mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 19:17:02 +02:00
Code Issues Projects Releases Wiki Activity
10,305 Commits 2,844 Branches 445 Tags 454 MiB
9be1128201
Commit Graph

1080 Commits

Author SHA1 Message Date
Mark Gritter
c88d65e503
Fix test to use stable order to generate expected result. (#6692) 2019-05-07 14:01:49 -05:00
mgritter
6c43d516f7 gofmt fixes. 2019-05-02 16:29:41 -07:00
Jim Kalafut
dc4f938e7c
Apply suggestions from code review 
Co-Authored-By: mgritter <mgritter@gmail.com>
 2019-05-02 18:02:15 -05:00
mgritter
bb425118da Ensure OU entries are not reordered. 2019-05-02 14:31:29 -07:00
Becca Petrin
decdbebcb1
Merge pull request #6380 from povils/aws_user_path 
AWS add user_path option for role.
 2019-04-23 09:05:35 -07:00
ncabatoff
0f1569b7f5
Merge multiple functions for creating consul containers into one. (#6612) 
Merge both functions for creating mongodb containers into one.
Add retries to docker container cleanups.
Require $VAULT_ACC be set to enable AWS tests.
 2019-04-22 12:26:10 -04:00
Povilas Susinskas
e1007d1e8e AWS backend: Add user_path option for role. 2019-04-22 18:07:21 +02:00
Jeff Mitchell
8054cc660f Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
Becca Petrin
6773ffbdd1 Add explanation to dbplugin.Database (#6581) 
* add explanation to the database interface

* wordsmithing

* wrap comments, add comments for Type and Close methods

* will be stored, not with be stored

* update comment on the Type method
 2019-04-15 08:39:44 -07:00
Jeff Mitchell
278bdd1f4e
Switch to go modules (#6585) 
* Switch to go modules

* Make fmt
 2019-04-13 03:44:06 -04:00
Jeff Mitchell
1d5aeccb60 Update protobufs, sdk changes 2019-04-12 23:13:14 -04:00
Jeff Mitchell
916205b8f6 Fix some test breakages 2019-04-12 22:05:01 -04:00
Jeff Mitchell
550e92a5ec Fix build breakages 2019-04-12 22:01:13 -04:00
Jeff Mitchell
f95571a361 Move ldaputil and tlsutil over to sdk 2019-04-12 18:26:54 -04:00
Jeff Mitchell
cf03949594 Move cidrutil to sdk 2019-04-12 18:03:59 -04:00
Jeff Mitchell
170521481d
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Brian Kassouf
187a234fff
Update plugin.go 2019-04-01 16:45:59 -07:00
Matt Greenfield
6b337465a7 Fix uri_sans param being ignored when use_csr_values=false (#6505) 2019-04-01 16:08:22 -04:00
T.K
4bcf0ec963 changed misspelled english words (#6432) 2019-03-19 09:32:45 -04:00
Matthew Bamber
cd0c36f6d6 Fix SSH zero address OTP delete (#6390) 
* Fix SSH zero address OTP delete

Fixed bug where SSH OTP roles could not be deleted if a zero-address role
previously existed, and there currently exist no zero-address roles.

Fixes #6382

* Eliminate zeroAddressRoles remove function
 2019-03-14 08:56:40 -07:00
Jeff Mitchell
8b9c1e21a4
ToUpper base32 values for TOTP key ingress (#6400) 
Fixes #6396
 2019-03-12 11:07:03 -04:00
Jim Kalafut
4784e74fa3
Use HashTypeMap and remove structs in batch HMAC (#6334) 2019-03-04 14:49:29 -08:00
martinwaite
05240c26d5 Batch hmac - (#5850) (#5875) 2019-03-04 12:26:20 -08:00
Brian Kassouf
760954c077 make fmt 2019-02-20 12:12:21 -08:00
madalynrose
d8e9adc9d3
Update OpenAPI responses to include information the UI can use (#6204) 2019-02-14 12:42:44 -05:00
Brian Kassouf
79a07dd2c6
Remove netRPC based plugins (#6173) 
* Remove netRPC backend plugins

* Remove netRPC database plugins

* Fix tests and comments
 2019-02-12 09:31:03 -08:00
Clint
7c78575660 Add signed key constraints to SSH CA [continued] (#6030) 
* Adds the ability to enforce particular ssh key types and minimum key
lengths when using Signed SSH Certificates via the SSH Secret Engine.
 2019-02-11 13:03:26 -05:00
Becca Petrin
06fffd7b27
Use null strings in MSSQL to prevent errs (#6099) 2019-02-08 10:04:54 -08:00
Brian Nuszkowski
9495b09de8 Add SHA1 signing/verification support to transit engine (#6037) 
* Add SHA1 signing/verification support to transit engine

