mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-19 05:31:10 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,844 Branches 445 Tags
Commit Graph

1087 Commits

Author SHA1 Message Date
Jeff Mitchell
d5fb9ee98d Migrate to go-uuid 2016-06-08 10:36:16 -04:00
vishalnayak
f216292e68 Polish the code 2016-06-08 10:25:03 -04:00
Vishal Nayak
8b15722fb4 Merge pull request #788 from doubledutch/master 
RabbitMQ Secret Backend
 2016-06-08 10:02:24 -04:00
Jeff Mitchell
196776b9b8 Make logical.InmemStorage a wrapper around physical.InmemBackend. 
This:

* Allows removing LockingInmemStorage since the physical backend already
  locks properly
* Makes listing work properly by adhering to expected semantics of only
  listing up to the next prefix separator
* Reduces duplicated code
 2016-06-06 12:03:08 -04:00
Jeff Mitchell
c2a8b09e7b Use backend function instead of separate backend creation in consul 2016-06-03 10:08:58 -04:00
Jeff Mitchell
551f4a8606 Change AWS/SSH to reuse backend creation code for test functions 2016-06-01 12:17:47 -04:00
Vishal Nayak
577a993223 Merge pull request #1445 from hashicorp/consul-fixups 
Reading consul access configuration in the consul secret backend.
 2016-06-01 12:11:12 -04:00
Jeff Mitchell
74a1e3bd61 Remove most Root paths 2016-05-31 23:42:54 +00:00
vishalnayak
d6d5dacb82 Set config access test case as an acceptance test and make travis happy 2016-05-31 13:27:34 -04:00
vishalnayak
445040e344 Add tests around writing and reading consul access configuration 2016-05-31 13:27:34 -04:00
Jeff Mitchell
539af86939 Add reading to consul config, and some better error handling. 2016-05-31 13:27:34 -04:00
vishalnayak
8ae663f498 Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak
c945b8b3f2 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Jeff Mitchell
3bf1645e8f Return nil for pre-0.5.3 Consul tokens to avoid pathological behavior 2016-05-27 13:09:52 -04:00
Jeff Mitchell
ba5dc348d8 Add test for renew/revoke to Consul secret backend 2016-05-27 11:27:53 -04:00
Vishal Nayak
9c6aebf1c0 Merge pull request #1456 from hashicorp/consul-lease-renewal 
Fix the consul secret backends renewal revocation problem
 2016-05-26 13:59:45 -04:00
Jeff Mitchell
fba0f6e46c Add comment about the deletions 2016-05-26 10:33:35 -04:00
Jeff Mitchell
1632b8fadc Remove deprecated entries from PKI role output. 
Fixes #1452
 2016-05-26 10:32:04 -04:00
vishalnayak
2fa0773f3f s/logical.ErrorResponse/fmt.Errorf in revocation functions of secrets 2016-05-26 10:04:11 -04:00
vishalnayak
41aebe2dba Fix the consul secret backends renewal revocation problem 2016-05-25 23:24:16 -04:00
Kevin Pike
03cef8ad85 Update and document rabbitmq test envvars 2016-05-20 23:28:02 -07:00
Kevin Pike
8caffae70f Merge remote-tracking branch 'origin/master' into rabbitmq 2016-05-20 23:27:22 -07:00
Kevin Pike
36023720c6 Address feedback 2016-05-20 22:57:24 -07:00
Jeff Mitchell
8efe203a8e Don't use pointers to int64 in function calls when not necessary 2016-05-19 12:26:02 -04:00
Jeff Mitchell
8c3e9c4753 Merge pull request #1318 from steve-jansen/aws-logical-assume-role 
Add sts:AssumeRole support to the AWS secret backend
 2016-05-19 12:17:27 -04:00
Jeff Mitchell
5330aa734b Use Consul API client's DefaultNonPooledTransport. 
What we should probably do is create a client with a mutex and
invalidate it when parameters change rather than creating a client over
and over...that can be a TODO for later but for now this fix suffices.

Fixes #1428
 2016-05-18 00:47:42 +00:00
Sean Chittenden
1dc1d3b312 Merge pull request #1417 from hashicorp/b-pki-expire-ttl-unset 
Set entry's TTL before writing out the storage entry's config
 2016-05-15 10:02:03 -07:00
Sean Chittenden
339c0a4127
Speling police 2016-05-15 09:58:36 -07:00
Sean Chittenden
65a5582c38
Store clamped TTLs back in the role's config 2016-05-15 08:13:56 -07:00
Sean Chittenden
dc19a92820
Set entry's TTL before writing out the storage entry's config 2016-05-15 07:06:33 -07:00
vishalnayak
7a10134f87 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
Jeff Mitchell
9de0ea081a Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00
Jeff Mitchell
3ca09fdf30 Merge pull request #1346 from hashicorp/disable-all-caches 
Disable all caches
 2016-05-07 16:33:45 -04:00
Steve Jansen
69740e57e0 Adds sts:AssumeRole support to the AWS secret backend 
Support use cases where you want to provision STS tokens
using Vault, but, you need to call AWS APIs that are blocked
for federated tokens.  For example, STS federated tokens cannot
invoke IAM APIs, such as  Terraform scripts containing
`aws_iam_*` resources.
 2016-05-05 23:32:41 -04:00
Jeff Mitchell
42d9df95c1 Merge branch 'master-oss' into aws-auth-backend 2016-05-05 10:36:06 -04:00
Jeff Mitchell
88811a4776 Cleanups, add shared provider, ability to specify http client, and port S3 physical backend over 2016-05-03 17:01:02 -04:00
Jeff Mitchell
56cc74887f Region is required so error in awsutil if not set and set if empty in client code in logical/aws 2016-05-03 15:25:11 -04:00
Jeff Mitchell
56011c9443 Refactor AWS credential code into a function that returns a static->env->instance chain 2016-05-03 15:10:35 -04:00
Jeff Mitchell
e48cb2e840 Add some more tests around deletion and fix upsert status returning 2016-05-03 00:19:18 -04:00
Jeff Mitchell
027d570f7f Massively simplify lock handling based on feedback 2016-05-02 23:47:18 -04:00
Jeff Mitchell
bf7ad912e1 Remove some deferring 2016-05-02 22:36:44 -04:00
Jeff Mitchell
16267d5115 Change use-hint of lockAll and lockPolicy 2016-05-02 22:36:44 -04:00
Jeff Mitchell
5ec40a14f4 Address review feedback 2016-05-02 22:36:44 -04:00
Jeff Mitchell
c598a12ab9 Switch to lockManager 2016-05-02 22:36:44 -04:00
Jeff Mitchell
3ab71ca239 Address feedback 2016-05-02 22:36:44 -04:00
Jeff Mitchell
634cea72d7 Fix up commenting and some minor tidbits 2016-05-02 22:36:44 -04:00
Jeff Mitchell
32601f4424 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
vishalnayak
81e4235fc0 Support periodic tidy callback and config endpoints. 2016-04-26 10:22:29 -04:00
Jeff Mitchell
77a2afa922 Merge pull request #1291 from mmickan/ssh-keyinstall-perms 
Ensure authorized_keys file is readable when uninstalling an ssh key
 2016-04-25 14:00:37 -04:00
Adam Shannon
e0df8e9e88 all: Cleanup from running go vet 2016-04-13 14:38:29 -05:00