wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-14 08:43:01 +02:00
Code Issues Projects Releases Wiki Activity
890 commits 4 branches 2 tags 12 MiB
Commit graph

890 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jack Ivanov
d6d55da52a delete tasks and move to roles (#519) 2017-05-08 16:34:45 -04:00
Ruben Jongejan
cb82eb20dd improved readability with native yaml (#530) 2017-05-08 16:34:24 -04:00
Jack Ivanov
583340a425 define local_dns if dns tag used (#533) 2017-05-08 16:33:30 -04:00
Jack Ivanov
03fcb721e6 Revert "define local_dns if dns tag used (#531)" (#532) 
This reverts commit 627b7d5d9b.
 2017-05-08 22:12:49 +02:00
Jack Ivanov
6a4b100943 define local_dns if dns tag used (#531) 2017-05-08 16:10:59 -04:00
Jack Ivanov
f04630bf79 Disable the Signature Algorithm check and add default vars. Fixes #525 2017-05-08 21:40:38 +02:00
Christopher J. Pilkington
aa75d3f00f Add additional delay for ec2 instance prior to ssh (#527) 
* Add additional delay for ec2 instance prior to ssh

* Add 10 second delay to all, rather than to cloud-ec2
 2017-05-07 12:35:27 -04:00
Osman Surkatty
42dae777aa Added missing minimum policy actions. (#522) 
Going through the installation process it appears that you're missing the following calls: `ec2:describeAddresses` and `ec2:allocateAddress`. This change fixes that.
 2017-05-06 09:16:35 -04:00
Christopher J. Pilkington
8327835ddf Specify EIP domain (#521) 2017-05-06 09:16:28 -04:00
Jack Ivanov
ae45c1295a move to Elastic IP (#512) 2017-05-04 08:33:31 -04:00
Jack Ivanov
0b318d4571 Get strongswan from the Zesty repo on Xenial (#515) 2017-05-03 16:03:10 -04:00
Dan Guido
7e9ccb0a2e add FAQ about software updates (#506) 
* add FAQ about software updates

* toc

* grammar

* grammar

* link

* grammar
 2017-04-30 15:44:47 -04:00
Dan Guido
74ad36e7b6 Aws documentation (#505) 
* Add AWS and Cloudformation specific docs

Closes #482
Closes #468

* readme enhancements

* various grammatical issues fixed
 2017-04-30 14:28:44 -04:00
Dan Guido
34e3866e7f Update README.md 2017-04-29 14:39:55 -04:00
Jack Ivanov
4aca3b9acc Implementing blocks and additional fail hints #487 (#497) 
change the troubleshooting url
 2017-04-29 10:48:25 -04:00
Jack Ivanov
4df054b6b3 dpdaction to clear (#498) 2017-04-27 14:47:45 -04:00
Jack Ivanov
d0404da90b Properly configure ICMP restrictions (#492) 2017-04-27 12:47:05 -04:00
Ryan Kasper
ee95caf864 Windows 10 -PfsGroup None --> -PfsGroup ECP256 (#493) 
* Windows 10 -PfsGroup None --> -PfsGroup ECP256

Fixes broken tunnel when rekey (CREATE_CHILD_SA request [ N(REKEY_SA) SA No TSi TSr KE ]) occurs (on my Windows 10 1703 build 15063.138 Creator's Update system this is ~every 57 minutes)

* Update Windows Client PfsGroup Commandline
 2017-04-27 12:46:50 -04:00
forkbomber
493856027b Fix typo related to "Error 809" and filtered IKE_AUTH requests (#496) 2017-04-27 12:46:28 -04:00
Jack Ivanov
4e4fdb5ec4 Disable RSA in the mobileconfigs. Fixes #486 2017-04-25 23:06:51 +02:00
Nicholas
643df9bce1 Fixed broken links to ansible deployment instructions (#484) 
* Fixed broken link in EC2 IAM instructions

* Fixed broken in step 6 of instructions
 2017-04-24 16:53:58 +02:00
Dan Guido
2818e8f0f7 The docs got out of sync with the scripts (#480) 
* The docs got out of sync with the scripts

* restructure

* fix links
 2017-04-23 16:36:30 -04:00
Jack Ivanov
50b9e69417 Some enhances in the compat ciphers (#464) 
raise the IntegrityCheckMethod to SHA384

Move Windows to ECDSA

Increase IntegrityCheckMethod
 2017-04-23 16:00:37 -04:00
Dan Guido
3617309adc Doc improvements (#479) 
* cleanup

