vault

mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-23 13:25:05 +00:00

Author	SHA1	Message	Date
Brian Kassouf	2a3243546a	Update plugin deps to include context changes (#3765 ) * Update plugin deps to include context changes * Fix tests	2018-01-08 12:26:13 -08:00
Brian Kassouf	78adac0a24	Pass context to backends (#3750 ) * Start work on passing context to backends * More work on passing context * Unindent logical system * Unindent token store * Unindent passthrough * Unindent cubbyhole * Fix tests * use requestContext in rollback and expiration managers	2018-01-08 10:31:38 -08:00
Will Glynn	416bb41b35	Document that AWS STS lease revocation is a no-op [fixes #3736 ] (#3760 )	2018-01-08 10:28:07 -06:00
Jeff Mitchell	d6552a11cc	Merge branch 'master-oss' into sethvargo/cli-magic	2018-01-03 14:02:31 -05:00
Brian Shumate	622b15939c	Update some approle related help output (#3747 )	2018-01-03 13:56:14 -05:00
Brian Nuszkowski	3f3e96d2a3	Add the ability to pass in mfa parameters when authenticating via the… (#3729 )	2017-12-26 13:40:44 -05:00
Brian Kassouf	6a74c119f3	secret/database: Fix upgrading database backend (#3714 )	2017-12-18 19:38:47 -08:00
Calvin Leung Huang	40b8314c4d	Add period and max_ttl to cert role creation (#3642 )	2017-12-18 15:29:45 -05:00
Chris Hoffman	563edbe1f6	short circuit cert extensions check (#3712 )	2017-12-18 13:19:05 -05:00
Travis Cosgrave	95328e2fb4	Use Custom Cert Extensions as Cert Auth Constraint (#3634 )	2017-12-18 12:53:44 -05:00
Jeff Mitchell	a572ed480c	Merge pull request #3695 from hashicorp/creds-period-logic	2017-12-18 12:40:03 -05:00
Jeff Mitchell	4f31ee7cc8	Merge branch 'master' into f-nomad	2017-12-18 12:23:39 -05:00
immutability	f8cdeec783	Add Duo MFA to the Github backend (#3696 )	2017-12-18 09:59:17 -05:00
Chris Hoffman	abbb1c623a	use defaultconfig as base, adding env var test	2017-12-17 10:51:39 -05:00
Chris Hoffman	737dbca37a	fixing up config to allow environment vars supported by api client	2017-12-17 09:10:56 -05:00
Chris Hoffman	20aac4dc0a	adding existence check for roles	2017-12-15 19:50:20 -05:00
Chris Hoffman	b82493f9de	adding access config existence check and delete endpoint	2017-12-15 19:18:32 -05:00
Calvin Leung Huang	38df48654e	Use shortMaxTTL on Ec2 paths	2017-12-15 17:29:40 -05:00
Chris Hoffman	152b6e4305	address some feedback	2017-12-15 17:06:56 -05:00
Chris Hoffman	16e2edf389	Merge remote-tracking branch 'oss/master' into f-nomad * oss/master: Defer reader.Close that is used to determine sha256 changelog++ Avoid unseal failure if plugin backends fail to setup during postUnseal (#3686) Add logic for using Auth.Period when handling auth login/renew requests (#3677) plugins/database: use context with plugins that use database/sql package (#3691) changelog++ Fix plaintext backup in transit (#3692) Database gRPC plugins (#3666)	2017-12-15 17:05:42 -05:00
Calvin Leung Huang	ddfe767772	Update logic on renew paths	2017-12-15 16:26:42 -05:00
Calvin Leung Huang	327c28c77d	Update login logic for aws creds backend	2017-12-15 16:18:19 -05:00
Calvin Leung Huang	fff0d199bd	Update login logic for aws creds backend	2017-12-15 16:01:40 -05:00
Calvin Leung Huang	895cffa4cf	Add logic for using Auth.Period when handling auth login/renew requests (#3677 ) * Add logic for using Auth.Period when handling auth login/renew requests * Set auth.TTL if not set in handleLoginRequest * Always set auth.TTL = te.TTL on handleLoginRequest, check TTL and period against sys values on RenewToken * Get sysView from le.Path, revert tests * Add back auth.Policies * Fix TokenStore tests, add resp warning when capping values * Use switch for ttl/period check on RenewToken * Move comments around	2017-12-15 13:30:05 -05:00
