mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-23 23:51:08 +02:00
Code Issues Projects Releases Wiki Activity
7,782 Commits 2,840 Branches 445 Tags
Commit Graph

7782 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mitchell Hashimoto
e7f7f7a221 vault: passthrough backend uses logical/framework 2015-03-15 17:07:54 -07:00
Mitchell Hashimoto
1f88dd2d92 logical/testing: acceptance testttttttt 2015-03-15 16:52:19 -07:00
Mitchell Hashimoto
12566c645c logical/framework, logical/testing 2015-03-15 16:39:49 -07:00
Mitchell Hashimoto
4eaa25eb2c vault: can pass in the backends 2015-03-15 16:25:38 -07:00
Mitchell Hashimoto
0496a0837a helper/backend: use logical package 2015-03-15 14:57:19 -07:00
Mitchell Hashimoto
69f62d8872 vault: rename SystemBackend2 to SystemBackend 2015-03-15 14:54:49 -07:00
Mitchell Hashimoto
9b42fe3c99 vault: convert to logical.Request and friends 2015-03-15 14:53:41 -07:00
Mitchell Hashimoto
4811f2453b vault: convert system to logical.Backend 2015-03-15 14:42:05 -07:00
Mitchell Hashimoto
68918feebe vault: Passthrough backend uses logical.Backend 2015-03-15 14:27:06 -07:00
Mitchell Hashimoto
5ce1b65e5d vault: incremental change to get closer to logical structs 2015-03-15 14:27:06 -07:00
Mitchell Hashimoto
923ff65959 logical: put structs here, vault uses them 2015-03-15 14:27:06 -07:00
JT
6aacbffde4 update hero 2015-03-15 14:16:58 -07:00
Mitchell Hashimoto
cdd633175b vault: make mount functions private again, going to try something else 2015-03-14 18:31:31 -07:00
Mitchell Hashimoto
6ce4fc63cb vault: don't copy the key so it can be zeroed, document, add helper 2015-03-14 18:25:55 -07:00
captainill
b82c471d42 Merge branch 'master' of github.com:hashicorp/vault 2015-03-14 18:17:18 -07:00
captainill
511d9d2754 docs sidebar new animation/cleanup 2015-03-14 18:16:58 -07:00
Mitchell Hashimoto
7cd30fe035 vault: public TestCoreUnsealed, don't modify key in Unseal 
/cc @armon - I do a key copy within Unseal now. It tripped me up for
quite awhile that that method actually modifies the param in-place and I
can't think of any scenario that is good for the user. Do you see any
issues here?
 2015-03-14 17:47:11 -07:00
captainill
c5b188ba1c fix js 2015-03-14 17:37:22 -07:00
Mitchell Hashimoto
b3aa46abdb vault: make Mount related core functions public 
/cc @armon - So I know the conversation we had related to this about
auth, but I think we still need to export these and do auth only at the
external API layer. If you're writing to the internal API, then all bets
are off.

The reason is simply that if you have access to the code, you can
already work around it anyways (you can disable auth or w/e), so a
compromised Vault source/binary is already a failure, and that is the
only thing that our previous unexported methods were protecting against.

If you write an external tool to access a Vault, it still needs to be
unsealed so _that_ is the primary security mechanism from an API
perspective. Once it is unsealed then the core API has full access to
the Vault, and identity/auth is only done at the external API layer, not
at the internal API layer.

The benefits of this approach is that it lets us still treat the "sys"
mount specially but at least have sys adopt helper/backend and use that
machinery and it can still be the only backend which actually has a
reference to *vault.Core to do core things (a key difference). So, an
AWS backend still will never be able to muck with things it can't, but
we're explicitly giving Sys (via struct initialization in Go itself)
a reference to *vault.Core.
 2015-03-14 17:26:59 -07:00
Mitchell Hashimoto
5e804c26e9 helper/backend: start acceptance test framework 2015-03-14 17:18:19 -07:00
Mitchell Hashimoto
8ecbb9d2d1 helper/backend: auto-generate help route 2015-03-14 10:12:50 -07:00
Mitchell Hashimoto
0890ece955 helper/backend: one callback per operation 2015-03-14 00:19:25 -07:00
Mitchell Hashimoto
24f7ddfd8c helper/backend: HandleRequest works 2015-03-13 23:58:20 -07:00
Mitchell Hashimoto
da2c1d4896 helper/backend: store captures for a path 2015-03-13 23:48:49 -07:00
Mitchell Hashimoto
f19c63de4a helper/backend: cache route regexps (98% speedup) 
benchmark                 old ns/op     new ns/op     delta
BenchmarkBackendRoute     49144         589           -98.80%
 2015-03-13 23:25:17 -07:00
Mitchell Hashimoto
9e7add90b2 helper/backend: benchmark route 2015-03-13 23:22:48 -07:00
Mitchell Hashimoto
f5893adb8a helper/backend: basic path routing (naive) 2015-03-13 23:17:25 -07:00
Mitchell Hashimoto
6575c9355b helper/backend: add default values 2015-03-13 21:15:20 -07:00
Mitchell Hashimoto
d39b117281 helper/backend: start this thing 2015-03-13 21:11:19 -07:00
Mitchell Hashimoto
4679dd6ada command/unseal: tests 2015-03-13 20:17:55 -07:00
Mitchell Hashimoto
db91352a52 website: imageoptim 2015-03-13 12:58:21 -07:00
Mitchell Hashimoto
e881439d0b command/seal-status 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
8de077810e command/init: tests 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
48c05995e5 http: make TestServer public 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
d2642529b7 vault: public testing methods 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
fb5530d0e0 command/init: make the output a little nicer 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
6b83c937d4 command/init 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
722a3875cf api: use /v1 prefix 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
fcc6646a19 command/server: initial working 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
cf259c3f22 command/sever: copy the TCP keep alive listener 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
9564f8bcc2 command/server: support TLS 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
69d28396ca command/server: tcp listener 2015-03-13 12:53:08 -07:00
Armon Dadgar
647668d215 vault: Track the renew time 2015-03-13 11:36:24 -07:00
Armon Dadgar
2d7436b840 vault: improve seal/unseal log messages 2015-03-13 11:34:40 -07:00
Armon Dadgar
ec99c1514b vault: Adding start/stop to expiration manager 2015-03-13 11:31:43 -07:00
Armon Dadgar
2ae7992a98 vault: integrate expiration manager with core setup/teardown 2015-03-13 11:20:36 -07:00
Armon Dadgar
0b9c4ebaff vault: Support a pre-seal teardown 2015-03-13 11:16:24 -07:00
Armon Dadgar
94bdee625f vault: Adding lease registration 2015-03-13 10:56:03 -07:00
Armon Dadgar
f34ade56ad vault: Validate lease values 2015-03-13 10:56:03 -07:00
Jack Pearkes
e0d1c1d0d2 Merge pull request #1 from hashicorp/add-website 
Initial Website Import
 2015-03-13 10:40:07 -07:00