Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS With Certificate Management for PVXS #92

Draft
wants to merge 350 commits into
base: tls
Choose a base branch
from
Draft
Changes from 1 commit
Commits
Show all changes
350 commits
Select commit Hold shift + click to select a range
2cdd672
copy instead of reference bug
george-mcintyre Sep 19, 2024
d11921b
Enable client stapling support
george-mcintyre Sep 19, 2024
5e1f56c
Enable client stapling support
george-mcintyre Sep 19, 2024
c76679d
Enable client stapling support
george-mcintyre Sep 19, 2024
f10048d
Enable client stapling support
george-mcintyre Sep 19, 2024
45be963
Better ccr
george-mcintyre Sep 21, 2024
2ba88c1
Add OCSP callback and implement certificate status management improve…
george-mcintyre Sep 24, 2024
39c1925
Refactor TLS status handling and logging improvements
george-mcintyre Sep 27, 2024
73bf10b
Refactor TLS status handling and logging improvements
george-mcintyre Sep 27, 2024
7d1e969
Add `CertifiedCertificateStatus` struct and simplify test code
george-mcintyre Sep 28, 2024
0163d4f
Refactor status posting logic and add CertifiedCertificateStatus chec…
george-mcintyre Sep 28, 2024
00db4b5
Refactored code to replace `CertificateStatus` with `PVACertificateSt…
george-mcintyre Sep 29, 2024
3b53593
Refactor CertificateStatus handling and rename UncertifiedCertificate…
george-mcintyre Sep 29, 2024
e5cd51c
Improve Certificate Status Comparison and Enhance Test Naming
george-mcintyre Sep 30, 2024
bb9dfc2
Add operator overloads for certificate status comparisons
george-mcintyre Sep 30, 2024
b98d483
Formatting and more status operators
george-mcintyre Sep 30, 2024
50054c6
Formatting and more status operators
george-mcintyre Sep 30, 2024
8e257de
Refactor Certificate Status Handling
george-mcintyre Oct 1, 2024
2ac5c61
- Refactored `postCertificateStatus` to use `cloneEmpty` method for s…
george-mcintyre Oct 1, 2024
c4a16df
Add test for TLS with CMS setup and related utilities
george-mcintyre Oct 6, 2024
30558f2
Add optional TLS stapling disable toggle and improve logging
george-mcintyre Oct 7, 2024
7f2a4f9
Add conditional OpenSSL checks and stop functionality for file watche…
george-mcintyre Oct 7, 2024
e80a6d3
Add 'running' state management to P12FileWatcher class
george-mcintyre Oct 7, 2024
ab6ad6a
Add new TLS tests with stapling and CMS
george-mcintyre Oct 7, 2024
f507dd9
Remove testtlswithstapling and improve OCSP stapling debug messages.
george-mcintyre Oct 7, 2024
c5837e9
Refactor TLS and OCSP Handling for Clients and Servers
george-mcintyre Oct 8, 2024
8c03d31
Add early return in serverOCSPCallback for non-stapling requests
george-mcintyre Oct 8, 2024
2d9c639
Refactor TLS and OCSP handling for clarity and consistency
george-mcintyre Oct 8, 2024
6d1f462
Update IOC certificate from IOC to IOC1 and add detailed documentatio…
george-mcintyre Oct 9, 2024
fac7de4
Update testPlan count from 136 to 142 in testtlswithcmsandstapling.cpp
george-mcintyre Oct 9, 2024
abc590e
Add detailed documentation for certificate testing code
george-mcintyre Oct 10, 2024
c73c9db
Refactor CMS status requests and enhance SSL context handling
george-mcintyre Oct 12, 2024
f417ca0
Refactor and enhance certificate status management
george-mcintyre Oct 12, 2024
89fb186
Add certificate verification callback with peer status monitoring (cl…
george-mcintyre Oct 12, 2024
26d6e0c
Add Windows support and improve SSL peer status management
george-mcintyre Oct 13, 2024
8201b0e
Update .gitignore to include additional IDE, build, and test files
george-mcintyre Oct 13, 2024
f257a53
Add tests for TLS backwards compatibility in client and server config…
george-mcintyre Oct 13, 2024
9205ce5
Refactor certificate status handling in tests
george-mcintyre Oct 13, 2024