* typos

* Closes #289

Add instructions for connecting to the VPN and configuring on demand.
 2017-04-23 14:54:54 -04:00
Dan Guido
41ae2614cf this option is deprecated (#477) 2017-04-23 09:04:30 -04:00
Dan Guido
67a411f262 typo (#474) 2017-04-22 22:38:29 -04:00
Jack Ivanov
13155fbced Move back to 16.04. Forgot to change after testing 2017-04-22 23:09:37 +02:00
Jack Ivanov
a81a429c36 Let users choose the distro version #449 (#466) 
Make dpdaction great again

add 1704 to travis

Make EC2 image name more convenient

modify apparmor profile
 2017-04-22 17:06:10 -04:00
Dan Guido
e5ac6bef21 fix link (#472) 2017-04-22 16:52:02 -04:00
Dan Guido
8a90f503eb Add linters to our CI (#471) 2017-04-22 14:57:39 -04:00
Jay Little
2168259218 Fix broken links. (#469) 2017-04-22 14:00:16 -04:00
Dan Guido
72843a5707 Add back table of contents (#463) 
* toc

* shift left

* derp
 2017-04-21 12:20:33 -04:00
Dan Guido
299a90867b typo 2017-04-20 18:28:16 -04:00
Dan Guido
5789eb7cb8 Update documentation to include minimum required IAM policy (#461) 
* Updating documentation to include minimum required IAM polcy. Closes

* Slightly more concise
 2017-04-20 18:15:31 -04:00
Andy Boutte
5137e41987 CF tested and working for EC2 deployment (#431) 
* AWS CloudFormation #132

* IPv6 EC2 draft

* CF tested and working for EC2 deployment

* IPv6 Implementation, EC2, Cloudformation

* Fixed ipv6 networking

* adding ip6tables rule for DHCP on AWS
 2017-04-20 18:04:57 -04:00
Dan Guido
307daf1aed Update deploy-to-ubuntu.md 2017-04-20 18:00:55 -04:00
Jack Ivanov
eed4bb6a39 remove the proxy role #440 (#457) 
* remove the proxy role #440

* Separate facts. Make roles more independent from each other

move openssl to local tasks

move unneeded tasks
 2017-04-20 18:00:17 -04:00
Dan Guido
0c8f0e5552 Better documentation (#459) 
* Closes #443

* Remove numbers

* context

* split up local and scripted

* Closes #458

* .

* better layout

* Closes #451

* do this later

* grammar

* typo
 2017-04-20 17:56:03 -04:00
Dan Guido
3aa3339b22 Windows needs SHA2-256. Closes #453. (#456) 2017-04-20 07:26:46 -04:00
Dan Guido
070a18a507 Change uniqueids back to never (#448) 
We need this to allow multiple connections with the same id/certificate
 2017-04-19 09:53:30 +02:00
Dan Guido
fcb291f73b clarification about ciphers 2017-04-18 11:22:38 -04:00
Dan Guido
115fa202d4 prefer ed25519 2017-04-18 02:20:44 -04:00
Dan Guido
119a9af4fb Fix a typo from #439 2017-04-18 01:15:07 -04:00
Dan Guido
277ac4a9e2 disable dpd #430 (#437) 
Closes #430
 2017-04-18 01:12:21 -04:00
Dan Guido
aebfb67e21 remove extraneous integrity algos from AEAD ciphers (#439) 
In reference to
https://github.com/trailofbits/algo/issues/9#issuecomment-294370560
 2017-04-18 01:11:56 -04:00
MiWCryptAnalytics
05780d781e Update troubleshooting with note about ip frag (#427) 
* Update troubleshooting with note about ip frag

note about ip fragmentation on consumer routers

* clarify

Closes #305
 2017-04-17 23:41:04 -04:00
Jauder Ho
fcc05406b2 Only enable ChaCha cipher (#412) 
* Only enable ChaCha cipher

* Add back a few ciphers for compatability
 2017-04-17 23:17:40 -04:00
Jack Ivanov
75bf4323e3 Add URLStringProbe (#428) 
* Add URLStringProbe

* switch to Apple's hotspot-detect.html
 2017-04-17 23:16:05 -04:00
Andy Boutte
200e5821e3 Removing update to ~/.ssh/config #400 (#435) 2017-04-17 22:01:42 -04:00
George Kargiotakis
3bf692c49f Simplify localhost installations (#432) 
Make it easier to install non_cloud version on localhost and
add a check whether an IP was given for IP_subject
 2017-04-17 21:34:31 +02:00