scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-09 16:26:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,722 Commits 2,630 Branches 341 Tags
auto-plugin-update/hashicorp/vault-plugin-database-redis-elasticache/auto-dependency-upgrades
Commit Graph

815 Commits

Author SHA1 Message Date
Brian Kassouf
f2401c0128 Merge branch 'master' into database-refactor 2017-04-12 14:29:10 -07:00
Brian Kassouf
8c264c6070 Add remaining crud functions to plugin catalog and tests 2017-04-12 09:40:54 -07:00
Brian Kassouf
de36d61e5a Mlock the plugin process 2017-04-10 17:12:52 -07:00
Brian Kassouf
9ae5a2aede Add backend test 2017-04-07 15:50:03 -07:00
Brian Kassouf
8e77bd98d8 Move plugin code into sub directory 2017-04-06 12:20:10 -07:00
Brian Kassouf
0da69cf29d Add postgres builtin plugin 2017-04-05 17:19:29 -07:00
Brian Kassouf
8a2e29c607 Refactor to use builtin plugins from an external repo 2017-04-05 16:20:31 -07:00
Brian Kassouf
8f88452fc0 move builtin plugins list to the pluginutil 2017-04-05 11:00:13 -07:00
Jeff Mitchell
cfd522e0f0 Use ParseStringSlice on PKI organization/organizational unit. (#2561) 
After, separately dedup and use new flag to not lowercase value.

Fixes #2555
 2017-04-04 08:54:18 -07:00
Brian Kassouf
ac519abecf Plugin catalog 2017-04-03 17:52:29 -07:00
Brian Kassouf
6de5cfad5e Add functionaility to build db objects from disk so restarts work 2017-03-28 11:30:45 -07:00
Brian Kassouf
e870e399a2 More work on getting tests to pass 2017-03-23 15:54:15 -07:00
Brian Kassouf
a878791480 Update the name of PluginUnwrapTokenEnv 2017-03-16 14:17:44 -07:00
Brian Kassouf
2ef1cbf3a6 Comment and slight refactor of the TLS plugin helper 2017-03-16 14:14:49 -07:00
Brian Kassouf
3890f194a4 Break tls code into helper library 2017-03-16 11:55:21 -07:00
Jeff Mitchell
99a74e323d Use locks in a slice rather than a map, which is faster and makes things cleaner (#2446) 2017-03-07 11:21:32 -05:00
Jeff Mitchell
df575f0b3a Rename helper 'duration' to 'parseutil'. (#2449) 
Add a ParseBool function that accepts various kinds of ways of
specifying booleans.

Have config use ParseBool for UI and disabling mlock/cache.
 2017-03-07 11:21:22 -05:00
Brian Kassouf
9ee0c34179 Allowed/Denied parameters support for globs (#2438) 
* Add check for globbed strings

* Add tests for the acl globbing

* Fix bad test case
 2017-03-03 14:50:55 -08:00
Jeff Mitchell
83845a30fb Clean up request forwarding logic 2017-03-01 18:17:06 -05:00
Jeff Mitchell
d93dcd8a10 Have duration.ParseDurationSecond handle json.Number 2017-03-01 08:32:05 -05:00
Jeff Mitchell
95513e0f1e Add max/min wrapping TTL ACL statements (#2411) 2017-02-27 14:42:00 -05:00
Saj Goonatilleke
9cd9fbbad3 pki: Include private_key_type on DER-formatted responses from /pki/issue/ (#2405) 2017-02-24 11:17:59 -05:00
Jeff Mitchell
8acbdefdf2 More porting from rep (#2388) 
* More porting from rep

* Address review feedback
 2017-02-16 16:29:30 -05:00
Jeff Mitchell
98c7bd6c03 Port some replication bits to OSS (#2386) 2017-02-16 15:15:02 -05:00
Jeff Mitchell
e350a16205 Move ReplicationState to consts 2017-02-16 13:37:21 -05:00
Brian Kassouf
bc16792ffd Load leases into the expiration manager in parallel (#2370) 
* Add a benchmark for exiration.Restore