cbe145b
Refactored test case variables and added reset and validation macros …
george-mcintyre Oct 14, 2024
147a156
Refactor Certificate Status Management and Add Enhanced Tests
george-mcintyre Oct 14, 2024
9617ed7
Add CA certificate status handling and logging improvements
george-mcintyre Oct 15, 2024
5982a57
"Refactor TLS configuration: standardize status check and stapling se…
george-mcintyre Oct 15, 2024
f043c57
Format code and fix minor formatting issues in test files and CertSta…
george-mcintyre Oct 15, 2024
9316952
Add null check in ServerSource::onCreate and initialize is_initialize…
george-mcintyre Oct 15, 2024
7b9dc94
Remove timeout mechanism in PVAccess connections
george-mcintyre Oct 15, 2024
3453c78
Refactor certificate status subscription, introduce enhanced error ha…
george-mcintyre Oct 29, 2024
c13b829
Refactor certificate status management and add P12 key/cert utilities
george-mcintyre Oct 29, 2024
26f91a2
Remove redundant functions, move function definition, and rename loggers
george-mcintyre Oct 29, 2024
bf61722
Add support for additional TLS options
george-mcintyre Oct 29, 2024
d2447c4
Remove conditional OpenSSL code and simplify connection dispatch logic
george-mcintyre Oct 30, 2024
5037799
Refactor and streamline security client code and credentials handling
george-mcintyre Nov 9, 2024
d8acc59
Enhanced comments and documentation for CMS configuration and wildcar…
george-mcintyre Nov 11, 2024
cd980bb
Add secure PVAccess (SPVA) documentation and refactor certificate han…
george-mcintyre Nov 25, 2024
6ff237d
"Fix section numbering in securepva.rst documentation."
george-mcintyre Nov 25, 2024
221c55d
Update securepva documentation: add steps to fetch and build PVXS wit…
george-mcintyre Nov 25, 2024
bc23d04
Update environment variable names in securepva documentation for cons…
george-mcintyre Nov 25, 2024
8fcf6d9
Update securepva.rst and remove _log_println function
george-mcintyre Nov 25, 2024
a7937c8
Update securepva.rst documentation to clone PVXS from a specific branch.
george-mcintyre Nov 25, 2024
effd0fe
Remove superfluous sqlite header
george-mcintyre Nov 25, 2024
638486b
More portable curl library reference
george-mcintyre Nov 25, 2024
61704d8
More portable sqlite library reference
george-mcintyre Nov 25, 2024
9fe1778
Default to vanilla build
george-mcintyre Nov 25, 2024
f38dd14
cosmetic doc change
george-mcintyre Nov 25, 2024
15472b3
Update root certificate handling and improve documentation
george-mcintyre Dec 1, 2024
f527c07
Add PEMFileFactory and Enhance Certificate Handling
george-mcintyre Dec 3, 2024
46351c4
Refactor certificate file handling for enhanced modularity and extens…
george-mcintyre Dec 3, 2024
8e21e0d
Refactor Certificate Factories to Support Password and KeyPair
george-mcintyre Dec 3, 2024
3720e03
Add documentation for supported certificate formats and usage.
george-mcintyre Dec 3, 2024
25f3517
Update file extensions in pemfilefactory and fix typo in documentation
george-mcintyre Dec 3, 2024
a0e586a
Add 'false' parameter to ossl_ptr instances for proper initialization…
george-mcintyre Dec 3, 2024
a414296
Ensure file pointers in certificate-related utilities are constructed…
george-mcintyre Dec 3, 2024
6ee52eb
Add error handling to certfilefactory and better
george-mcintyre Dec 5, 2024
27a54d8
Refactor certificate management: integrate CLI11 library and enhance …
george-mcintyre Dec 6, 2024
dc9865b
Refactor cert.cpp: re-order includes, improve formatting, and add CLI…
george-mcintyre Dec 6, 2024
192dc67
Add support for TLS certificate and key management
george-mcintyre Dec 6, 2024
feb021c
Update command-line usage instructions in securepva.rst
george-mcintyre Dec 6, 2024
c1f3e5d
Refactor to use custom smart pointer type for CertFileFactory
