scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-02 18:23:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,725 Commits 2,630 Branches 341 Tags
jira-sync-workflow-dispatch
Commit Graph

923 Commits

Author SHA1 Message Date
Jeff Mitchell
3329d38959 Cleanup 2016-08-03 13:09:12 -04:00
vishalnayak
59930fda8f AppRole authentication backend 2016-07-26 09:32:41 -04:00
Jeff Mitchell
948fdeacc3 Explicitly set invalid request status when a password isn't included 2016-07-25 11:14:15 -04:00
Jeff Mitchell
41922b2a9c Don't return 500 for user error in userpass when setting password 2016-07-25 11:09:46 -04:00
Jeff Mitchell
d466462b8d Fix re-specification of filter 2016-07-25 09:08:29 -04:00
Oren Shomron
005cb3e042 LDAP Auth Backend Overhaul 
--------------------------

Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.

Simplified group membership lookup significantly to support multiple use-cases:
  * Enumerating groups via memberOf attribute on user object
  * Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
  * Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule

There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.

Additional changes:
  * Clarify documentation for LDAP auth backend.
  * Reworked how default values are set, added tests
  * Removed Dial from LDAP config read. Network should not affect configuration.
 2016-07-22 21:20:05 -04:00
Jeff Mitchell
c664c4091b Fix panic if no certificates are supplied by client 
Fixes #1637
 2016-07-21 10:20:41 -04:00
Jeff Mitchell
2701ea16d1 Fix build 2016-07-21 09:53:41 -04:00
Jeff Mitchell
d16cefa544 Ensure we never return a nil set of trusted CA certs 
Fixes #1637
 2016-07-21 09:50:31 -04:00
vishalnayak
5b458db104 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
Vishal Nayak
1970ad74d7 Merge pull request #1610 from hashicorp/min-tls-ver-12 
Set minimum TLS version in all tls.Config objects
 2016-07-13 10:53:14 -06:00
vishalnayak
6977bdd490 Handled upgrade path for TLSMinVersion 2016-07-13 12:42:51 -04:00
vishalnayak
98d5684699 Address review feedback 2016-07-13 11:52:26 -04:00
vishalnayak
150cba24a7 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
vishalnayak
ee6ba1e85e Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak
f200a8568b Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak
f59a69bc52 Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC 2016-07-08 18:30:18 -04:00
vishalnayak
ef97199360 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
Jeff Mitchell
b45da486dc Run appid/cert auth tests always 2016-07-01 14:06:33 -04:00
Jeff Mitchell
133b39fab8 Always run userpass acceptance tests 2016-07-01 11:37:38 -04:00
Jeff Mitchell
c3e38d4b29 Fix up breakage from bumping deps 2016-06-30 14:31:41 -04:00
vishalnayak
817dd0f44c Fix broken build 2016-06-21 18:25:36 -04:00
vishalnayak
498bd58e6f Print role name in the error message 2016-06-21 17:53:33 -04:00
Vishal Nayak
053f3b78aa Merge pull request #1523 from hashicorp/bind-account-id-aws-ec2 
Added bound_account_id to aws-ec2 auth backend
 2016-06-21 10:03:20 -04:00
vishalnayak
e18341253a Correct casing of abbreviations 2016-06-21 10:02:22 -04:00
Vishal Nayak
55757decec Merge pull request #1514 from hashicorp/backend-return-objects 
Backend() functions should return 'backend' objects.
 2016-06-20 19:30:00 -04:00
vishalnayak
294c399c24 aws-ec2: added a nil check for storedIdentity in login renewal 2016-06-20 10:19:57 -04:00
vishalnayak
ddae851f0d Replace an 'if' block with 'switch' 2016-06-17 12:35:44 -04:00
vishalnayak
0d3973b1fa Merge branch 'master-oss' into bind-account-id-aws-ec2 
Conflicts:
	builtin/credential/aws-ec2/backend_test.go
	builtin/credential/aws-ec2/path_login.go
	builtin/credential/aws-ec2/path_role.go
 2016-06-14 14:46:08 -04:00
Ivan Fuyivara
5409a43d5a fixing the test for the wrong IAM Role ARN 2016-06-14 18:17:41 +00:00
Ivan Fuyivara
6fd7e798c8 added tests, nil validations and doccumentation 2016-06-14 16:58:50 +00:00
vishalnayak
baac0975ea Added bound_account_id to aws-ec2 auth backend 2016-06-14 11:58:19 -04:00
Ivan Fuyivara
408e7840b0 fixing spaces 2016-06-14 14:57:46 +00:00
root
e77652d15d adding IAM Role as constrain 2016-06-14 14:49:36 +00:00
vishalnayak
e5218943a8 Added bound_ami_id check 2016-06-13 08:56:39 -04:00
vishalnayak
cfe0aa860e Backend() functions should return 'backend' objects. 
If they return pointers to 'framework.Backend' objects, the receiver functions can't be tested.
 2016-06-10 15:53:02 -04:00
vishalnayak
4e38509ac2 s/VAULT_GITHUB_AUTH_TOKEN/VAULT_AUTH_GITHUB_TOKEN 2016-06-09 14:00:56 -04:00
Jeff Mitchell
ed82efbccc Merge pull request #1510 from hashicorp/fix-gh-renew-panic 
Fix panic when renewing a github token from a previous version of Vault
 2016-06-09 13:54:20 -04:00
Jeff Mitchell
6c76bcd3b6 xInt->xRaw 2016-06-09 13:54:04 -04:00
vishalnayak
0bea4ff7ff Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token 2016-06-09 13:45:56 -04:00
Jeff Mitchell
99235e83c7 Fix panic when renewing a github token from a previous version of Vault 2016-06-09 13:37:09 -04:00
Jeff Mitchell
e2afdc5e4c Merge pull request #1479 from hashicorp/reuse-be-creation-tests 
Change AWS/SSH to reuse backend creation code for test functions
 2016-06-03 09:59:37 -04:00
vishalnayak
65de9cb01a Remove failOnError method from cert tests 2016-06-01 16:01:28 -04:00
Jeff Mitchell
551f4a8606 Change AWS/SSH to reuse backend creation code for test functions 2016-06-01 12:17:47 -04:00
Vishal Nayak
2500218a9c Merge pull request #1471 from hashicorp/rename-aws-auth 
auth backend: rename `aws` as `aws-ec2`
 2016-06-01 10:41:13 -04:00
vishalnayak
386abbad9e Address review feedback 2016-06-01 10:36:58 -04:00
vishalnayak
2265d1a890 Use entry.Type as a criteria for upgrade 2016-06-01 10:30:11 -04:00
Jeff Mitchell
74a1e3bd61 Remove most Root paths 2016-05-31 23:42:54 +00:00
vishalnayak
b3ca9cf14b Rename aws as aws-ec2 2016-05-30 14:11:15 -04:00
vishalnayak
e4d98dfc9b rename credential/aws as credential/aws-ec2 2016-05-30 14:11:15 -04:00