* Add benchmarks for consul Restore functions

* Add a parallel version of expiration.Restore

* remove debug code

* Up the MaxIdleConnsPerHost

* Add tests for etcd

* Return errors and ensure go routines are exited

* Refactor inmem benchmark

* Add s3 bench and refactor a bit

* Few tweaks

* Fix race with waitgroup.Add()

* Fix waitgroup race condition

* Move wait above the info log

* Add helper/consts package to store consts that are needed in cyclic packages

* Remove not used benchmarks
 2017-02-16 10:16:06 -08:00
Vishal Nayak
37297080f2 cidrutil: added test data points (#2378) 2017-02-16 00:51:02 -05:00
Jeff Mitchell
1f8df18065 Update protos 2017-02-02 16:20:32 -05:00
Roman Vynar
9cdf9f55da Fix cipher preferred order 2017-01-24 09:29:57 +02:00
Jeff Mitchell
dc7e1cc98c Remove comments destined to be outdated 2017-01-23 13:49:15 -05:00
Roman Vynar
51bb8bc544 Added tls_cipher_suites, tls_prefer_server_ciphers config options to listener (#2293) 2017-01-23 13:48:35 -05:00
joe miller
90e32515ea allow roles to set OU value in certificates issued by the pki backend (#2251) 2017-01-23 12:44:45 -05:00
Chris Hoffman
43bae79d01 Adding support for exportable transit keys (#2133) 2017-01-23 11:04:43 -05:00
vishalnayak
a247b959ea Don't sanitize disallowed_policies on token role 2017-01-17 21:34:14 -05:00
Félix Cantournet
0d6d4211b8 all: test: Fix govet warnings 
Fix calls to t.Fatal() with formatting.
Fixed some calls to Fatalf() with wrong formatting
 2016-12-21 19:44:07 +01:00
Brian Nuszkowski
fed61f6c12 Add Duo pushinfo capabilities (#2118) 2016-12-19 15:37:44 -05:00
Vishal Nayak
b4011f7129 Don't add default policy to child token if parent does not have it (#2164) 2016-12-16 00:36:39 -05:00
Jeff Mitchell
24d2f39a7f Don't say mlock is supported on OSX when it isn't. (#2120) 
Fixes #2119
 2016-11-22 12:56:36 -05:00
Jeff Mitchell
7579c50ac9 Bump proto files after update 2016-11-17 10:06:26 -05:00
vishalnayak
484f8993c5 Remove the methods introduced to make the tests work from its older package 2016-10-26 20:03:51 -04:00
vishalnayak
2ac019a9c5 Move policy test to keysutil package 2016-10-26 19:57:28 -04:00
vishalnayak
b30d5f5c57 Pulled out transit's lock manager and policy structs into a helper 2016-10-26 19:52:31 -04:00
vishalnayak
05dace618d Added a few checks to the CIDR Subset checking util 2016-09-28 14:04:02 -04:00
Chris Hoffman
10c8024fa3 Adding support for chained intermediate CAs in pki backend (#1694) 2016-09-27 17:50:17 -07:00
Vishal Nayak
92cb781be9 Merge pull request #1910 from hashicorp/secret-id-cidr-list 
CIDR restrictions on Secret ID
 2016-09-26 10:22:48 -04:00
Jeff Mitchell
721d103f68 Fix parsing env var, needed to be in the helper too 2016-09-23 13:20:26 -04:00
vishalnayak
9dd1a3ce95 Fix zeroAddr check 2016-09-23 12:50:26 -04:00
vishalnayak
7b8683585b Address review feedback 2016-09-22 18:07:35 -04:00
vishalnayak
47771e7da3 Use net.IPv4zero to check for zero address 2016-09-21 20:29:33 -04:00
vishalnayak
8ce3fa75ba Store the CIDR list in the secret ID storage entry. 
Use the stored information to validate the source address and credential issue time.
Correct the logic used to verify BoundCIDRList on the role.
Reverify the subset requirements between secret ID and role during credential issue time.
 2016-09-21 20:19:26 -04:00