george-mcintyre Dec 8, 2024
f973f98
Improve error message for unsupported certificate file extension by d…
george-mcintyre Dec 8, 2024
69a0b07
Remove obsolete instructions for setting library paths in securepva d…
george-mcintyre Dec 8, 2024
b7fb0d4
Refactor code formatting for improved readability
george-mcintyre Dec 8, 2024
bda7def
Refactor cert file handling to use `writeIdentityFile` method
george-mcintyre Dec 8, 2024
1f3a7f2
Rename `CertFileFactory` to `IdFileFactory` across multiple files for…
george-mcintyre Dec 8, 2024
a05203b
Implement OCSP response verification and certificate trust check enha…
george-mcintyre Dec 8, 2024
5b3bce1
Improve logging and output formatting for certificate installation
george-mcintyre Dec 8, 2024
332e65a
Clarify error message for duplicate Certificate Subject Key Identifie…
george-mcintyre Dec 8, 2024
488071c
Refactor PVACS Configuration and Setup for Improved Clarity and Funct…
george-mcintyre Dec 8, 2024
8805d9d
Refactor and clean up certificate management code
george-mcintyre Dec 9, 2024
7127067
Refactor configstd.cpp: Remove redundant variables and update pvacms …
george-mcintyre Dec 9, 2024
d5e1737
Refactored code to support authentication configuration enhancements:
george-mcintyre Dec 9, 2024
95100c3
Improve key retrieval and error messages; update documentation.
george-mcintyre Dec 9, 2024
945b370
Refactor ACF generation: simplify code and remove unused issuer ID. A…
george-mcintyre Dec 9, 2024
698ebb5
Refactor `SecurityClient::update` method to support `ASMEMBERPVT` and…
george-mcintyre Dec 9, 2024
c0d4f5b
"Update option flags and documentation for improved clarity and consi…
george-mcintyre Dec 16, 2024
1f684dc
"Refactor and enhance TLS handling with cleanup and expanded OpenSSL …
george-mcintyre Jan 4, 2025
d7a4e86
Refactor SSL context handling with `ossl_shared_ptr` and adjust TLS w…
george-mcintyre Jan 4, 2025
6b15f71
"Update test assertions to reflect incremented counter values in TLS …
george-mcintyre Jan 4, 2025
c537dbf
"Refactor and enhance OpenSSL certificate management and test cases: …
george-mcintyre Jan 5, 2025
acf877b
"Refactor TLS test behaviors and fix status validity timer in OpenSSL.
george-mcintyre Jan 5, 2025
f80acc3
"Fix validity timer initialization by adding loop.base checks and upd…
george-mcintyre Jan 5, 2025
c417588
Replace unused `tls_disable_stapling` configurations and refactor tes…
george-mcintyre Jan 5, 2025
61127c5
"Add exception handling for timeout in testtlswithcms.cpp to improve …
george-mcintyre Jan 6, 2025
8e6d928
"Add delays with `sleep(1)` for server start stabilization and update…
george-mcintyre Jan 6, 2025
231f3c1
"Refactor TLS-related methods for improved clarity and consistency. R…
george-mcintyre Jan 6, 2025
dd07a03
Refactor degraded mode check: renamed `isDegraded` to `isInDegradedMo…
george-mcintyre Jan 6, 2025
1686e68
"Refactor client state management: Simplify `state_t` enum and replac…
george-mcintyre Jan 6, 2025
e0b3fbd
"Refactor TLS context validation methods for clarity and consistency.…
george-mcintyre Jan 6, 2025
d200db2
"Refactor TLS context validation methods for clarity and consistency.…
george-mcintyre Jan 6, 2025
9da483b
Refactor resource management: remove redundant checks in `regular_del…
george-mcintyre Jan 6, 2025
c0fbb1a
"Add YAML support for ACF generation, refactor output logging, and re…
george-mcintyre Jan 6, 2025
f2db449
"Remove YAML schema comments and replace log_info_printf calls with s…
george-mcintyre Jan 6, 2025
e69d6ca
"Add issuer ID validation for certificate installation"
george-mcintyre Jan 6, 2025
490ad9e
"Add new EPICS database files (testioc.db, testiocg.db) for testing r…
george-mcintyre Jan 6, 2025
56072fe
Add support for certificate status extraction and logging
