mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-24 16:11:08 +02:00
Code Issues Projects Releases Wiki Activity
7,782 Commits 2,840 Branches 445 Tags
Commit Graph

26 Commits

Author SHA1 Message Date
John Eismeier
acc37c3cc9 Fix some typos (#3923) 2018-02-06 13:35:01 -05:00
Brian Kassouf
8142b42d95 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Dominik Müller
e28d924550 add allowed_names to cert-response (#3779) 2018-01-16 13:41:58 -05:00
Brian Kassouf
78adac0a24
Pass context to backends (#3750) 
* Start work on passing context to backends

* More work on passing context

* Unindent logical system

* Unindent token store

* Unindent passthrough

* Unindent cubbyhole

* Fix tests

* use requestContext in rollback and expiration managers
 2018-01-08 10:31:38 -08:00
Calvin Leung Huang
40b8314c4d Add period and max_ttl to cert role creation (#3642) 2017-12-18 15:29:45 -05:00
Travis Cosgrave
95328e2fb4 Use Custom Cert Extensions as Cert Auth Constraint (#3634) 2017-12-18 12:53:44 -05:00
Dominik Müller
534ea1771d add allowed_names to cert-response (#3654) 2017-12-06 16:50:02 -05:00
Jeff Mitchell
2f6c2b88bb Sanitize policy behavior across backends (#3324) 
Fixes #3323
Fixes #3318

* Fix tests

* Fix tests
 2017-09-13 11:36:52 -04:00
Michael Ansel
8da4405c99 Add constraints on the Common Name for certificate-based authentication (#2595) 
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
 2017-04-30 11:37:10 -04:00
vishalnayak
5f1829af67 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell
f52004e12a Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
vishalnayak
86df49b992 Added ExtKeyUsageAny, changed big.Int comparison and fixed code flow 2016-03-01 16:37:01 -05:00
vishalnayak
d8213e8094 corrections, policy matching changes and test cert changes 2016-03-01 16:37:01 -05:00
vishalnayak
9e610f6417 Added testcase for cert writes 2016-03-01 16:37:01 -05:00
vishalnayak
c506988cde supporting non-ca certs for verification 2016-03-01 16:37:01 -05:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell
5e0b16fe69 Use TypeDurationSecond instead of TypeString 2015-11-03 10:52:20 -05:00
Jeff Mitchell
5eac0671ae Add CRLSets endpoints; write method is done. Add verification logic to 
login path. Change certs "ttl" field to be a string to match common
backend behavior.
 2015-11-03 10:52:19 -05:00
Jeff Mitchell
4836e7ca4d Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527 2015-09-18 14:01:28 -04:00
Jeff Mitchell
99041b5b6d Merge pull request #561 from hashicorp/fix-wild-cards 
Allow hyphens in endpoint patterns of most backends
 2015-08-21 11:40:42 -07:00
vishalnayak
41678f18ae Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell
97112665e8 Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Armon Dadgar
8ae7b1288a credential/cert: support leasing and renewal 2015-04-24 12:58:39 -07:00
Armon Dadgar
b9a9c3677a credential/cert: default display name 2015-04-24 10:52:17 -07:00
Armon Dadgar
e17c11149f credential/cert: more validation on cert setup 2015-04-24 10:39:44 -07:00
Armon Dadgar
0ef9947b1d credential/cert: major refactor 2015-04-24 10:31:57 -07:00