scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-25 23:07:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,495 Commits 2,630 Branches 341 Tags
98fada78e46cdebeb80098ea44aae7b62ce937f3
Commit Graph

2495 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
98fada78e4 Fix test on 1.6 by comparing to nil instead of a nil-defined map 2016-01-22 21:26:06 -05:00
Jeff Mitchell
d343e5f4df changelog++ 2016-01-22 21:24:25 -05:00
Jeff Mitchell
233e07f8d6 Merge pull request #954 from hashicorp/backend-tainted-view 
Allow backends to see taint status.
 2016-01-22 21:23:12 -05:00
Jeff Mitchell
e734c1befd Merge pull request #957 from rajanadar/patch-1 
update sys-init.html.md
 2016-01-22 19:57:20 -05:00
Raja Nadar
d484f25578 update sys-init.html.md 
change response field from 'initialize' to 'initialized'
 2016-01-22 16:45:59 -08:00
Jeff Mitchell
cf95982d80 Allow backends to see taint status. 
This can be seen via System(). In the PKI backend, if the CA is
reconfigured but not fully (e.g. an intermediate CSR is generated but no
corresponding cert set) and there are already leases (issued certs), the
CRL is unable to be built. As a result revocation fails. But in this
case we don't actually need revocation to be successful since the CRL is
useless after unmounting. By checking taint status we know if we can
simply fast-path out of revocation with a success in this case.

Fixes #946
 2016-01-22 17:01:22 -05:00
Jeff Mitchell
2d89831f3f changelog++ 2016-01-22 13:09:21 -05:00
Jeff Mitchell
1533fccd23 Merge pull request #953 from hashicorp/init-check 
Add -check flag to init.
 2016-01-22 13:08:31 -05:00
Jeff Mitchell
479775806e Add -check flag to init. 
Fixes #949
 2016-01-22 13:06:40 -05:00
Jeff Mitchell
e59a049f42 changelog++ 2016-01-22 10:22:43 -05:00
Jeff Mitchell
6ece93f583 Merge pull request #617 from hashicorp/f-passthrough-list 
Basic list support
 2016-01-22 10:15:08 -05:00
Jeff Mitchell
f8a37df06e Add some commenting 2016-01-22 10:13:49 -05:00
Jeff Mitchell
7fd1c8534e 0.7 -> 1.0 2016-01-22 10:07:32 -05:00
Jeff Mitchell
bebdd2f664 Address more list feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell
9eaef0a2a1 Update documentation and use ParseBool for list query param checking 2016-01-22 10:07:32 -05:00
Jeff Mitchell
7f8da9efa1 Error out if trying to write to a directory path 2016-01-22 10:07:32 -05:00
Jeff Mitchell
cc0d88cabe Address some listing review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell
2667f08f97 Only allow listing on folders and enforce this. Also remove string sorting from Consul backend as it's not a requirement and other backends don't do it. 2016-01-22 10:07:32 -05:00
Jeff Mitchell
f1b843d773 Remove bare option, prevent writes ending in slash, and return an exact file match as "." 2016-01-22 10:07:32 -05:00
Jeff Mitchell
f8e569ae0a Address some review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell
2613343c3d Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell
41332a692b Fix body closing in List method 2016-01-22 10:07:32 -05:00
Jeff Mitchell
4b67fd139f Add list capability, which will work with the generic and cubbyhole 
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
 2016-01-22 10:07:32 -05:00
Jeff Mitchell
fdc7e717ee Add handling of LIST verb to logical router 2016-01-22 10:07:32 -05:00
Jeff Mitchell
eaba2b9df3 Add C# library and do some reorg on the library page 2016-01-22 10:03:02 -05:00
Jeff Mitchell
ac4a0556bd changelog++ 2016-01-21 16:30:50 -05:00
Jeff Mitchell
a2debd4b61 Update godeps to include STS stuff in AWS and others 2016-01-21 16:27:36 -05:00
Jeff Mitchell
5de04e1810 Merge pull request #927 from urq/feature-sts 
Adding STS to the aws backend
 2016-01-21 15:43:39 -05:00
Dmitriy Gromov
df65547eca STS now uses root vault user for keys 
The secretAccessKeysRevoke revoke function now asserts that it is
not dealing with STS keys by checking a new internal data flag. Defaults
to IAM when the flag is not found.

Factored out genUsername into its own function to share between STS and
IAM secret creation functions.

Fixed bad call to "WriteOperation" instead of "UpdateOperation" in
aws/backend_test
 2016-01-21 15:04:16 -05:00
Dmitriy Gromov
ea1e29fa33 Renamed sts duration to ttl and added STS permissions note. 2016-01-21 14:28:34 -05:00
Dmitriy Gromov
e13f58713e documenting the new aws/sts endpoint 2016-01-21 14:05:10 -05:00
Dmitriy Gromov
b37a963841 Removing debug print statement from sts code 2016-01-21 14:05:10 -05:00
Dmitriy Gromov
6f50cd9439 Fixed duration type and added acceptance test for sts 2016-01-21 14:05:10 -05:00
Dmitriy Gromov
522e8a3450 Configurable sts duration 2016-01-21 14:05:09 -05:00
Jack DeLoach
d206599b80 Add STS path to AWS backend. 
The new STS path allows for obtaining the same credentials that you would get
from the AWS "creds" path, except it will also provide a security token, and
will not have an annoyingly long propagation time before returning to the user.
 2016-01-21 14:05:09 -05:00
Jeff Mitchell
4fc58e8b41 Merge pull request #895 from nickithewatt/aws-prexisting-policies 
Allow use of pre-existing policies for AWS users
 2016-01-21 13:23:37 -05:00
Jeff Mitchell
034d78cbb5 Add generate-root info to changelog 2016-01-21 12:37:26 -05:00
Jeff Mitchell
55212cffa3 Merge pull request #915 from hashicorp/generate-root 
Add the ability to generate root tokens via unseal keys.
 2016-01-21 12:31:37 -05:00
Jeff Mitchell
2c4da115ff Add -decode flag verification 2016-01-21 12:18:57 -05:00
Jeff Mitchell
e816b9d477 Pull out setting the root token ID; use the new ParseUUID method in 
go-uuid instead, and revoke if there is an error.
 2016-01-19 19:44:33 -05:00
Jeff Mitchell
152f4a9391 Fix lost code after rebase 2016-01-19 19:19:07 -05:00
Jeff Mitchell
e9538f1441 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell
a25514d4f7 Address most of the review feedback 2016-01-19 18:28:10 -05:00
Jeff Mitchell
4cc7694a3a Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell
60303244bc Merge pull request #943 from imjorge/patch-1 
/encryption key/master key/
 2016-01-19 12:51:45 -07:00
Jorge Ferreira
ed5de6b33a /encryption key/master key/ 2016-01-19 15:42:50 +00:00
Jeff Mitchell
3d7947b05b changelog++ 2016-01-18 17:05:51 -05:00
Jeff Mitchell
aa9da9aa64 Merge pull request #941 from hashicorp/armored-pgp-keys 
Allow ASCII-armored PGP pub keys to be passed into -pgp-keys.
 2016-01-18 15:03:08 -07:00
Jeff Mitchell
3ecd88bd5c Allow ASCII-armored PGP pub keys to be passed into -pgp-keys. 
Fixes #940
 2016-01-18 17:01:52 -05:00
Jeff Mitchell
0e2a0cd5b5 Merge pull request #937 from hashicorp/cubbyhole-existence-check 
Implement existence check for cubbyhole
 2016-01-16 17:35:38 -07:00