george-mcintyre Jan 6, 2025
87cffe5
"Refactor Makefiles: Move certstatus-related sources from root Makefi…
george-mcintyre Jan 6, 2025
5f51906
**Remove unused certificate status handling code and dependencies**
george-mcintyre Jan 6, 2025
1d63c18
Revert "**Remove unused certificate status handling code and dependen…
george-mcintyre Jan 6, 2025
903bee0
"Remove unused certificate status retrieval methods and simplify Cert…
george-mcintyre Jan 7, 2025
164065b
"Remove `writeRootPemFile` and associated calls across multiple files"
george-mcintyre Jan 7, 2025
03cd6d6
"Remove support for `allow_self_signed_ca` in certificate handling, s…
george-mcintyre Jan 7, 2025
417b43c
"Remove support for custom CA directories in CertStatusManager OCSP v…
george-mcintyre Jan 7, 2025
93c7d7c
"Remove unused `isTrusted` function and simplify self-signed CA certi…
george-mcintyre Jan 7, 2025
1bcda26
"Remove unused OpenSSL utility functions and private OCSP helper method"
george-mcintyre Jan 7, 2025
e3edff9
"Remove INSTALL action and related functionality from certificate han…
george-mcintyre Jan 7, 2025
463dfee
"Improve CLI for certificate management: added detailed help message,…
george-mcintyre Jan 7, 2025
6a364c7
"Remove `PEMFileFactory` implementation and references, consolidate l…
george-mcintyre Jan 9, 2025
6ca5ab3
"Remove key file handling functions and simplify PKCS#12 parsing logic"
george-mcintyre Jan 9, 2025
a8dcb44
Refactor: Standardize terminology from "certificate" to "keychain" an…
george-mcintyre Jan 9, 2025
ea944d6
"Remove unused certificate hash and symlink utility functions."
george-mcintyre Jan 9, 2025
9e03d88
"Refactor TLS configuration: Consolidate `tls_cert_filename` and `tls…
george-mcintyre Jan 9, 2025
f011ee7
"Remove unused CertAvailability enum and associated return value for …
george-mcintyre Jan 9, 2025
bdd8176
"Remove TLS file monitoring and related code. Deleted `p12filewatcher…
george-mcintyre Jan 9, 2025
7320365
"Add default file paths and directory creation for certificates and c…
george-mcintyre Jan 10, 2025
cacbf2e
Add trusted root CA support for OCSP response validation and certific…
george-mcintyre Jan 12, 2025
2ada6ad
"Improve error messages for Certificate-Status-PV extensions, enhance…
george-mcintyre Jan 12, 2025
edc2939
"Add Secure PVA quick start guide and new SPVA-specific documentation…
george-mcintyre Jan 12, 2025
1a44250
"Add Secure PVA quick start guide and new SPVA-specific documentation…
george-mcintyre Jan 13, 2025
a5b4e1d
"Improve error handling and streamline logging: clarify error message…
george-mcintyre Jan 13, 2025
7326adf
"Fix parameter handling in default admin certificate creation functions"
george-mcintyre Jan 13, 2025
363703c
"Fix `getIssuerId` to retrieve issuer from CA chain and improve error…
george-mcintyre Jan 13, 2025
87774d7
"Fix `getIssuerId` to retrieve issuer from CA chain and improve error…
george-mcintyre Jan 13, 2025
8151091
"Adjust spacing in keychain file creation log message for better read…
george-mcintyre Jan 13, 2025
8c73acf
Adjust spacing in certificate creation log output for better readability
george-mcintyre Jan 13, 2025
530f118
Change log level from WARN to DEBUG for key pair creation exceptions.
george-mcintyre Jan 13, 2025
0bf50eb
Remove unused logger and add cleanup for empty P12 files to prevent e…
george-mcintyre Jan 13, 2025
773ab6c
"Refactor certificate handling: Remove `createKeyPair` method from `A…
george-mcintyre Jan 13, 2025
e0f3bc3
"Refactor certificate handling to use `ossl_ptr` and `ossl_shared_ptr…
george-mcintyre Jan 13, 2025
820dc19
Refactor codebase for modern C++ compliance and minor cleanups
george-mcintyre Jan 13, 2025
c4f15a9
"Refactored SPVA documentation: reorganized sections, added detailed …
