mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-13 18:17:02 +02:00
Code Issues Projects Releases Wiki Activity
20,405 Commits 2,841 Branches 445 Tags 446 MiB
415d260995
Commit Graph

22 Commits

Author SHA1 Message Date
John-Michael Faircloth
7d575bf979
auth/ldap: fix login errors (#26200) 
* auth/ldap: fix login errors

This fixes 2 ldap auth login errors

* Missing entity alias attribute value
  * Vault relies on case insensitive user attribute keys for mapping user
    attributes to entity alias metadata. This sets the appropriate
    configs in the cap library.

* ldap group search anonymous bind regression
  * Anonymous group searches can be rejected by some LDAP servers if
    they contain a userDN. This sets the configs in the cap library to
    specify unauthenticated binds for anonymous group searches should
    exclude a DN.

Closes https://github.com/hashicorp/vault/issues/26171
Closes https://github.com/hashicorp/vault/issues/26183

* changelog

* go mod tidy

* go get cap/ldap@latest and go mod tidy
 2024-03-28 13:45:43 -05:00
Josh Black
fa13dbd381
add gosimport to make fmt and run it (#25383) 
* add gosimport to make fmt and run it

* move installation to tools.sh

* correct weird spacing issue

* Update Makefile

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* fix a weird issue

---------

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
 2024-02-13 14:07:02 -08:00
Raymond Ho
018e5675fe
VAULT 18227/introduce cap ldap library (#22185) 2023-09-14 10:26:29 -07:00
Luis (LT) Carbonell
21b3262e9f
Correct Default for MaximumPageSize (#20453) 
* default max page size for config

* Add changelog

* update test int to *int

* add testing defaults

* update default to -1, i.e. dont paginate

* update test

* Add error message for invalid search

* Make 0 the default

* cleanup

* Add to known issues doc

* Update website/content/docs/upgrading/upgrade-to-1.13.x.mdx

* Update website/content/docs/upgrading/upgrade-to-1.11.x.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update website/content/docs/upgrading/upgrade-to-1.13.x.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update website/content/docs/upgrading/upgrade-to-1.12.x.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Add workaround to docs

* Update changelog/20453.txt

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

---------

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
 2023-05-17 20:56:53 +00:00
Luis (LT) Carbonell
7f2deb1420
Add Configurable LDAP Max Page Size (#19032) 
* Add config flag for LDAP max page size

* Add changelog

* move changelog to correct file

* cleanup

* Default to non-paged searching for with -1

* Update website/content/api-docs/auth/ldap.mdx

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Update website/content/docs/auth/ldap.mdx

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Update tests

---------

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
 2023-04-20 20:39:27 +00:00
Jason O'Donnell
2f7f0d2db9
sdk/ldaputil: add connection_timeout configurable (#20144) 
* sdk/ldaputil: add connection_timeout configurable

* changelog

* Update doc

* Fix test

* Change default to 30s
 2023-04-13 12:43:28 -04:00
Hamid Ghaf
e55c18ed12
adding copyright header (#19555) 
* adding copyright header

* fix fmt and a test
 2023-03-15 09:00:52 -07:00
Jakob Beckmann
39f9e5e775
Allow alias dereferencing in LDAP searches (#18230) 
* impr(auth/ldap): allow to dereference aliases in searches

* docs: add documentation for LDAP alias dereferencing

* chore(auth/ldap): add changelog entry for PR 18230

* chore: run formatter

* fix: update default LDAP configuration with new default

* Update website/content/docs/auth/ldap.mdx

Co-authored-by: tjperry07 <tjperry07@users.noreply.github.com>

* docs(ldap): add alias dereferencing to API docs for LDAP

---------

Co-authored-by: tjperry07 <tjperry07@users.noreply.github.com>
 2023-02-24 13:49:17 -05:00
Jason O'Donnell
b064da37fc
auth/ldap: add username_as_alias config flag (#14324) 2022-03-15 10:21:40 -04:00
Guillaume
4cc2673651
Added support for a LDAP user search filter. Documentation, tests and UI included (#11000) 2021-10-26 10:39:12 -07:00
John-Michael Faircloth
64f317e0aa
fix struct tags and test in ldaputil (#12376) 
* fix struct tags and test in ldaputil

* update test to include ClientTLSCert and ClientTLSKey

* add cert and key to TestConfig test case
 2021-08-30 14:09:03 -05:00
Jeff Mitchell
861454e0ed
Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 
* Swap sdk/helper libs to go-secure-stdlib

* Migrate to go-secure-stdlib reloadutil

* Migrate to go-secure-stdlib kv-builder

* Migrate to go-secure-stdlib gatedwriter
 2021-07-15 20:17:31 -04:00
John-Michael Faircloth
de13b64143
[ldap] auth method fix request_timeout (#11975) 
* [ldap] auth method fix request_timeout

* add changelog

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update changelog/11975.txt

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
 2021-07-01 13:33:01 -05:00
Jorge Heleno
6eba9c0766
Add LDAP anonymous group search and client certs (#8365) 2020-03-06 10:27:09 -08:00
Gerardo Di Giacomo
0e8c6c2171
enabling TLS 1.3 support for TCP listeners (#8305) 
* adding support for TLS 1.3 for TCP listeners

* removed test as CI uses go 1.12

* removed Cassandra support, added deprecation notice

* re-added TestTCPListener_tls13
 2020-02-15 11:40:18 -08:00
Calvin Leung Huang
6191cfaf91
sdk/ldaputil: add request_timeout configuration option (#7909) 
* sdk/ldaputil: add request_timeout configuration option

* go mod vendor
 2019-11-20 11:26:13 -08:00
Jeff Mitchell
7932afafe2
Port LDAP getCN changes to 1.2 branch (#7209) 2019-07-29 15:43:34 -04:00
Jeff Mitchell
dc51c00991
Update ldaputil to allow for modifying an existing config (#7038) 2019-07-01 16:12:32 -04:00
Madalyn
3c25b19aac
update OpenAPI output to use DisplayAttributes struct (#6928) 2019-06-21 11:08:08 -04:00
Patrick Hayes
b9f054d8ab Maximum typo in Vault UI (#6743) 2019-05-16 08:44:34 +02:00
Jeff Mitchell
278bdd1f4e
Switch to go modules (#6585) 
* Switch to go modules

* Make fmt
 2019-04-13 03:44:06 -04:00
Jeff Mitchell
f95571a361 Move ldaputil and tlsutil over to sdk 2019-04-12 18:26:54 -04:00