diff --git a/Gopkg.lock b/Gopkg.lock index 1d48abf..03b4ffa 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -3,110 +3,134 @@ [[projects]] branch = "master" + digest = "1:e05c7b72aeba7570b1d2f9c6dc9f0373d224b16b70fa886c504de867bffe1c2e" name = "github.com/aead/chacha20" packages = [ ".", - "chacha" + "chacha", ] - revision = "c8d29375923a8e1d2a0f0dc0fc1d8a0aba5b97ba" + pruneopts = "UT" + revision = "8b13a72661dae6e9e5dea04f344f0dc95ea29547" [[projects]] - branch = "master" + digest = "1:1f96c755246f1b688f1b2f0d2ba6cff5a94ceb35a7c5d06f7489e5e348ce356d" name = "github.com/bifurcation/mint" packages = [ ".", - "syntax" + "syntax", ] - revision = "9bb725ea181bc9edd4f714c54ac91255c479f629" + pruneopts = "UT" + revision = "93c51c6ce11597a26e246fc33a301d62d3439cd2" [[projects]] - branch = "master" - name = "github.com/codahale/aesnicheck" - packages = ["."] - revision = "349fcc471aaccc29cd074e1275f1a494323826cd" + digest = "1:f438d91be142877c3ad83157992c91de787ddfbddcc2a7da1ef6ef61606cadc4" + name = "github.com/cheekybits/genny" + packages = ["generic"] + pruneopts = "UT" + revision = "9127e812e1e9e501ce899a18121d316ecb52e4ba" [[projects]] + digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55" name = "github.com/dgrijalva/jwt-go" packages = ["."] - revision = "dbeaa9332f19a944acb5736b4456cfcc02140e29" - version = "v3.1.0" + pruneopts = "UT" + revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e" + version = "v3.2.0" [[projects]] - branch = "master" + digest = "1:7223941933810a2417c0231d9a1b1a9e2b33eb56fb23b4d81d08af99b286627c" name = "github.com/dustin/go-humanize" packages = ["."] - revision = "bb3d318650d48840a39aa21a027c6630e198e626" + pruneopts = "UT" + revision = "259d2a102b871d17f30e3cd9881a642961a1e486" [[projects]] branch = "master" + digest = "1:50a46ab1d5edbbdd55125b4d37f1bf503d0807c26461f9ad7b358d6006641d09" name = "github.com/flynn/go-shlex" packages = ["."] + pruneopts = "UT" revision = "3f9db97f856818214da2e1057f8ad84803971cff" [[projects]] + digest = "1:4c0989ca0bcd10799064318923b9bc2db6b4d6338dd75f3f2d86c3511aaaf5cf" name = "github.com/golang/protobuf" packages = [ "proto", "ptypes", "ptypes/any", "ptypes/duration", - "ptypes/timestamp" + "ptypes/timestamp", ] - revision = "925541529c1fa6821df4e44ce2723319eb2be768" - version = "v1.0.0" + pruneopts = "UT" + revision = "aa810b61a9c79d51363740d207bb46cf8e620ed5" + version = "v1.2.0" [[projects]] + digest = "1:faaf0c588b3fc072c08bbf689891b638cb05cd4a359ea948e0c58bde954cdb0d" name = "github.com/google/uuid" packages = ["."] - revision = "064e2069ce9c359c118179501254f67d7d37ba24" - version = "0.2" + pruneopts = "UT" + revision = "dec09d789f3dba190787f8b4454c7d3c936fed9e" [[projects]] + digest = "1:f42beb8cbc61b8824d4c75233c21f312decf860d61c383c08d38a648bcd9d67b" name = "github.com/gorilla/websocket" packages = ["."] - revision = "ea4d1f681babbce9545c9c5f3d5194a789c89f5b" - version = "v1.2.0" + pruneopts = "UT" + revision = "a69d9f6de432e2c6b296a947d8a5ee88f68522cf" [[projects]] branch = "master" + digest = "1:4d9d876a856ada3b553062ac8e50331a9a539e12893c0c4a50d8ae2af4242685" name = "github.com/hashicorp/go-syslog" packages = ["."] + pruneopts = "UT" revision = "326bf4a7f709d263f964a6a96558676b103f3534" [[projects]] - branch = "master" + digest = "1:cf296baa185baae04a9a7004efee8511d08e2f5f51d4cbe5375da89722d681db" name = "github.com/hashicorp/golang-lru" packages = [ ".", - "simplelru" + "simplelru", ] + pruneopts = "UT" revision = "0fb14efe8c47ae851c0034ed7a448854d3d34cf3" [[projects]] branch = "master" + digest = "1:0bd77ba5a2ccf701d0dbe7a437aefc3cefe76c219518e5f177742ac390f8771d" name = "github.com/hydrogen18/stoppableListener" packages = ["."] + pruneopts = "UT" revision = "827d760f0663fd2207d115e22dd1f55f1842467e" [[projects]] branch = "master" + digest = "1:6d62fb66dd0a578569f2810928f3ff00baae524f94b8c3d859f1ac714bf4340d" name = "github.com/jimstudt/http-authentication" packages = ["basic"] + pruneopts = "UT" revision = "3eca13d6893afd7ecabe15f4445f5d2872a1b012" [[projects]] - branch = "master" - name = "github.com/lucas-clemente/aes12" + digest = "1:d8caaa1d517aa9da8f700aa58cce951c549556728928ee08ae7c81985acb8985" + name = "github.com/klauspost/cpuid" packages = ["."] - revision = "cd47fb39b79f867c6e4e5cd39cf7abd799f71670" + pruneopts = "UT" + revision = "ae832f27941af41db13bd6d8efd2493e3b22415a" [[projects]] branch = "master" - name = "github.com/lucas-clemente/fnv128a" + digest = "1:6fe6fc7707d8c37fb305362a324462d898bc1c01eaa2bfe15383ec21f6540c71" + name = "github.com/lucas-clemente/aes12" packages = ["."] - revision = "393af48d391698c6ae4219566bfbdfef67269997" + pruneopts = "UT" + revision = "cd47fb39b79f867c6e4e5cd39cf7abd799f71670" [[projects]] + digest = "1:f669ee1aab20e6639deb4b51d5f1b97ba8c8a91f240d377a16ebf7b8977b879a" name = "github.com/lucas-clemente/quic-go" packages = [ ".", @@ -119,18 +143,22 @@ "internal/protocol", "internal/utils", "internal/wire", - "qerr" + "qerr", ] - revision = "30851b9a3b4e958490b476fe72adafa67641361a" - version = "v0.7.0" + pruneopts = "UT" + revision = "71635f6961ad00ca5c088be625624e4a2cd1c066" + version = "v0.10.0-no-integrationtests" [[projects]] branch = "master" + digest = "1:08b3484b0665f09be0f1f699a38e877708453795df07a3d6e4cd41fa7a2cabf0" name = "github.com/lucas-clemente/quic-go-certificates" packages = ["."] + pruneopts = "UT" revision = "d2f86524cced5186554df90d92529757d22c1cb6" [[projects]] + digest = "1:e8fdc482420c6ceb12b531bf967b7c1869c615bad1627daafd79b843783337ed" name = "github.com/mholt/caddy" packages = [ ".", @@ -169,57 +197,73 @@ "caddytls", "onevent", "onevent/hook", - "startupshutdown" + "telemetry", ] - revision = "c4dfbb9956095c92d0586a52723748c070c7b459" - version = "v0.10.10" + pruneopts = "UT" + revision = "6f580c6aa36c54c3e1c65b5c609550a8a2508e3e" + version = "v0.11.1" [[projects]] + digest = "1:702ff5d8a0196ccb0627f35996efd1081be00c8ae1719402adbffc6e0f8f59ac" name = "github.com/miekg/dns" packages = ["."] - revision = "5364553f1ee9cddc7ac8b62dce148309c386695b" - version = "v1.0.4" + pruneopts = "UT" + revision = "7586a3cbe8ccfc63f82de3ab2ceeb08c9939af72" + version = "v1.1.1" [[projects]] - branch = "master" + digest = "1:78bbb1ba5b7c3f2ed0ea1eab57bdd3859aec7e177811563edc41198a760b06af" name = "github.com/mitchellh/go-homedir" packages = ["."] - revision = "b8bc1bf767474819792c23f32d8286a45736f1c6" + pruneopts = "UT" + revision = "ae18d6b8b3205b561c79e8e5f69bff09736185f4" + version = "v1.0.0" [[projects]] + digest = "1:b56c589214f01a5601e0821387db484617392d0042f26234bf2da853a2f498a1" name = "github.com/naoina/go-stringutil" packages = ["."] + pruneopts = "UT" revision = "6b638e95a32d0c1131db0e7fe83775cbea4a0d0b" version = "v0.1.0" [[projects]] + digest = "1:f58c3d0e46b64878d00652fedba24ee879725191ab919dca7b62586859281c04" name = "github.com/naoina/toml" packages = [ ".", - "ast" + "ast", ] + pruneopts = "UT" revision = "e6f5723bf2a66af014955e0888881314cf294129" version = "v0.1.1" [[projects]] branch = "master" + digest = "1:635ac9478e783f09b2945663e359ebf74bc225b37f9845795d1b247285b458a2" name = "github.com/pkg/browser" packages = ["."] - revision = "c90ca0c84f15f81c982e32665bffd8d7aac8f097" + pruneopts = "UT" + revision = "0a3d74bf9ce488f035cf5bc36f753a711bc74334" [[projects]] + digest = "1:68a035fb064937766a06f82bb38cd349ff3c88cad23855dcaa0eb91a3bddff22" name = "github.com/russross/blackfriday" packages = ["."] + pruneopts = "UT" revision = "067529f716f4c3f5e37c8c95ddd59df1007290ae" [[projects]] + branch = "acmev2" + digest = "1:fb11f8ddb212cf9aed430070b2c7141751c30b1b0811cbea1dedc28c9b1006da" name = "github.com/xenolf/lego" - packages = ["acme"] - revision = "67c86d860a797ce2483f50d9174d4ed24984bef2" - version = "v0.4.1" + packages = ["acmev2"] + pruneopts = "UT" + revision = "fad2257e11ae4ff31ed03739386873aa405dec2d" [[projects]] branch = "master" + digest = "1:188ea3779ec1edcf849a2e3ed9ad71d2e83ef5375232dd044aa8c018dabe387e" name = "golang.org/x/crypto" packages = [ "curve25519", @@ -227,19 +271,24 @@ "ed25519/internal/edwards25519", "hkdf", "internal/chacha20", + "internal/subtle", "ocsp", + "pbkdf2", "poly1305", "ssh", - "ssh/agent" + "ssh/agent", ] - revision = "432090b8f568c018896cd8a0fb0345872bbac6ce" + pruneopts = "UT" + revision = "505ab145d0a99da450461ae2c1a9f6cd10d1f447" [[projects]] branch = "master" + digest = "1:55a64410481eb4c38434557abf23707b7a4b2729b73761a837806fc6278876a9" name = "golang.org/x/net" packages = [ "bpf", "context", + "http/httpguts", "http2", "http2/hpack", "idna", @@ -248,14 +297,24 @@ "internal/timeseries", "ipv4", "ipv6", - "lex/httplex", - "publicsuffix", - "trace" + "trace", ] - revision = "cbe0f9307d0156177f9dd5dc85da1a31abc5f2fb" + pruneopts = "UT" + revision = "891ebc4b82d6e74f468c533b06f983c7be918a96" [[projects]] branch = "master" + digest = "1:9bd2a1332ddcee55c2dad82b983716d41a32635dafab848a12de0e73f29d4c2c" + name = "golang.org/x/sys" + packages = [ + "cpu", + "unix", + ] + pruneopts = "UT" + revision = "4d1cda033e0619309c606fc686de3adcf599539e" + +[[projects]] + digest = "1:a2ab62866c75542dd18d2b069fec854577a20211d7c0ea6ae746072a1dccdd18" name = "golang.org/x/text" packages = [ "collate", @@ -271,31 +330,45 @@ "unicode/bidi", "unicode/cldr", "unicode/norm", - "unicode/rangetable" + "unicode/rangetable", ] - revision = "4e4a3210bb54bb31f6ab2cdca2edcc0b50c420c1" + pruneopts = "UT" + revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0" + version = "v0.3.0" [[projects]] branch = "master" + digest = "1:077c1c599507b3b3e9156d17d36e1e61928ee9b53a5b420f10f28ebd4a0b275c" name = "google.golang.org/genproto" packages = ["googleapis/rpc/status"] - revision = "2b5a72b8730b0b16380010cfe5286c42108d88e7" + pruneopts = "UT" + revision = "bd91e49a0898e27abb88c339b432fa53d7497ac0" [[projects]] + digest = "1:9edd250a3c46675d0679d87540b30c9ed253b19bd1fd1af08f4f5fb3c79fc487" name = "google.golang.org/grpc" packages = [ ".", "balancer", "balancer/base", "balancer/roundrobin", + "binarylog/grpc_binarylog_v1", "codes", "connectivity", "credentials", + "credentials/internal", "encoding", "encoding/proto", - "grpclb/grpc_lb_v1/messages", "grpclog", "internal", + "internal/backoff", + "internal/binarylog", + "internal/channelz", + "internal/envconfig", + "internal/grpcrand", + "internal/grpcsync", + "internal/syscall", + "internal/transport", "keepalive", "metadata", "naming", @@ -306,36 +379,54 @@ "stats", "status", "tap", - "transport" ] - revision = "8e4536a86ab602859c20df5ebfd0bd4228d08655" - version = "v1.10.0" + pruneopts = "UT" + revision = "df014850f6dee74ba2fc94874043a9f3f75fbfd8" + version = "v1.17.0" [[projects]] + digest = "1:e02b10e6e68d289bd281aaee5cf5b2d295ae7b32960812e255668700d269592d" name = "gopkg.in/natefinch/lumberjack.v2" packages = ["."] - revision = "a96e63847dc3c67d17befa69c303767e2f84e54f" - version = "v2.1" + pruneopts = "UT" + revision = "df99d62fd42d8b3752c8a42c6723555372c02a03" [[projects]] - name = "gopkg.in/square/go-jose.v1" + digest = "1:feab1308bceeb3d0e078b1c10397f2ce3b9d6f030c209d46e8b6f62fc97f90f3" + name = "gopkg.in/square/go-jose.v2" packages = [ ".", "cipher", - "json" + "json", ] - revision = "aa2e30fdd1fe9dd3394119af66451ae790d50e0d" - version = "v1.1.0" + pruneopts = "UT" + revision = "72415094398e2f013bf50b76fd6de36df47938ea" + version = "v2.2.1" [[projects]] branch = "v2" + digest = "1:1883ec914995921bfc6c1c39a46d1ed153f37ddc6f5348ace363725917dcf476" name = "gopkg.in/yaml.v2" packages = ["."] - revision = "d670f9405373e636a5a2765eea47fac0c9bc91a4" + pruneopts = "UT" + revision = "25c4ec802a7d637f88d584ab26798e94ad14c13b" [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "2348f747ebc8bd42b54954166dd0537754b114f62844d8ad0697a20c80425e69" + input-imports = [ + "github.com/dgrijalva/jwt-go", + "github.com/golang/protobuf/proto", + "github.com/hydrogen18/stoppableListener", + "github.com/mholt/caddy", + "github.com/mholt/caddy/caddyhttp", + "github.com/mitchellh/go-homedir", + "github.com/pkg/browser", + "golang.org/x/crypto/ssh", + "golang.org/x/crypto/ssh/agent", + "golang.org/x/net/context", + "google.golang.org/grpc", + "google.golang.org/grpc/credentials", + ] solver-name = "gps-cdcl" solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml index f5045de..e33f7a3 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -1,10 +1,10 @@ [[constraint]] name = "github.com/dgrijalva/jwt-go" - version = "3.1.0" + version = "3.2.0" [[constraint]] name = "github.com/golang/protobuf" - version = "1.0.0" + version = "1.2.0" [[constraint]] branch = "master" @@ -12,15 +12,11 @@ [[constraint]] name = "github.com/mholt/caddy" - version = "0.10.10" - -[[override]] - name = "github.com/russross/blackfriday" - revision = "067529f716f4c3f5e37c8c95ddd59df1007290ae" + version = "0.11.1" [[constraint]] - branch = "master" name = "github.com/mitchellh/go-homedir" + version = "1.0.0" [[constraint]] branch = "master" @@ -36,7 +32,7 @@ [[constraint]] name = "google.golang.org/grpc" - version = "1.10.0" + version = "1.17.0" [prune] go-tests = true diff --git a/client_library.go b/client_library.go index e8307d9..0e10247 100644 --- a/client_library.go +++ b/client_library.go @@ -1,6 +1,6 @@ /* -Copyright 2017 Continusec Pty Ltd +Copyright 2018 Continusec Pty Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -496,10 +496,23 @@ func FetchCerts(config *ClientAppConfiguration, idToken string, sshDir string, h return err } sshAgent := agent.NewClient(agentSocket) + keys, err := sshAgent.List() + if err != nil { + return err + } + for _, k := range keys { + if k.Comment == config.ShortlivedKeyName { + err = sshAgent.Remove(k) + if err != nil { + log.Printf("skipping error when attempting to remove older cert: %s", err) + } + } + } err = sshAgent.Add(agent.AddedKey{ PrivateKey: privateKey, Certificate: cert, LifetimeSecs: uint32(ttl), + Comment: config.ShortlivedKeyName, }) if err != nil { return err diff --git a/cmd/geecertsample/sample-client-main.go b/cmd/geecertsample/sample-client-main.go index 0fceac4..33cecc2 100644 --- a/cmd/geecertsample/sample-client-main.go +++ b/cmd/geecertsample/sample-client-main.go @@ -1,6 +1,6 @@ /* -Copyright 2017 Continusec Pty Ltd +Copyright 2018 Continusec Pty Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/cmd/servegeecerts/server-main.go b/cmd/servegeecerts/server-main.go index 747b85d..6f006e6 100644 --- a/cmd/servegeecerts/server-main.go +++ b/cmd/servegeecerts/server-main.go @@ -1,6 +1,6 @@ /* -Copyright 2017 Continusec Pty Ltd +Copyright 2018 Continusec Pty Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/google_id_token.go b/google_id_token.go index 3f4fd9f..ed61ef0 100644 --- a/google_id_token.go +++ b/google_id_token.go @@ -1,6 +1,6 @@ /* -Copyright 2017 Continusec Pty Ltd +Copyright 2018 Continusec Pty Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/jwt.go b/jwt.go index 8986415..1cff75c 100644 --- a/jwt.go +++ b/jwt.go @@ -1,6 +1,6 @@ /* -Copyright 2017 Continusec Pty Ltd +Copyright 2018 Continusec Pty Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.