scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-08 21:15:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,725 Commits 2,630 Branches 341 Tags
jira-sync-workflow-dispatch
Commit Graph

923 Commits

Author SHA1 Message Date
vishalnayak
ac5ceae0bd Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell
f5f9c098b7 Some fixups around error/warning in LDAP 2016-04-02 13:33:00 -04:00
Jeff Mitchell
aca4e79ac6 If no group DN is configured, still look for policies on local users and 
return a warning, rather than just trying to do an LDAP search on an
empty string.
 2016-04-02 13:11:36 -04:00
Jeff Mitchell
aa6a5fa25b Fix potential error scoping issue. 
Ping #1262
 2016-03-30 19:48:23 -04:00
Jeff Mitchell
8926a7c7c7 Check for nil connection back from go-ldap, which apparently can happen even with no error 
Ping #1262
 2016-03-29 10:00:04 -04:00
Jeff Mitchell
a938ce4e70 Removing debugging comment 2016-03-24 09:48:13 -04:00
Jeff Mitchell
7ce9701800 Properly check for policy equivalency during renewal. 
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
 2016-03-24 09:41:51 -04:00
leon
8ebacbc563 - updated LDAP group search by iterating through all the attributes and searching for CN value instead of assuming the CN is always the first attribute from the RDN list 2016-03-21 19:44:08 +02:00
leon
df96234ac9 - added another method to search LDAP groups by querying the userDN for memberOf attribute 2016-03-21 16:55:38 +02:00
Jeff Mitchell
6d249ec59b Don't renew cert-based tokens if the policies have changed. 
Also, add cert renewal testing.

Fixes #477
 2016-03-17 14:22:24 -04:00
Jeff Mitchell
d887ecbd33 Normalize userpass errors around bad user/pass 2016-03-16 15:19:55 -04:00
Jeff Mitchell
33c2641568 Use 400 instead of 500 for failing to provide a userpass password. 2016-03-16 15:14:28 -04:00
vishalnayak
4ae83b7cc8 Add comments to existence functions 2016-03-16 14:53:53 -04:00
vishalnayak
6f2b428379 Addessing review comments 2016-03-16 14:21:14 -04:00
vishalnayak
cfbab2c66f Refactor updating user values 2016-03-16 13:42:02 -04:00
vishalnayak
59054298b8 Reduce the visibility of setUser 2016-03-16 11:39:52 -04:00
vishalnayak
b8e007c195 Use helper for existence check. Avoid panic by fetching default values for field data 2016-03-16 11:26:33 -04:00
vishalnayak
91f4aab933 Input validations and field renaming 2016-03-15 17:47:13 -04:00
vishalnayak
5249c0d5e0 Refactor updating and creating userEntry into a helper function 2016-03-15 17:32:39 -04:00
vishalnayak
c29a121816 Fetch and store UserEntry to properly handle both create and update 2016-03-15 17:05:23 -04:00
vishalnayak
0e1769dd5d Change path structure of password and policies endpoints in userpass 2016-03-15 16:46:12 -04:00
vishalnayak
cad1ee3a85 Reuse the variable instead of fetching 'name' again 2016-03-15 16:21:47 -04:00
vishalnayak
e51661c714 Added paths to update policies and password 2016-03-15 16:12:55 -04:00
vishalnayak
aa8926912a Tests for updating password and policies in userpass backend 2016-03-15 16:09:23 -04:00
vishalnayak
1980d0f1cc Userpass: Support updating policies and password 2016-03-15 15:18:21 -04:00
Jeff Mitchell
52c438062e Add forgotten test 2016-03-15 14:18:35 -04:00
Jeff Mitchell
f52004e12a Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
Jeff Mitchell
6468cf394f Add the ability to specify the app-id in the login path. 
This makes it easier to use prefix revocation for tokens.

Ping #424
 2016-03-14 16:24:01 -04:00
Vishal Nayak
fd707634d6 Merge pull request #1190 from grunzwei/master 
fix github tests to use the provided GITHUB_ORG environment variable
 2016-03-09 09:51:28 -05:00
Nathan Grunzweig
3a98f99aa7 fix github tests to use the provided GITHUB_ORG environment variable 
(tests fail for non hashicorp people)
 2016-03-09 15:34:03 +02:00
Jeff Mitchell
a7ed66a90b Add subject/authority key id to cert metadata 2016-03-07 14:59:00 -05:00
Jeff Mitchell
7ef904b930 Use better error message on LDAP renew failure 2016-03-07 09:34:16 -05:00
vishalnayak
4d5634528c continue if non-CA policy is not found 2016-03-01 16:43:51 -05:00
vishalnayak
86df49b992 Added ExtKeyUsageAny, changed big.Int comparison and fixed code flow 2016-03-01 16:37:01 -05:00
vishalnayak
d8213e8094 corrections, policy matching changes and test cert changes 2016-03-01 16:37:01 -05:00
vishalnayak
9e610f6417 Added testcase for cert writes 2016-03-01 16:37:01 -05:00
vishalnayak
c506988cde supporting non-ca certs for verification 2016-03-01 16:37:01 -05:00
vishalnayak
9fbfd1aff2 moved the test cert keys to appropriate test-fixtures folder 2016-02-29 15:49:08 -05:00
vishalnayak
b3d639a29f fixed the error log message 2016-02-29 10:41:10 -05:00
vishalnayak
48f3f4b5d0 replaced old certs, with new certs generated from PKI backend, containing IP SANs 2016-02-28 22:15:54 -05:00
Jeff Mitchell
6018c88708 Remove root token requirement from GitHub configuration 2016-02-25 08:51:53 -05:00
vishalnayak
9280dda5f4 rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
vishalnayak
18a7464e76 make the verification of certs in renewal configurable 2016-02-24 16:42:20 -05:00
vishalnayak
5deaf9121a Cert: renewal enhancements 2016-02-24 14:31:38 -05:00
vishalnayak
fc08007106 check CIDR block for renewal as well 2016-02-24 10:55:31 -05:00
vishalnayak
72b0390c9e Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Jeff Mitchell
e065a1cd22 Remove root requirement for certs/ and crls/ in TLS auth backend. 
Fixes #468
 2016-02-21 15:33:33 -05:00
Jeff Mitchell
65494f8268 Merge pull request #1100 from hashicorp/issue-1030 
Properly escape filter values in LDAP filters
 2016-02-19 14:56:40 -05:00
Jeff Mitchell
73e84b8c38 Address some feedback on ldap escaping help text 2016-02-19 13:47:26 -05:00
Jeff Mitchell
a2aad0bbd6 Properly escape filter values. 
Fixes #1030
 2016-02-19 13:16:52 -05:00