scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-23 05:14:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,722 Commits 2,630 Branches 341 Tags
auto-plugin-update/hashicorp/vault-plugin-database-redis-elasticache/auto-dependency-upgrades
Commit Graph

2656 Commits

Author SHA1 Message Date
vishalnayak
0b233b3fa1 Fix incorrect naming of bound_iam_instance_profile_arn 2016-09-23 11:22:23 -04:00
vishalnayak
fb2f7f27ba Fix ssh tests 2016-09-22 11:37:55 -04:00
vishalnayak
8ce3fa75ba Store the CIDR list in the secret ID storage entry. 
Use the stored information to validate the source address and credential issue time.
Correct the logic used to verify BoundCIDRList on the role.
Reverify the subset requirements between secret ID and role during credential issue time.
 2016-09-21 20:19:26 -04:00
vishalnayak
7f89bb5f68 Pass only valid inputs to validation methods 2016-09-21 15:44:54 -04:00
vishalnayak
c93bded97b Added cidrutil helper 2016-09-21 13:58:32 -04:00
Jeff Mitchell
902067d620 Ensure upgrades have a valid HMAC key 2016-09-21 11:10:57 -04:00
Jeff Mitchell
8482118ac6 Transit and audit enhancements 2016-09-21 10:49:26 -04:00
Chris Hoffman
cd567eb480 Renaming ttl_max -> max_ttl in mssql backend (#1905) 2016-09-20 12:39:02 -04:00
Vishal Nayak
ee22bb4f29 Merge pull request #1897 from hashicorp/secret-id-accessor-locks 
Safely manipulate secret id accessors
 2016-09-19 11:37:38 -04:00
vishalnayak
c44f1c9817 s/GetOctalFormatted/GetHexFormatted 2016-09-16 17:47:15 -04:00
Jeff Mitchell
6f6d1f7237 Rename GetOctalFormatted and add serial number to ParsedCertBundle. Basically a noop. 2016-09-16 11:05:43 -04:00
vishalnayak
32a8ab3cc7 Safely manipulate secret id accessors 2016-09-15 18:13:50 -04:00
Vishal Nayak
f3306fdb31 Merge pull request #1886 from hashicorp/approle-upgrade-notes 
upgrade notes entry for approle constraint and warning on role read
 2016-09-15 12:14:01 -04:00
vishalnayak
7d4edbde69 check for nil role 2016-09-15 12:10:40 -04:00
vishalnayak
9fb11c4403 Address review feedback 2016-09-15 11:41:52 -04:00
vishalnayak
55c6c0da73 s/disableReauthenticationNonce/reauthentication-disabled-nonce 2016-09-15 11:29:02 -04:00
vishalnayak
e9c8555d12 Updated docs with nonce usage 2016-09-14 19:31:09 -04:00
vishalnayak
097e6031c6 Added comment 2016-09-14 18:27:35 -04:00
vishalnayak
daf7c63225 Disable reauthentication if nonce is explicitly set to empty 2016-09-14 17:58:00 -04:00
vishalnayak
ddb0639a13 address review feedback 2016-09-14 14:28:02 -04:00
vishalnayak
fb04d06b9b Remove the client nonce being empty check 2016-09-14 14:28:02 -04:00
vishalnayak
2de4c8bef2 Generate the nonce by default 2016-09-14 14:28:02 -04:00
vishalnayak
5e7e30e33c address review feedback 2016-09-14 12:08:35 -04:00
vishalnayak
75615d9d56 Use constant time comparisons for client nonce 2016-09-13 20:12:43 -04:00
vishalnayak
dbb3f49438 Address review feedback 2016-09-13 18:30:04 -04:00
Jeff Mitchell
ea4fcb2927 Only use running state for checking if instance is alive. (#1885) 
Fixes #1884
 2016-09-13 18:08:05 -04:00
vishalnayak
de334d1688 upgrade notes entry for approle constraint and warning on role read 2016-09-13 17:44:07 -04:00
vishalnayak
166d67c0a8 Ensure at least one constraint on the role 2016-09-13 16:03:15 -04:00
Jeff Mitchell
cf05edaf18 Allow encrypting empty ciphertext values. (#1881) 
Replaces #1874
 2016-09-13 12:00:04 -04:00
vishalnayak
f563f38748 Use uuid.GenerateRandomBytes 2016-09-09 14:17:09 -04:00
vishalnayak
70246395d6 Not exposing structs from the backend's package 2016-09-01 11:57:28 -04:00
Jeff Mitchell
201cd2e1f7 Use unexported kdf const names 2016-08-31 07:19:58 -04:00
Vishal Nayak
763ab83d34 Merge pull request #1799 from hashicorp/fix-role-locking 
approle: fix racy updates problem for roles
 2016-08-30 16:46:40 -04:00
vishalnayak
7c743ecd0a Address review feedback 2016-08-30 16:36:58 -04:00
Jeff Mitchell
9a97f436ef Use hkdf for transit key derivation for new keys (#1812) 
Use hkdf for transit key derivation for new keys
 2016-08-30 16:29:09 -04:00
vishalnayak
edd7b3deb5 approle: fix racy updates problem for roles 2016-08-30 16:11:14 -04:00
vishalnayak
8cc5cdb746 STS path field description update 2016-08-30 10:53:21 -04:00
vishalnayak
39b75c6ae9 Added UpdateOperation to logical AWS STS path 2016-08-30 10:30:13 -04:00
Vishal Nayak
fb775993f3 Merge pull request #1804 from hashicorp/issue-1800 
Mark STS secrets as non-renwable
 2016-08-29 11:46:19 -04:00
navinanandaraj
7fbdf927c1 Fixes #1801 Reuse Cassandra session object for create creds (#1802) 2016-08-28 17:32:41 -04:00
Jeff Mitchell
9cd4243362 Mark STS secrets as non-renwable 
Ping #1800
 2016-08-28 14:27:56 -04:00
Jeff Mitchell
a542df0173 Derive nonce fully in convergent mode (#1796) 
Ping #1794
 2016-08-26 17:01:56 -04:00
Jeff Mitchell
c9aa308804 Use key derivation for convergent nonce. (#1794) 
Use key derivation for convergent nonce.

Fixes #1792
 2016-08-26 14:11:03 -04:00
Jeff Mitchell
c2f3c465d3 Decode secret internal data into struct and fix type assertion. (#1781) 2016-08-24 15:04:04 -04:00
Jeff Mitchell
6beadc1e1c Merge pull request #1755 from hashicorp/logxi 
Convert to logxi
 2016-08-21 19:28:18 -04:00
Jeff Mitchell
68345eb770 Convert to logxi 2016-08-21 18:13:37 -04:00
vishalnayak
7d772e445f Extract out common code 2016-08-21 15:46:11 -04:00
vishalnayak
1a62fb64c2 Seperate endpoints for read/delete using secret-id and accessor 2016-08-21 14:42:49 -04:00
Jeff Mitchell
357ecb4dfe gofmt 2016-08-19 16:48:32 -04:00
vishalnayak
0fbc9b1d7b Pretty print the warning 2016-08-18 16:09:10 -04:00