* Update signing/verification endpoint documentation to include sha1 hash algorithm
 2019-02-07 15:31:31 -08:00
Becca Petrin
7ba7309b8b Return a more helpful error message for unknown db roles (#6157) 
* return a more helpful err msg

* update test, print fmt

* fix other test failure
 2019-02-07 11:16:23 -08:00
Becca Petrin
06864a5c06 dont automatically accept mssql eula (#6169) 2019-02-05 14:11:06 -08:00
Jeff Mitchell
20423f7082
Add allowed_response_headers (#6115) 2019-02-05 16:02:15 -05:00
Jeff Mitchell
c0739a0f23
Add more perf standby guards (#6149) 2019-02-01 16:56:57 -05:00
Jeff Mitchell
47d339fce1 Revert "Refactor common token fields and operations into a helper (#5953)" 
This reverts commit 66c226c593.
 2019-02-01 11:23:40 -05:00
Jeff Mitchell
66c226c593
Refactor common token fields and operations into a helper (#5953) 2019-01-30 16:23:28 -05:00
Jeff Mitchell
5d6f25d569
Implement JWS-compatible signature marshaling (#6077) 
This currently only applies to ECDSA signatures, and is a toggleable
option.
 2019-01-23 12:31:34 -05:00
ncabatoff
04fa50cc0a Fix #5973 on windows by disregarding errors when querying legacy cert path. (#6013) 2019-01-08 18:08:21 -08:00
Jim Kalafut
a54603039d Run goimports across the repository (#6010) 
The result will still pass gofmtcheck and won't trigger additional
changes if someone isn't using goimports, but it will avoid the
piecemeal imports changes we've been seeing.
 2019-01-08 16:48:57 -08:00
Jeff Mitchell
2dcd0aed2a
Change credential_types output to credential_type (#5975) 
Fixes #5972
 2019-01-04 14:49:53 -05:00
Jeff Mitchell
ca55573d38
Strip empty strings from database revocation stmts (#5955) 
* Strip empty strings from database revocation stmts

It's technically valid to give empty strings as statements to run on
most databases. However, in the case of revocation statements, it's not
only generally inadvisable but can lead to lack of revocations when you
expect them. This strips empty strings from the array of revocation
statements.

It also makes two other changes:

* Return statements on read as empty but valid arrays rather than nulls,
so that typing information is inferred (this is more in line with the
rest of Vault these days)

* Changes field data for TypeStringSlice and TypeCommaStringSlice such
that a client-supplied value of `""` doesn't turn into `[]string{""}`
but rather `[]string{}`.

The latter and the explicit revocation statement changes are related,
and defense in depth.
 2018-12-14 09:12:26 -05:00
Lukasz Jagiello
6dc872cd10 Remove an empty line for /pki/ca_chain (#5779) 
This PR fix #5778.

Easy test case to reproduce the problem:
https://play.golang.org/p/CAMdrOHT7C1

Since `certStr` is empty string during first iteration `strings.Join()`
will merge empty line with first CA cert.

Extra `strings.TrimSpace` call will remove that empty line, before
certificate will be return.
 2018-12-12 15:38:35 -05:00
Jeff Mitchell
cc02c26af5 Fix tests 2018-12-11 15:04:02 -05:00
Jeff Mitchell
e5ffd6a2ca
Properly continue if cert entry is nil when tidying (#5933) 
Fixes #5931
 2018-12-11 11:28:14 -05:00
Jeff Mitchell
4f54c96c04
Fix SSH CA giving 500 if keys need to be deleted (#5897) 2018-12-04 13:29:11 -05:00
Calvin Leung Huang
54b0ee9d96
Use inclusive range on cert role diff comparison (#5737) 2018-11-08 12:15:12 -08:00
Jeff Mitchell
f5ea1f87de fmt 2018-11-07 16:52:01 -05:00
Becca Petrin
fb89af7cfa
Run all builtins as plugins (#5536) 2018-11-06 17:21:24 -08:00
Calvin Leung Huang
8fe7ab3fce Use Truncate instead of Round on duration diff (#5691) 2018-11-05 17:32:33 -05:00
Calvin Leung Huang
e8d6434faf Round time diff to nearest second to reduce flakiness (#5688) 2018-11-05 16:49:25 -05:00
Vishal Nayak
448eb98987
Remove namespace.TestContext and namespace.TestNamespace (#5682) 2018-11-05 11:11:32 -05:00