wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-15 09:13:01 +02:00
Code Issues Projects Releases Wiki Activity
782 commits 4 branches 2 tags 12 MiB
Commit graph

782 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dan Guido
146df75022 Update algo 2017-02-20 03:40:40 +01:00
Dan Guido
7fe2dc34e5 add warning about os security enhancements 2017-02-20 03:28:32 +01:00
Jack Ivanov
ffd278e7d9 AndroidVPNClientProfiles #240 2017-02-17 00:30:21 +03:00
Jacob Wilder
23f14ed629 Fixed the azure role for situations where the user does not use a ~/.azure/credentials file (#242) 2017-02-16 23:43:03 +03:00
Jack Ivanov
b75f36a64e contgrats fix in update-users #243 2017-02-15 18:49:42 +03:00
Jack Ivanov
c89d916bd9 Update README.md (#241) 2017-02-14 18:42:12 +01:00
Jack Ivanov
dd202bfd00 rewrite congrats 2017-02-14 20:26:04 +03:00
Dan Guido
36862d3abe Update README.md 2017-02-14 17:42:54 +01:00
Dan Guido
6babf2809b Update README.md 2017-02-14 17:39:58 +01:00
Dan Guido
fe6c849de7 remove twitter button :-( 2017-02-13 10:10:50 +01:00
Dan Guido
87ff3a1124 twitter badge 2017-02-13 09:57:45 +01:00
Jack Ivanov
16d92057c4 rename connection 2017-02-12 23:01:29 +03:00
akirilov
3af59f15d8 Modified certificate generation to address issues #234 and #228 (#235) 
* Modified certificate generation to address issues #234 and #228

I have made the following modifications to comply with the IKEv2 client certificate requirements:

- Changed client certificate CN to {{ IP_subject_alt_name }}_{{ item }} from {{ item }}
- Changed client certificate SAN to {{IP_subject_alt_name }} from {{ item }}
- Added clientAuth to client certificate EKU

I have made the following changes to address a mismatch in the windows deployment script and file names:

- Changed the client certificate (.p12) filename in config/{{ IP_subject_alt_name }} to {{ IP_subject_alt_name}}_{{ item }}.p12 from {{ item }}.p12 to match the ps1 script

Testing:

I have tested the changes on Windows 10 client, Ubuntu 16.04.1 server (DigitalOcean) - the config described in Issue #234

I apologize for not being able to test on other configurations. I hope that someone else can verify my changes

* fixed iOS issues

* fixed accidentall user change

* simplified changes

* Final iteration. I think that's all I can do to minimize the changes
 2017-02-12 22:45:36 +03:00
Dan Guido
55835dfb1a typo 2017-02-12 13:13:24 -05:00
Dan Guido
9576b31ab1 explicit pointer to avenues for support 2017-02-12 13:07:13 -05:00
Dan Guido
8b3cf9a0f7 Update README.md 2017-02-07 17:31:13 -05:00
Dan Guido
88c5f7d100 Update README.md 2017-02-07 17:30:15 -05:00
Dan Guido
b220eb1b77 TOC 2017-02-07 17:29:17 -05:00
Dan Guido
95aae71066 Move FAQ to its own doc. 2017-02-07 17:27:13 -05:00
Dan Guido
47ff779b77 Update CONTRIBUTING.md 2017-02-07 17:08:44 -05:00
Dan Guido
34b94ca66a Update Troubleshooting.md 2017-02-07 17:02:18 -05:00
Dan Guido
733241e186 slightly better docs 2017-02-07 17:01:31 -05:00
Dan Guido
4d276b00a7 Slightly better docs 2017-02-07 16:46:58 -05:00
Dan Guido
a1abff610a Closes #82, again 2017-02-07 16:35:23 -05:00
Jack Ivanov
be48ca62e1 Local openssl tasks (#169) 
* Draft

works with ECDSA

RSA support for Windows

* update-users with local_openssl_tasks

* move prompts to the algo script

* additional directory for SSH keys

* move easyrsa_p12_export_password to pre_tasks

* update-users testing

* Fix hardcoded vars

* Delete the CA key

* Hardcoded IP. Fixes #219

* Some fixes
 2017-02-03 14:24:02 -05:00
Jack Ivanov
e7089c2517 make the fail message more understandable. Fixes #217 2017-02-01 18:54:47 +03:00
Jack Ivanov
a78f586438 Additional info in the congrats 2017-01-26 20:01:06 +03:00
Jack Ivanov
86805aa93b Prevent ansible and Jinja2 from updates #220 (#221) 2017-01-22 23:06:32 +03:00
Jack Ivanov
062acf0dac Update README.md 2017-01-22 22:56:17 +03:00
Jack Ivanov
ce97f2211c ensure that apparmor is supported by the kernel #215 2017-01-16 00:19:57 +03:00
Jack Ivanov
783c64a787 update the troubleshooting page #146 2017-01-14 20:27:18 +03:00
Jack Ivanov
15d1f4f5c0 move troubleshooting from the landing readme page 2017-01-14 20:07:52 +03:00
Jack Ivanov
de39fe85d7 disable compression #146 2017-01-14 19:56:23 +03:00
Jack Ivanov
2d94563321 increase timeouts 2017-01-14 19:38:21 +03:00
Jack Ivanov
981469813e Add the algo ssh key to any server (prevent fails when a user wants to update-users on a server deployed by algo but not with the algo ssh key) 2017-01-14 19:38:21 +03:00
Tonimir Kisasondi
1ddc21beb3 Updated README.md (#214) 
Just added -y to apt-get so it doesn't prompt for prerequisites install.
 2017-01-12 21:14:05 -05:00
Jack Ivanov
9e521004d1 Update README.md 2017-01-11 23:35:29 +03:00
Jack Ivanov
38ec3800b0 Do your job, travis! 2017-01-11 23:29:30 +03:00
Jack Ivanov
f47746ef17 TravisCI initial. Testing all the components except the cloud roles. #154 2017-01-11 23:20:47 +03:00
Jack Ivanov
fedd7dcf52 additional tags 2017-01-11 21:02:41 +03:00
Jack Ivanov
4bb92e5c3c addtiional fixes 2017-01-11 20:55:44 +03:00
Jack Ivanov
ae9700e085 Fix for the local installation 2017-01-11 20:55:07 +03:00
Jack Ivanov
a7ac48baa5 Merge pull request #209 from trailofbits/ec2encryption #133 
EC2 encrypted volume support
 2017-01-10 19:26:33 +03:00
Jack Ivanov
8e1e607025 Update ADVANCED.md 2017-01-10 19:04:29 +03:00
Jack Ivanov
f554883734 skip encrypted by default #133 2017-01-10 18:55:59 +03:00
Dan Guido
57272a09e5 more minor changes for readability 2017-01-09 21:34:32 -05:00
Dan Guido
b3cc732f1d Readability suggestions per Mike Russell 2017-01-09 16:25:12 -05:00
Jack Ivanov
882f26ca91 Update requirements.txt 2017-01-09 22:29:07 +03:00
Defunct
034dea1110 ec2_ami_copy boto3 module, KMS, tagging, AMI caching (Encrypted support) 2017-01-05 19:36:30 +00:00
Defunct
552c77b36d refactored ec2 encryption 2017-01-05 17:36:45 +00:00