george-mcintyre Jan 13, 2025
765e6d3
"Fix incorrect ossl_ptr initialization in certfactory; remove redunda…
george-mcintyre Jan 13, 2025
d824ba3
"Refactor certificate-related code: Replace `ossl_ptr` with raw point…
george-mcintyre Jan 13, 2025
0476510
"Refactor cert tool: adjust action conditionals and re-enable TLS by …
george-mcintyre Jan 13, 2025
ca81849
"Refactor CertStatusManager to replace weak_ptr with raw pointer for …
george-mcintyre Jan 13, 2025
cf6b85f
"Refactor: Replace `trusted_root_ca` with `trusted_store_ptr` for OCS…
george-mcintyre Jan 13, 2025
860229c
"Improve documentation and config clarity; add certificate creation a…
george-mcintyre Jan 15, 2025
ed3a9e6
"Remove `Context::forCMS` API and related documentation for certifica…
george-mcintyre Jan 15, 2025
950d2aa
"Refactor SSLContext: Reorder member initialization, remove move assi…
george-mcintyre Jan 15, 2025
bb99fcb
"Refactor argument parsing into `readParameters` and streamline certi…
george-mcintyre Jan 15, 2025
0a0fdd4
"Check for existing Certificate DB before creation and adjust logging…
george-mcintyre Jan 16, 2025
fecd2f9
"Improve SPVA Quick Start documentation formatting for consistency an…
george-mcintyre Jan 16, 2025
2d759e7
"Add timeout parameter to certificate creation requests and refactor …
george-mcintyre Jan 16, 2025
522399c
"Refactor evbase parameter to pass by value and remove unused certifi…
george-mcintyre Jan 17, 2025
0170dc6
"Change `impl::evbase` from reference to value across SSLContext for …
george-mcintyre Jan 17, 2025
a0d9d01
"Refactored `SSLPeerStatus` into `SSLPeerStatusMonitor` for improved …
george-mcintyre Jan 17, 2025
3ddcfe7
"Refactor certificate status handling and enhance TLS integration
george-mcintyre Jan 22, 2025
86cd15a
"Add OCSP stapling support with extended parsing and validation updates
george-mcintyre Jan 22, 2025
72bdc1b
Fix incorrect variable usage in `conn.cpp`, clean up commented-out co…
george-mcintyre Jan 22, 2025
e6b4a4b
"Refactor logging in pvacms.cpp: Reduced log output to minimum and fo…
george-mcintyre Jan 23, 2025
626dd37
fixes #33 : "Remove obsolete ccr.sh certificate creation script"
george-mcintyre Jan 23, 2025
4521446
"Update SPVA documentation with detailed Docker setup steps for vario…
george-mcintyre Jan 24, 2025
fe478d6
pvxinfo -v show server credentials
mdavidsaver Dec 12, 2024
86807fb
Add examples demonstrating TLS and non-TLS configurations in spvaqsta…
george-mcintyre Jan 27, 2025
93af7a0
"Refactor and streamline SPVA quickstart documentation; improve user …
george-mcintyre Jan 27, 2025
ead68e0
"Update paths to remove ${PROJECT_HOME}/pvxs/bin/* usage and standard…
george-mcintyre Jan 27, 2025
6bdb416
"Update paths to remove ${PROJECT_HOME}/pvxs/bin/* usage and standard…
george-mcintyre Jan 27, 2025
190e7dc
"Escape variable references in documentation for better rendering and…
george-mcintyre Jan 27, 2025
9c5edee
"Fix: Correct SPVA quickstart example to unset EPICS_PVA_TLS_KEYCHAIN…
george-mcintyre Jan 27, 2025
5a4bd62
"Refactor parameter parsing and improve admin certificate generation …
george-mcintyre Jan 27, 2025
e4e50b3
"Refactor ACF and YAML admin handling, add support for dynamically ad…
george-mcintyre Jan 28, 2025
13ad98d
#2 "Update PVACMS help text: reorganize admin options, clarify passwo…
george-mcintyre Jan 28, 2025
f414042
#2 "Refactor ACF and YAML admin handling, add support for dynamically…
george-mcintyre Jan 28, 2025
0247058
#2 "Update PVACMS help text: reorganize admin options, clarify passwo…
george-mcintyre Jan 28, 2025
e44407a
"Standardize PVAccess terminology across documentation, comments, and…
george-mcintyre Jan 29, 2025
6695dca
Merge branch 'tls' of github.com:george-mcintyre/pvxs into tls
