mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 21:21:06 +02:00
Code Issues Projects Releases Wiki Activity
10,305 Commits 2,845 Branches 445 Tags
Commit Graph

1080 Commits

Author SHA1 Message Date
Matt Hurne
35472ba9f9 mongodb secret backend: Remove redundant type declarations 2016-07-19 12:35:14 -04:00
Matt Hurne
3c68002cc2 mongodb secret backend: Fix broken tests, clean up unused parameters 2016-07-19 12:26:23 -04:00
Vishal Nayak
3f0a1e4b88 Merge pull request #1629 from hashicorp/remove-verify-connection 
Remove unused VerifyConnection from storage entries of SQL backends
 2016-07-19 12:21:23 -04:00
Vishal Nayak
4e5c3631f4 Merge pull request #1583 from hashicorp/ssh-allowed-roles 
Add allowed_roles to ssh-helper-config and return role name from verify call
 2016-07-19 12:04:12 -04:00
vishalnayak
ca22b6cfdb Remove unused VerifyConnection from storage entries of SQL backends 2016-07-19 11:55:49 -04:00
Matt Hurne
a130c13c34 mongodb secret backend: Return lease ttl and max_ttl in lease read in seconds rather than as duration strings 2016-07-19 11:23:56 -04:00
Matt Hurne
8be8714e86 mongodb secret backend: Don't bother persisting verify_connection field in connection config 2016-07-19 11:20:45 -04:00
Matt Hurne
047db0ffef mongodb secret backend: Handle cases where stored username or db is not a string as expected when revoking credentials 2016-07-19 11:18:00 -04:00
Matt Hurne
d23ba11a0c Merge branch 'master' into mongodb-secret-backend 2016-07-19 10:38:45 -04:00
Jeff Mitchell
aa9c05002e Merge pull request #1573 from mickhansen/logical-postgresql-revoke-sequences 
handle revocations for roles that have privileges on sequences
 2016-07-18 13:30:42 -04:00
vishalnayak
5b458db104 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
Vishal Nayak
1970ad74d7 Merge pull request #1610 from hashicorp/min-tls-ver-12 
Set minimum TLS version in all tls.Config objects
 2016-07-13 10:53:14 -06:00
vishalnayak
6977bdd490 Handled upgrade path for TLSMinVersion 2016-07-13 12:42:51 -04:00
Vishal Nayak
64bdeec926 Merge pull request #1607 from hashicorp/standardize-time 
Remove redundant invocations of UTC() call on `time.Time` objects
 2016-07-13 10:19:23 -06:00
vishalnayak
98d5684699 Address review feedback 2016-07-13 11:52:26 -04:00
vishalnayak
150cba24a7 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
Nathan J. Mehl
417cf49bb7 allow overriding the default truncation length for mysql usernames 
see https://github.com/hashicorp/vault/issues/1605
 2016-07-12 17:05:43 -07:00
vishalnayak
ee6ba1e85e Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak
f200a8568b Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak
9f208ae8f2 Revert 'risky' changes 2016-07-12 16:38:07 -04:00
Jeff Mitchell
7129fd5785 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Mick Hansen
cc742a6fc5 incorporate code style guidelines 2016-07-11 13:35:35 +02:00
Mick Hansen
463294f4c6 handle revocations for roles that have privileges on sequences 2016-07-11 13:16:45 +02:00
Nathan J. Mehl
0648160276 use role name rather than token displayname in generated mysql usernames 
If a single token generates multiple myself roles, the generated mysql
username was previously prepended with the displayname of the vault
user; this makes the output of `show processlist` in mysql potentially
difficult to correlate with the roles actually in use without cross-
checking against the vault audit log.

