mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-14 18:47:01 +02:00
Code Issues Projects Releases Wiki Activity
7,543 Commits 2,844 Branches 445 Tags 448 MiB
29551c0b1b
Commit Graph

26 Commits

Author SHA1 Message Date
Jeff Mitchell
3d7d2a01dd
Add a sysview call to determine if a mount is local. (#3899) 
This is useful for deciding when to run upgrade logic, e.g. if on a
performance secondary but local it's fine to run.
 2018-02-02 18:17:12 -05:00
Brian Kassouf
8142b42d95 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Brian Kassouf
c825362304 PR comments 2017-05-04 10:41:59 -07:00
Brian Kassouf
4c306bd76e Change MlockDisabled to MlockEnabled 2017-04-24 12:21:49 -07:00
Brian Kassouf
4cda9ea3fe Update the ResponseWrapData function to return a wrapping.ResponseWrapInfo object 2017-04-24 12:15:01 -07:00
Brian Kassouf
8f75c30311 Update help text and comments 2017-04-11 11:50:34 -07:00
Brian Kassouf
de36d61e5a Mlock the plugin process 2017-04-10 17:12:52 -07:00
Brian Kassouf
ac519abecf Plugin catalog 2017-04-03 17:52:29 -07:00
Brian Kassouf
5b05f62fa3 Work on TLS communication over plugins 2017-03-15 17:14:48 -07:00
Jeff Mitchell
e350a16205 Move ReplicationState to consts 2017-02-16 13:37:21 -05:00
Jeff Mitchell
9cbfd2976a Port over some work to make the system views a bit nicer 2017-01-13 14:51:27 -05:00
Armon Dadgar
745df0a88c Adding interface methods to logical.Backend for parity (#2242) 2017-01-07 18:18:22 -05:00
Jeff Mitchell
32601f4424 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
Jeff Mitchell
b18854be70 Plumb disabling caches through the policy store 2016-05-02 22:36:44 -04:00
Jeff Mitchell
cf95982d80 Allow backends to see taint status. 
This can be seen via System(). In the PKI backend, if the CA is
reconfigured but not fully (e.g. an intermediate CSR is generated but no
corresponding cert set) and there are already leases (issued certs), the
CRL is unable to be built. As a result revocation fails. But in this
case we don't actually need revocation to be successful since the CRL is
useless after unmounting. By checking taint status we know if we can
simply fast-path out of revocation with a success in this case.

Fixes #946
 2016-01-22 17:01:22 -05:00
vishalnayak
33b7705474 Take ClientToken instead of Policies 2015-09-21 10:04:03 -04:00
vishalnayak
7060670515 Abstraced SudoPrivilege to take list of policies 2015-09-19 18:23:44 -04:00
vishalnayak
b3647b3323 Using acl.RootPrivilege and rewrote mockTokenStore 2015-09-19 17:53:24 -04:00
vishalnayak
6bb58f9e69 fix broken tests 2015-09-19 12:33:52 -04:00
vishalnayak
4474e04ed1 TokenStore: Provide access based on sudo permissions and not policy name 2015-09-19 11:14:51 -04:00
Jeff Mitchell
4eb9cd4c28 Remove error returns from sysview TTL calls 2015-09-10 15:09:54 -04:00
Jeff Mitchell
dd8ac00daa Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
Jeff Mitchell
aadf039368 Add DynamicSystemView. This uses a pointer to a pointer to always have 
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.

Need specific unit tests for this functionality.
 2015-09-10 15:09:54 -04:00
Jeff Mitchell
6e0cee3ef4 Switch StaticSystemView values to pointers, to support updating 2015-09-10 15:09:54 -04:00
Jeff Mitchell
fbb58340b3 Whitespace fix 2015-08-27 12:14:51 -07:00
Jeff Mitchell
e1262963ba SystemConfig -> SystemView 2015-08-27 11:38:05 -07:00