 12:33:15 +10:00
Firstyear d2ca2c5bc9
Fix pattern to match substr from ldap (#372) 2021-03-12 10:11:12 +10:00
Firstyear ff61c37ae3
Add credential display command (#370) 
Fixes #364 - this adds a credential display command to the cli, and the api so it can be used later.
 2021-03-11 11:17:13 +10:00
Firstyear dd1945dd0d
363 scaling benchmarks (#366) 
Starts on #363, adding initial scaling tests and benchmarks. Generally this is a pretty big clean up of macros and some testing elements too.
 2021-02-23 18:10:59 +10:00
Firstyear 1fb5ec8bf2
vacuum (#365) 
Fixes #362 moves vacuum to a dedicated task. This is needed as previous vacuuming on startup on large databases could cause the server to fail to start. By making this a task it avoids this error case, and makes the vacuum more predictable, and only run when required.
 2021-02-21 15:04:58 +10:00
Firstyear 3137e3d682
Complete MFA and Webauthn handlers (#360) 
Fixes #357 - this allows the password MFA handler to correct handle a mixed totp or webauthn credential with passwords. This is likely the "majority" of accounts we will see on the service.
 2021-02-20 12:41:22 +10:00
William Brown 483aa6f23d Update build 2021-02-17 18:49:03 +10:00
Firstyear f710e66f64
356 Use tls chain file (#358) 
Fixes #356 - this changes from a split ca_chain/cert configuration to a single chain file. This allows rustls in tide-rustls to present the chain correctly, and allows openssl for ldaps to present the chain correctly too. it also simplifies integration to lets encrypt which provides a chain and key file by default.
 2021-02-16 11:40:25 +10:00
William Brown 9bd54dbebe Move jemalloc to runtime only 2021-02-13 16:32:04 +10:00
Firstyear 6c79914395
306 command complete (#354) 
Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
 2021-02-13 13:46:22 +10:00
Firstyear d745b15768
Use jemallocator in main server (#353) 2021-02-10 15:08:22 +10:00