george-mcintyre Jan 29, 2025
418eb9b
Add Docker quick-start instructions to SPVA documentation
george-mcintyre Jan 30, 2025
9fd3a5d
"Add `is_initialising` flag to `getOrCreateCaCertificate` for improve…
george-mcintyre Jan 30, 2025
2ba562b
"Add Dockerfiles and configurations for EPICS PVXS with SPVA support,…
george-mcintyre Jan 30, 2025
335cc21
"Add Dockerfiles and configurations for EPICS PVXS with SPVA support,…
george-mcintyre Jan 30, 2025
a435d36
"Update Kerberos configuration: add pvacms environment setup, replace…
george-mcintyre Jan 30, 2025
7ef7704
"Update Dockerfiles to use custom-built base images and add Kerberos …
george-mcintyre Jan 31, 2025
f22af3f
Add libkrb5-dev to Dockerfile dependencies in spva_krb
george-mcintyre Feb 2, 2025
b7058ea
Update Dockerfiles: Change base image, revise kerberos setup
george-mcintyre Feb 3, 2025
6a0902f
"Remove deprecated -allow_svr flag from pvacms principal creation in …
george-mcintyre Feb 3, 2025
622ac2d
"Add LDAP and Kerberos authentication support with extensive updates …
george-mcintyre Feb 3, 2025
6b801db
`Add Kerberos support in Dockerfile and fix include order in pvacms.cpp`
george-mcintyre Feb 3, 2025
275e866
"Clean up unused headers and redundant definitions in Makefiles and a…
george-mcintyre Feb 3, 2025
678bad0
Add --no-cache flag to Docker build commands in build scripts.
george-mcintyre Feb 3, 2025
31435bd
"Enable OpenSSL initialization in tools, authentication modules, and …
george-mcintyre Feb 3, 2025
3c19b4c
Update Docker image tag from 'pvxs_spva' to 'pvxs' in build script
george-mcintyre Feb 3, 2025
35e0df2
"Add `configure` method to authentication interfaces and implementati…
george-mcintyre Feb 3, 2025
3585a93
"Refactor authentication configs to use `unique_ptr` for dynamic memo…
george-mcintyre Feb 3, 2025
f22461f
"Add Kerberos-related environment variables to Supervisor configurati…
george-mcintyre Feb 3, 2025
d41cdf9
"Add Kerberos-related environment variables to Supervisor configurati…
george-mcintyre Feb 3, 2025
8113bc2
"Expand Kerberos config support to additional environment variables a…
george-mcintyre Feb 3, 2025
c3f293d
"Expand Kerberos config support to additional environment variables a…
george-mcintyre Feb 3, 2025
c9c35b7
"Update documentation links to point to EPICS Base repositories and r…
george-mcintyre Feb 4, 2025
e3b039b
"Update README with detailed project description, dependencies, and d…
george-mcintyre Feb 4, 2025
8668a17
"Update README with detailed project description, dependencies, and d…
george-mcintyre Feb 4, 2025
e95d0b9
"Update README with detailed project description, dependencies, and d…
george-mcintyre Feb 4, 2025
896363e
"Update GitHub Actions workflows: Align with tls branch in origin
george-mcintyre Feb 4, 2025
6115774
"Add OpenLDAP Docker setup with LDAP data seeding, SSSD integration, …
george-mcintyre Feb 5, 2025
e4133f6
"Add MIC generation and verification for Kerberos authentication. Upd…
george-mcintyre Feb 11, 2025
1ef3da2
"Refactor LDAP Docker setup: Remove `start.sh`, add EPICS schema for …
george-mcintyre Feb 11, 2025
ddd3619
"Refactor LDAP authentication: Improve CCR signature handling, remove…
george-mcintyre Feb 11, 2025
abfdd79
"Suppress deprecated warnings on macOS in authnldap.cpp"
george-mcintyre Feb 12, 2025
6e847c0
"Remove platform-specific GSSAPI includes from authnldapmain.cpp"
george-mcintyre Feb 12, 2025
00fe476
Replace deprecated LDAP C API calls with modern equivalents and impro…
george-mcintyre Feb 12, 2025
5192f4c
"Replace ldap_simple_bind_s with ldap_sasl_bind_s for improved authen…
george-mcintyre Feb 12, 2025
e9da96b
"Replace ldap_simple_bind_s with ldap_sasl_bind_s for improved authen…
george-mcintyre Feb 12, 2025
bd6db89