Brian Kassouf	a401cc7cb5	Database gRPC plugins (#3666 ) * Start work on context aware backends * Start work on moving the database plugins to gRPC in order to pass context * Add context to builtin database plugins * use byte slice instead of string * Context all the things * Move proto messages to the dbplugin package * Add a grpc mechanism for running backend plugins * Serve the GRPC plugin * Add backwards compatibility to the database plugins * Remove backend plugin changes * Remove backend plugin changes * Cleanup the transport implementations * If grpc connection is in an unexpected state restart the plugin * Fix tests * Fix tests * Remove context from the request object, replace it with context.TODO * Add a test to verify netRPC plugins still work * Remove unused mapstructure call * Code review fixes * Code review fixes * Code review fixes	2017-12-14 14:03:11 -08:00
Jeff Mitchell	96b0c31de5	Merge branch 'master' into f-nomad	2017-12-14 16:44:28 -05:00
Jeff Mitchell	2146f88052	Update Consul to use the role's configured lease on renew. (#3684 )	2017-12-14 13:28:19 -05:00
Vishal Nayak	c38f9884ce	Transit: backup/restore (#3637 )	2017-12-14 12:51:50 -05:00
Vishal Nayak	aef8a1893f	Fix the casing problem in approle (#3665 )	2017-12-11 16:41:17 -05:00
Florent H. CARRÉ	c1c052f0c1	Hardening RSA keys for PKI and SSH (#3593 )	2017-12-11 13:43:56 -05:00
Chris Hoffman	628153979a	Converting key_usage and allowed_domains in PKI to CommaStringSlice (#3621 )	2017-12-11 13:13:35 -05:00
Brad Sickles	dc70b1c21f	Adding mfa support to okta auth backend. (#3653 )	2017-12-07 14:17:42 -05:00
Brian Shumate	c767dc4ed6	Conditionally set file audit log mode (#3649 )	2017-12-07 11:44:15 -05:00
Mohsen	77fc89088d	Small typo relating to no_store in pki secret backend (#3662 ) * Removed typo :) * Corrected typo in the website related to no_store	2017-12-07 10:40:21 -05:00
Vishal Nayak	18311d253d	Transit: Refactor internal representation of key entry map (#3652 ) * convert internal map to index by string * Add upgrade test for internal key entry map * address review feedback	2017-12-06 18:24:00 -05:00
Dominik Müller	534ea1771d	add allowed_names to cert-response (#3654 )	2017-12-06 16:50:02 -05:00
Jeff Mitchell	eed45793b9	Re-add some functionality lost during last dep update (#3636 )	2017-12-01 10:18:26 -05:00
Nicolas Corrarello	884e25035f	Adding SealWrap configuration, protecting the config/access path Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 21:53:21 +00:00
Nicolas Corrarello	12e77fac51	Rename policy into policies	2017-11-29 16:31:17 +00:00
Nicolas Corrarello	0780c6250b	Checking if client is not nil before deleting token Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 16:23:03 +00:00
Nicolas Corrarello	66840ac4db	%q quotes automatically Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 16:19:31 +00:00
Nicolas Corrarello	9d78bfa721	Refactoring check for empty accessor as per Vishals suggestion Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 15:58:39 +00:00
Nicolas Corrarello	a3df394134	Pull master into f-nomad Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 15:56:37 +00:00
Nicolas Corrarello	e6b3438d92	Return an error if accesor_id is nil Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 15:18:03 +00:00
Nicolas Corrarello	cfa0715d1e	Returning nil config if is actually nil, and catching the error before creating the client in backend.go Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 11:15:54 +00:00
Nicolas Corrarello	f8babf19ad	Moving LeaseConfig function to path_config_lease.go Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 11:07:17 +00:00
Nicolas Corrarello	1db26e73f4	Return error before creating a client if conf is nil	2017-11-29 11:01:31 +00:00
Nicolas Corrarello	a5f01d49e2	Sanitizing error outputs	2017-11-29 10:58:02 +00:00
Nicolas Corrarello	e3a73ead35	Renaming tokenRaw to accessorIDRaw to avoid confusion, as the token is not being used for revoking itself	2017-11-29 10:48:55 +00:00
Nicolas Corrarello	3134c7262d	Updating descriptions, defaults for roles	2017-11-29 10:44:40 +00:00

... 23 24 25 26 27 ...

2656 Commits