mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-22 23:21:08 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,843 Branches 445 Tags
Commit Graph

1798 Commits

Author SHA1 Message Date
Nathan J. Mehl
417cf49bb7 allow overriding the default truncation length for mysql usernames 
see https://github.com/hashicorp/vault/issues/1605
 2016-07-12 17:05:43 -07:00
vishalnayak
ee6ba1e85e Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak
f200a8568b Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak
9f208ae8f2 Revert 'risky' changes 2016-07-12 16:38:07 -04:00
Jeff Mitchell
7129fd5785 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Mick Hansen
cc742a6fc5 incorporate code style guidelines 2016-07-11 13:35:35 +02:00
Mick Hansen
463294f4c6 handle revocations for roles that have privileges on sequences 2016-07-11 13:16:45 +02:00
Nathan J. Mehl
0648160276 use role name rather than token displayname in generated mysql usernames 
If a single token generates multiple myself roles, the generated mysql
username was previously prepended with the displayname of the vault
user; this makes the output of `show processlist` in mysql potentially
difficult to correlate with the roles actually in use without cross-
checking against the vault audit log.

See https://github.com/hashicorp/vault/pull/1603 for further discussion.
 2016-07-10 15:57:47 -07:00
Matt Hurne
0a5a815c68 mongodb secret backend: Improve safety of MongoDB roles storage 2016-07-09 21:12:42 -04:00
vishalnayak
f59a69bc52 Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC 2016-07-08 18:30:18 -04:00
Matt Hurne
0a4638080a Format code in mongodb secret backend 2016-07-07 23:16:11 -04:00
Matt Hurne
2c3b5513df mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages 2016-07-07 23:09:45 -04:00
Matt Hurne
611b08a5b9 mongodb secret backend: Refactor to eliminate unnecessary variable 2016-07-07 22:29:17 -04:00
Matt Hurne
afcff23362 mongodb secret backend: Consider a "user not found" response a success when removing a user from Mongo 2016-07-07 22:27:47 -04:00
Matt Hurne
67c2c0a1dd mongodb secret backend: Improve roles path help 2016-07-07 22:16:34 -04:00
Matt Hurne
8a6959211e mongodb secret backend: Remove default value for Mongo authentication DB for roles; validate that role name and authentication db were specified when creating a role 2016-07-07 22:09:00 -04:00
Matt Hurne
1fa764275b mongodb secret backend: Leverage framework.TypeDurationSecond to simplify storage of lease ttl and max_ttl 2016-07-07 21:48:44 -04:00
Matt Hurne
350ffcf79f mongodb secret backend: Verify existing Session is still working before reusing it 2016-07-07 21:37:44 -04:00
vishalnayak
c99cc155ff Fix transit tests 2016-07-06 22:04:08 -04:00
vishalnayak
ef97199360 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
vishalnayak
b632ef58e4 Add allowed_roles to ssh-helper-config and return role name from verify call 2016-07-05 11:14:29 -04:00
Matt Hurne
8dbefb68b0 Merge branch 'master' into mongodb-secret-backend 2016-07-05 09:33:12 -04:00
Matt Hurne
2aba34d41d mongodb secret backend: Add support for reading connection configuration; Dockerize tests 2016-07-05 09:32:38 -04:00
Sean Chittenden
f66cd75583
Move the parameter down to where the statement is executed. 2016-07-03 16:20:27 -07:00
Sean Chittenden
00ab56060a
Use lib/pq's QuoteIdentifier() on all identifiers and Prepare 
for all literals.
 2016-07-03 16:01:39 -07:00
Matt Hurne
7571487c7f Merge branch 'master' into mongodb-secret-backend 2016-07-01 20:39:13 -04:00
Jeff Mitchell
cec644f327 Shave off a lot of PKI testing time by not requiring key generation when testing CSRs. Also enable all tests all the time. 2016-07-01 17:28:48 -04:00
Jeff Mitchell
5762446724 Merge pull request #1581 from mp911de/cassandra_connect_timeout 
Support connect_timeout for Cassandra and align timeout.
 2016-07-01 22:33:24 +02:00
Mark Paluch
895eac0405 Address review feedback. 
Switch ConnectTimeout to framework.TypeDurationSecond  with a default of 5. Remove own parsing code.
 2016-07-01 22:26:08 +02:00
Mark Paluch
f85b2b11d3 Support connect_timeout for Cassandra and align timeout. 
The cassandra backend now supports a configurable connect timeout. The timeout is configured using the connect_timeout parameter in the session configuration.  Also align the timeout to 5 seconds which is the default for the Python and Java drivers.

Fixes #1538
 2016-07-01 21:22:37 +02:00
Jeff Mitchell
b45da486dc Run appid/cert auth tests always 2016-07-01 14:06:33 -04:00
Jeff Mitchell
7fc4ae959a Migrate Consul acceptance tests to Docker 2016-07-01 13:59:56 -04:00
Matt Hurne
c8cbd33f74 mongodb secret backend: Parse ssl URI option as a boolean rather than relying on string comparison 2016-07-01 13:55:06 -04:00
Jeff Mitchell
ef98d56fba Have SQL backends Ping() before access. 
If unsuccessful, reestablish connections as needed.
 2016-07-01 12:02:17 -04:00
Jeff Mitchell
b0844f9aea Always run transit acceptance tests 2016-07-01 11:45:56 -04:00
Jeff Mitchell
af75100158 Merge pull request #1578 from hashicorp/dockerize-mysql-acc-tests 
Convert MySQL tests to Dockerized versions
 2016-07-01 17:38:52 +02:00
Jeff Mitchell
133b39fab8 Always run userpass acceptance tests 2016-07-01 11:37:38 -04:00
Jeff Mitchell
1ba78db242 Convert MySQL tests to Dockerized versions 2016-07-01 11:36:28 -04:00
Matt Hurne
339aec9751 mongodb secret backend: Refactor URI parsing logic to leverage url.Parse 2016-07-01 09:12:26 -04:00
Matt Hurne
3c666532c8 mongodb secret backend: Prefix all generated usernames with "vault-", and cleanly handle empty display names when generating usernames 2016-06-30 21:11:45 -04:00
Matt Hurne
2eb0e16e1c Merge branch 'master' into mongodb-secret-backend 2016-06-30 16:43:53 -04:00
Jeff Mitchell
d4f58ebdd3 Merge branch 'master-oss' into dockerize-pg-secret-tests 2016-06-30 14:31:52 -04:00
Jeff Mitchell
c3e38d4b29 Fix up breakage from bumping deps 2016-06-30 14:31:41 -04:00
Jeff Mitchell
dfd8a530db Add comment around bind to localhost 2016-06-30 13:49:11 -04:00
Jeff Mitchell
f9d40aa63b Dockerize Postgres secret backend acceptance tests 
Additionally enable them on all unit test runs.
 2016-06-30 13:46:39 -04:00
Jeff Mitchell
c4c948ff64 Use TRACE not WARN here 2016-06-30 12:41:56 -04:00
Matt Hurne
bbf0e27717 Persist verify_connection field in mongodb secret backend's connection config 2016-06-30 11:39:02 -04:00
Matt Hurne
f55955c2d8 Rename mongodb secret backend's 'ttl_max' lease configuration field to 'max_ttl' 2016-06-30 09:57:43 -04:00
Matt Hurne
7e3e246f55 Merge branch 'master' into mongodb-secret-backend 2016-06-30 09:02:30 -04:00
Jeff Mitchell
444c4d0a8c Fix test 2016-06-30 08:21:00 -04:00