"Refactor Dockerfiles: modularize EPICS Base setup, update base image…
george-mcintyre Feb 12, 2025
4428fe7
Fix incorrect variable assignment for LDAP organization option
george-mcintyre Feb 12, 2025
70dc10d
"Set EPICS_PVA_AUTH_STD_ORG environment variable to 'epics.org' in ad…
george-mcintyre Feb 12, 2025
d43de05
Enhance LDAP password prompt to include organization name.
george-mcintyre Feb 12, 2025
e34bf8c
"Refactor authentication config handling: consolidate environment var…
george-mcintyre Feb 12, 2025
32f15e2
"Refactor LDAP authentication and Docker build scripts: Improved code…
george-mcintyre Feb 12, 2025
e4dec26
"Streamline Docker build scripts by combining build, login, and push …
george-mcintyre Feb 12, 2025
6a68715
"Fix: Ensure LDAP_DEPRECATED is defined to prevent compilation issues"
george-mcintyre Feb 12, 2025
94b89f5
"Refactor LDAP connection: Add protocol version setting and base64 de…
george-mcintyre Feb 12, 2025
0d0917c
"Fix and enhance LDAP credential handling and signature verification.
george-mcintyre Feb 12, 2025
4b2c382
"Refactor TLS keychain file and password handling to use conditional …
george-mcintyre Feb 12, 2025
4d402d5
"Fix error handling and return codes across authentication modules; r…
george-mcintyre Feb 12, 2025
202e782
Rename `fromAuthNEnv` to `fromAuthEnv` across files and refactor Kerb…
george-mcintyre Feb 15, 2025
e9b7797
"Improve standard and Kerberos authenticators: rename 'Default Authen…
george-mcintyre Feb 15, 2025
256b877
"Extend `getCredentials` with `for_client` parameter across authentic…
george-mcintyre Feb 15, 2025
9af4e7a
"Refactor authentication modules: Added `for_client` parameter to `ge…
george-mcintyre Feb 15, 2025
96caf65
"Add `tls_server_only` configuration for TLS; ensure clean rebuilds i…
george-mcintyre Feb 16, 2025
e6e63cc
"Support TLS server-only mode for clients by adjusting configuration …
george-mcintyre Feb 16, 2025
969f772
"Add support for `-t` option to disable client TLS for server-only TL…
george-mcintyre Feb 16, 2025
34acdf9
"Refactor: Remove inline function specifier and improve const correct…
george-mcintyre Feb 17, 2025
aa6aff6
Fix cast syntax in peer_status update for CertificateStatus
george-mcintyre Feb 17, 2025
a2db5e7
"Fix: Correct function signature by adjusting std::function parameter…
george-mcintyre Feb 17, 2025
fe31cd9
"Refactor cert retrieval function to remove unnecessary rvalue refere…
george-mcintyre Feb 17, 2025
2535332
"Fix typo in ConfigMonitor constructor: corrected std::function signa…
george-mcintyre Feb 17, 2025
32b871a
"Refactor CertFactory constructors to improve parameter clarity and u…
george-mcintyre Feb 17, 2025
c031e3a
"Add certificate expiration validation for daemon mode and refactor c…
george-mcintyre Feb 17, 2025
e6d6995
"Refactor Auth::runDaemon and configMonitor implementations to move f…
george-mcintyre Feb 17, 2025
c249ca1
"Refactor Auth::runDaemon and configMonitor implementations to move f…
george-mcintyre Feb 17, 2025
2011458
"Remove redundant dynamic assignment of default `config_uri_base` and…
george-mcintyre Feb 17, 2025
94e84c7
Refactor certificate code to replace `getIssuerId` with `getSkId`.
george-mcintyre Feb 17, 2025
c8dd58c
"Add option to specify certificate validity duration in minutes"
george-mcintyre Feb 18, 2025
58b3322
"Fix initialization of CertData and add validation for cert_data.cert…
george-mcintyre Feb 18, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
remove extraneous certstatusclient
  • Loading branch information
george-mcintyre committed Aug 25, 2024
commit 86527e5dcc4f337738a6b9efbc1b2730c60df4c5
1 change: 0 additions & 1 deletion src/Makefile
Original file line number Diff line number Diff line change
@@ -78,7 +78,6 @@ INC += p12filewatcher.h
LIBRARY = pvxs

