vault

mirror of https://github.com/hashicorp/vault.git synced 2025-08-24 16:11:08 +02:00

Author	SHA1	Message	Date
vishalnayak	05c10dad94	minor updates	2016-04-28 00:35:49 -04:00
vishalnayak	ba62ef6a86	Refactor locks around config tidy endpoints	2016-04-27 22:32:43 -04:00
vishalnayak	c7bfdd7ed0	Fix locking around config/client	2016-04-27 22:25:15 -04:00
vishalnayak	0b561d668b	Fix the list response of role tags	2016-04-27 22:03:11 -04:00
vishalnayak	329361f951	Removed existence check on blacklist/roletags, docs fixes	2016-04-27 21:29:32 -04:00
vishalnayak	aae439b947	Remove unnecessary lock switching around flushCachedEC2Clients	2016-04-27 20:13:56 -04:00
vishalnayak	36193850fd	Remove recreate parameter from clientEC2	2016-04-27 20:01:39 -04:00
vishalnayak	70ea33ccfc	Added ami_id to token metadata	2016-04-27 11:32:05 -04:00
leon	7caa667fef	- updated refactored functions in ldap backend to return error instead of ldap response and fixed interrupted search in ldap groups search func	2016-04-27 18:17:54 +03:00
leon	df7723bb38	- refactored functionality in separate functions in ldap backend and used a separate ldap query to get ldap groups from userDN	2016-04-27 15:00:26 +03:00
vishalnayak	7e821db4f0	Added tests	2016-04-26 23:40:11 -04:00
vishalnayak	9f06bb2cea	Added tests	2016-04-26 10:22:29 -04:00
vishalnayak	3ee386ecb4	Added tests	2016-04-26 10:22:29 -04:00
vishalnayak	b05042ff2d	Added tests	2016-04-26 10:22:29 -04:00
vishalnayak	2582e5d0ee	Added tests	2016-04-26 10:22:29 -04:00
vishalnayak	06a174c2f0	tidy endpoint fixes	2016-04-26 10:22:29 -04:00
vishalnayak	dd03c55d68	HMAC Key per AMI ID and avoided secondary call to AWS to fetch the tags	2016-04-26 10:22:29 -04:00
vishalnayak	3110f65834	Rework and refactoring	2016-04-26 10:22:29 -04:00
vishalnayak	23a2bc76a5	Added mutex locking for config/certificate endpoint	2016-04-26 10:22:29 -04:00
vishalnayak	4f46bbaa32	Added cooldown period for periodic tidying operation	2016-04-26 10:22:29 -04:00
vishalnayak	81e4235fc0	Support periodic tidy callback and config endpoints.	2016-04-26 10:22:29 -04:00
vishalnayak	b76a4df110	Use fullsailor/pkcs7 package instead of its fork. Fix tests	2016-04-26 10:22:29 -04:00
vishalnayak	7c39fffe0d	Removed redundant AWS public certificate. Docs update.	2016-04-26 10:22:29 -04:00
vishalnayak	22c0ad94ba	Removed `region` parameter from `config/client` endpoint. Region to create ec2 client objects is fetched from the identity document. Maintaining a map of cached clients indexed by region.	2016-04-26 10:22:29 -04:00
vishalnayak	01d417afbf	Instance ID can optionally be accepted as a the role tag parameter.	2016-04-26 10:22:29 -04:00
vishalnayak	cd3e9e3b5b	Support providing multiple certificates. Append all the certificates to the PKCS#7 parser during signature verification.	2016-04-26 10:22:29 -04:00
vishalnayak	9a988ffdee	Docs update	2016-04-26 10:22:29 -04:00
vishalnayak	9e57f66284	Added acceptance test for login endpoint	2016-04-26 10:22:29 -04:00
vishalnayak	2122716f17	Added test case TestBackend_PathBlacklistRoleTag	2016-04-26 10:22:29 -04:00
vishalnayak	9dc519ae68	Return 4xx error at appropriate places	2016-04-26 10:22:29 -04:00
vishalnayak	943cc345fe	Tested pathImageTag	2016-04-26 10:22:29 -04:00
vishalnayak	07ab072ac7	Tested parseRoleTagValue	2016-04-26 10:22:29 -04:00
vishalnayak	a1ca3228b3	Make client nonce optional even during first login, when disallow_reauthentication is set	2016-04-26 10:22:29 -04:00
vishalnayak	7a437d139e	Rename 'name' to 'ami_id' for clarity	2016-04-26 10:22:29 -04:00
vishalnayak	8c439a2f61	Moved HMAC parsing inside parseRoleTagValue	2016-04-26 10:22:29 -04:00
vishalnayak	a2d774b0fc	Properly handle empty client nonce case when disallow_reauthentication is set	2016-04-26 10:22:29 -04:00
vishalnayak	eecdfdc1e9	Added disallow_reauthentication feature	2016-04-26 10:22:29 -04:00
vishalnayak	39c93b5e54	Remove todo and change clientNonce length limit to 128 chars	2016-04-26 10:22:28 -04:00
Jeff Mitchell	8e3192eac1	Fix typo	2016-04-26 10:22:28 -04:00
Jeff Mitchell	7efc5eceb9	Add environment and EC2 instance metadata role providers for AWS creds.	2016-04-26 10:22:28 -04:00
vishalnayak	bdfae8cd9e	Remove certificate verification	2016-04-26 10:22:28 -04:00
vishalnayak	392ce7e1f4	Test path config/certificate	2016-04-26 10:22:28 -04:00
vishalnayak	727a66b378	Add existence check verification to config/client testcase	2016-04-26 10:22:28 -04:00
vishalnayak	b954f6d9b0	Testing pathImage	2016-04-26 10:22:28 -04:00
Jeff Mitchell	c8afcafaf9	allow_instance_reboot -> allow_instance_migration	2016-04-26 10:22:28 -04:00
Jeff Mitchell	f59dcc8cc3	Update image output to show allow_instance_reboot value and keep policies in a list	2016-04-26 10:22:28 -04:00
vishalnayak	717c3bf200	Changed the blacklist URL pattern to optionally accept base64 encoded role tags	2016-04-26 10:22:28 -04:00
vishalnayak	5d0b7d18fd	Accept instance_id in the URL for whitelist endpoint	2016-04-26 10:22:28 -04:00
Jeff Mitchell	8aae383e39	Switch around some logic to be more consistent/readable and respect max TTL on initial token issuance.	2016-04-26 10:22:28 -04:00
vishalnayak	93f8ec3086	Return un-expired entries from blacklist and whitelist	2016-04-26 10:22:28 -04:00

... 22 23 24 25 26 ...

1798 Commits