scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-04 19:15:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,305 Commits 2,630 Branches 341 Tags
9be11282019932f87c62cb15ae23f9db4c7f144f
Commit Graph

1080 Commits

Author SHA1 Message Date
Brian Kassouf
03e2bcbc79 Update Type() to return an error 2017-04-12 16:41:06 -07:00
Brian Kassouf
f2401c0128 Merge branch 'master' into database-refactor 2017-04-12 14:29:10 -07:00
Brian Kassouf
8f75c30311 Update help text and comments 2017-04-11 11:50:34 -07:00
Brian Kassouf
da4d9a8b4f Remove unnecessary abstraction 2017-04-10 18:38:34 -07:00
Brian Kassouf
de36d61e5a Mlock the plugin process 2017-04-10 17:12:52 -07:00
Brian Kassouf
f54c4de98a Add a flag to tell plugins to verify the connection was successful 2017-04-10 15:36:59 -07:00
Brian Kassouf
64efc505c8 Update plugin test 2017-04-10 14:12:28 -07:00
Brian Kassouf
73f66f89cd Update the interface for plugins removing functions for creating creds 2017-04-10 12:24:16 -07:00
Brian Kassouf
3c1c388589 Update backend tests 2017-04-10 10:35:16 -07:00
Brian Kassouf
9ae5a2aede Add backend test 2017-04-07 15:50:03 -07:00
Shivaram Lingamneni
7cbc5d6e05 implement a no_store option for pki roles (#2565) 2017-04-07 11:25:47 -07:00
Jeff Mitchell
14c0000169 Update SSH CA documentation 
Fixes #2551
Fixes #2569
 2017-04-07 11:59:25 -04:00
Brian Kassouf
8e77bd98d8 Move plugin code into sub directory 2017-04-06 12:20:10 -07:00
Brian Kassouf
8a2e29c607 Refactor to use builtin plugins from an external repo 2017-04-05 16:20:31 -07:00
Calvin Leung Huang
73a2cdf6a5 Do not mark conn as initialized until the end (#2567) 2017-04-04 14:26:59 -07:00
Brian Kassouf
df944f2d92 Don't return strings, always structs 2017-04-04 11:33:58 -07:00
Calvin Leung Huang
8e3cb50bfc Database refactor invalidate (#2566) 
* WIP on invalidate function

* cassandraConnectionProducer has Close()

* Delete database from connections map on successful db.Close()

* Move clear connection into its own func

* Use const for database config path
 2017-04-04 11:32:42 -07:00
Jeff Mitchell
cfd522e0f0 Use ParseStringSlice on PKI organization/organizational unit. (#2561) 
After, separately dedup and use new flag to not lowercase value.

Fixes #2555
 2017-04-04 08:54:18 -07:00
Brian Kassouf
1faa5fc020 On change of configuration rotate the database type 2017-04-03 18:30:38 -07:00
Brian Kassouf
b54e1cd295 Merge branch 'database-refactor' of github.com:hashicorp/vault into database-refactor 2017-04-03 17:52:41 -07:00
Brian Kassouf
ac519abecf Plugin catalog 2017-04-03 17:52:29 -07:00
Calvin Leung Huang
2b08521ab6 Database refactor mssql (#2562) 
* WIP on mssql secret backend refactor

* Add RevokeUser test, and use sqlserver driver internally

* Remove debug statements

* Fix code comment
 2017-04-03 09:59:30 -07:00
Brian Kassouf
1d3d3b7803 fix for plugin commands that have more than one paramater 2017-03-28 14:37:57 -07:00
Brian Kassouf
8ef78f0610 Add comments to connection and credential producers 2017-03-28 13:08:11 -07:00
Brian Kassouf
947fd66480 Cleanup the db factory code and add comments 2017-03-28 12:57:30 -07:00
Brian Kassouf
0c562fa3d7 Update tests 2017-03-28 12:20:17 -07:00
Brian Kassouf
6de5cfad5e Add functionaility to build db objects from disk so restarts work 2017-03-28 11:30:45 -07:00
Brian Kassouf
d93378bb29 Fix for checking types of database on update 2017-03-28 10:04:42 -07:00
Brian Kassouf
b2c4555c1f Wrap the database calls with tracing information 2017-03-27 15:17:28 -07:00
Brian Kassouf
ca026c6cfd Remove the unused sync.Once object 2017-03-27 11:46:20 -07:00
Brian Kassouf
e870e399a2 More work on getting tests to pass 2017-03-23 15:54:15 -07:00
Brian Kassouf
a1b72465dd Remove unsused code block 2017-03-22 17:09:39 -07:00
Brian Kassouf
cab491f7b7 s/postgres/mysql/ 2017-03-22 16:44:33 -07:00
Brian Kassouf
73e553af95 Add test files for postgres and mysql databases 2017-03-22 16:39:08 -07:00
Brian Kassouf
9aaec25a4e Add a error message for empty creation statement 2017-03-22 12:40:16 -07:00
Brian Kassouf
1be813605f Fix race with deleting the connection 2017-03-22 09:54:19 -07:00
Brian Kassouf
2d6f36df17 Add a delete method 2017-03-21 17:19:30 -07:00
Brian Kassouf
2fdb3422a9 Verify connections regardless of if this connections is already existing 2017-03-21 16:05:59 -07:00
Vishal Nayak
16d41a8b28 sshca: ensure atleast cert type is allowed (#2508) 2017-03-19 18:58:48 -04:00
Brian Kassouf
ff6749b198 Comment and fix plugin Type function 2017-03-16 18:24:56 -07:00
Brian Kassouf
404596e261 Change the handshake config from the default 2017-03-16 17:51:25 -07:00
Brian Kassouf
4043f533b8 Add a secure config to verify the checksum of the plugin 2017-03-16 16:20:18 -07:00
Brian Kassouf
2ef1cbf3a6 Comment and slight refactor of the TLS plugin helper 2017-03-16 14:14:49 -07:00
Brian Kassouf
3890f194a4 Break tls code into helper library 2017-03-16 11:55:21 -07:00
Jeff Mitchell
3f67ab489a Ensure CN check is made when exclude_cn_from_sans is used 
Fixes #2363
 2017-03-16 11:41:13 -04:00
Jeff Mitchell
a5d1808efe Always include a hash of the public key and "vault" (to know where it (#2498) 
came from) when generating a cert for SSH.

Follow on from #2494
 2017-03-16 11:14:17 -04:00
Mike Okner
6f84f7ffd0 Adding allow_user_key_ids field to SSH role config (#2494) 
Adding a boolean field that determines whether users will be allowed to
set the ID of the signed SSH key or whether it will always be the token
display name.  Preventing users from changing the ID and always using
the token name is useful for auditing who actually used a key to access
a remote host since sshd logs key IDs.
 2017-03-16 08:45:11 -04:00
Brian Kassouf
5b05f62fa3 Work on TLS communication over plugins 2017-03-15 17:14:48 -07:00
Jeff Mitchell
688104e69a Allow roles to specify whether CSR SANs should be used instead of (#2489) 
request values. Fix up some documentation.

Fixes #2451
Fixes #2488
 2017-03-15 14:38:18 -04:00
Jeff Mitchell
799000be20 Set CA chain when intermediate does not have an authority key ID. 
This is essentially an approved review of the code provided in #2465.

Fixes #2465
 2017-03-15 11:52:02 -04:00