LIB_SRCS += bitmask.cpp
LIB_SRCS += certstatusclient.cpp
LIB_SRCS += certstatusmanager.cpp
LIB_SRCS += client.cpp
LIB_SRCS += clientconn.cpp
47 changes: 0 additions & 47 deletions src/certstatusclient.cpp

This file was deleted.

49 changes: 0 additions & 49 deletions src/certstatusclient.h

This file was deleted.

1 change: 0 additions & 1 deletion src/certstatusmanager.cpp
Original file line number Diff line number Diff line change
@@ -17,7 +17,6 @@

#include <pvxs/client.h>

#include "certstatusclient.h"
#include "certstatus.h"
#include "configcms.h"
#include "ownedptr.h"
1 change: 0 additions & 1 deletion src/certstatusmanager.h
Original file line number Diff line number Diff line change
@@ -19,7 +19,6 @@

#include <pvxs/client.h>

#include "certstatusclient.h"
#include "certstatus.h"
#include "configcms.h"
#include "ownedptr.h"
7 changes: 1 addition & 6 deletions src/p12filewatcher.h
Original file line number Diff line number Diff line change
@@ -25,23 +25,20 @@

namespace pvxs {
namespace certs {

template <typename T>
class P12FileWatcher {
public:
P12FileWatcher(logger &logger, const T &config, const std::function<void(const T &)> &reconfigure_fn)
P12FileWatcher(logger &logger, const T &config, const std::function<void(const T &)> &&reconfigure_fn)
: config_(config), reconfigure_fn_(reconfigure_fn), stop_flag_(false), logger_(logger) {}

inline ~P12FileWatcher() {
stopWatching();
}

inline void startWatching() {
std::unique_lock<std::mutex> lock(mtx_);
auto worker = [this]() {
log_info_printf(logger_, "File Watcher: %s\n", "Starting");


if (auto config = dynamic_cast<const impl::ConfigCommon*>(&config_)) {
// Initialize a vector of file paths to watch
const std::vector<std::string> paths_to_watch = {
@@ -97,7 +94,6 @@ class P12FileWatcher {

inline void stopWatching() {
stop_flag_.store(true);
cv_.notify_one();
if (worker_.joinable()) {
worker_.join();
}
@@ -110,7 +106,6 @@ class P12FileWatcher {
logger &logger_;

std::thread worker_;
std::mutex mtx_;
std::condition_variable cv_;

inline time_t getFileModificationTime(const std::string& path) const {