See https://github.com/hashicorp/vault/pull/1603 for further discussion.
 2016-07-10 15:57:47 -07:00
Matt Hurne
0a5a815c68 mongodb secret backend: Improve safety of MongoDB roles storage 2016-07-09 21:12:42 -04:00
vishalnayak
f59a69bc52 Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC 2016-07-08 18:30:18 -04:00
Matt Hurne
0a4638080a Format code in mongodb secret backend 2016-07-07 23:16:11 -04:00
Matt Hurne
2c3b5513df mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages 2016-07-07 23:09:45 -04:00
Matt Hurne
611b08a5b9 mongodb secret backend: Refactor to eliminate unnecessary variable 2016-07-07 22:29:17 -04:00
Matt Hurne
afcff23362 mongodb secret backend: Consider a "user not found" response a success when removing a user from Mongo 2016-07-07 22:27:47 -04:00
Matt Hurne
67c2c0a1dd mongodb secret backend: Improve roles path help 2016-07-07 22:16:34 -04:00
Matt Hurne
8a6959211e mongodb secret backend: Remove default value for Mongo authentication DB for roles; validate that role name and authentication db were specified when creating a role 2016-07-07 22:09:00 -04:00
Matt Hurne
1fa764275b mongodb secret backend: Leverage framework.TypeDurationSecond to simplify storage of lease ttl and max_ttl 2016-07-07 21:48:44 -04:00
Matt Hurne
350ffcf79f mongodb secret backend: Verify existing Session is still working before reusing it 2016-07-07 21:37:44 -04:00
vishalnayak
c99cc155ff Fix transit tests 2016-07-06 22:04:08 -04:00
vishalnayak
ef97199360 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
vishalnayak
b632ef58e4 Add allowed_roles to ssh-helper-config and return role name from verify call 2016-07-05 11:14:29 -04:00
Matt Hurne
8dbefb68b0 Merge branch 'master' into mongodb-secret-backend 2016-07-05 09:33:12 -04:00
Matt Hurne
2aba34d41d mongodb secret backend: Add support for reading connection configuration; Dockerize tests 2016-07-05 09:32:38 -04:00
Sean Chittenden
f66cd75583
Move the parameter down to where the statement is executed. 2016-07-03 16:20:27 -07:00
Sean Chittenden
00ab56060a
Use lib/pq's QuoteIdentifier() on all identifiers and Prepare 
for all literals.
 2016-07-03 16:01:39 -07:00
Matt Hurne
7571487c7f Merge branch 'master' into mongodb-secret-backend 2016-07-01 20:39:13 -04:00
Jeff Mitchell
cec644f327 Shave off a lot of PKI testing time by not requiring key generation when testing CSRs. Also enable all tests all the time. 2016-07-01 17:28:48 -04:00
Jeff Mitchell
5762446724 Merge pull request #1581 from mp911de/cassandra_connect_timeout 
Support connect_timeout for Cassandra and align timeout.
 2016-07-01 22:33:24 +02:00
Mark Paluch
895eac0405 Address review feedback. 
Switch ConnectTimeout to framework.TypeDurationSecond  with a default of 5. Remove own parsing code.
 2016-07-01 22:26:08 +02:00
Mark Paluch
f85b2b11d3 Support connect_timeout for Cassandra and align timeout. 
The cassandra backend now supports a configurable connect timeout. The timeout is configured using the connect_timeout parameter in the session configuration.  Also align the timeout to 5 seconds which is the default for the Python and Java drivers.

Fixes #1538
 2016-07-01 21:22:37 +02:00
Jeff Mitchell
7fc4ae959a Migrate Consul acceptance tests to Docker 2016-07-01 13:59:56 -04:00
Matt Hurne
c8cbd33f74 mongodb secret backend: Parse ssl URI option as a boolean rather than relying on string comparison 2016-07-01 13:55:06 -04:00
Jeff Mitchell
ef98d56fba Have SQL backends Ping() before access. 
If unsuccessful, reestablish connections as needed.
 2016-07-01 12:02:17 -04:00
Jeff Mitchell
b0844f9aea Always run transit acceptance tests 2016-07-01 11:45:56 -04:00