mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-24 08:01:07 +02:00
Code Issues Projects Releases Wiki Activity
10,305 Commits 2,840 Branches 445 Tags
Commit Graph

1080 Commits

Author SHA1 Message Date
Kevin Pike
9f5fe082de Fix documentation typo 2016-04-08 09:05:38 -07:00
Kevin Pike
d4205eed24 Fix documentation typo 2016-04-08 09:05:06 -07:00
Kevin Pike
8d6ab3afa4 Rename uri to connection_uri 2016-04-08 09:04:42 -07:00
Kevin Pike
8497a6367f Merge remote-tracking branch 'upstream/master' 2016-04-08 08:57:10 -07:00
vishalnayak
d71dcf2da2 s/TF_ACC/VAULT_ACC 2016-04-05 15:24:59 -04:00
vishalnayak
ac5ceae0bd Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Mark Mickan
8deed677d2 Ensure authorized_keys file is readable when uninstalling an ssh key 
Without this change, if the user running the ssh key install script doesn't
have read access to the authorized_keys file when uninstalling a key, all
keys will be deleted from the authorized_keys file.

Fixes GH #1285
 2016-04-05 17:26:21 +09:30
Jeff Mitchell
2bc8cf4583 Remove check for using CSR values with non-CA certificate. 
The endpoint enforces whether the certificate is a CA or not anyways, so
this ends up not actually providing benefit and causing a bug.

Fixes #1250
 2016-03-23 10:05:38 -04:00
Jeff Mitchell
5b0d85dbf3 Add ability to exclude adding the CN to SANs. 
Fixes #1220
 2016-03-17 16:28:40 -04:00
Vishal Nayak
0b2477d7cb Merge pull request #998 from chrishoffman/mssql 
Sql Server (mssql) secret backend
 2016-03-10 22:30:24 -05:00
Chris Hoffman
b9c8f95746 Cleaning up lease and lease duration vars and params 2016-03-10 21:15:18 -05:00
Chris Hoffman
e6ce2164d2 Removing root protected endpoints 2016-03-10 21:08:39 -05:00
Chris Hoffman
bfa943c771 Changing DROP USER query to a more compatible version 2016-03-10 21:06:50 -05:00
Chris Hoffman
1d7fe31eac Adding verify_connection to config, docs updates, misc cleanup 2016-03-09 23:08:05 -05:00
Jeff Mitchell
09070c4aca Sanitize serial number in revocation path. 
Ping #1180
 2016-03-08 10:51:59 -05:00
Jeff Mitchell
c40c3b393f Add serial_number back to path_issue_sign responses in PKI 2016-03-08 09:25:48 -05:00
Jeff Mitchell
4cdc44bab5 Add revocation information to PKI fetch output (non-raw only). 
Fixes #1180
 2016-03-07 10:57:38 -05:00
Jeff Mitchell
a9f070323a Error rather than skip Consul acceptance tests if Consul isn't found 2016-03-07 10:09:36 -05:00
Chris Hoffman
ed5ca17b57 Adding mssql secret backend 2016-03-03 09:19:17 -05:00
Jeff Mitchell
404a7fafff Don't spawn consul servers when testing unless it's an acceptance test 2016-02-29 14:58:06 -05:00
Jeff Mitchell
581d2cfee0 Don't run transit fuzzing if not during acceptance tests 2016-02-29 14:44:04 -05:00
Jeff Mitchell
a86c1ba264 Only run PKI backend setup functions when TF_ACC is set 2016-02-29 14:41:14 -05:00
Jeff Mitchell
1f3b089a49 Apply hyphen/underscore replacement across the entire username. 
Handles app-id generated display names.

Fixes #1140
 2016-02-26 15:26:23 -05:00
Jeff Mitchell
ec75a24647 Be more explicit about buffer type 2016-02-24 22:05:39 -05:00
Jeff Mitchell
7ed0399e1f Add "tidy/" which allows removing expired certificates. 
A buffer is used to ensure that we only remove certificates that are
both expired and for which the buffer has past. Options allow removal
from revoked/ and/or certs/.
 2016-02-24 21:24:48 -05:00
vishalnayak
9280dda5f4 rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
Matt Hurne
8bd0cc6391 Improve error message returned when client attempts to generate STS credentials for a managed policy; addresses #1113 2016-02-23 08:58:28 -05:00
Jeff Mitchell
50082a61d8 Merge pull request #1114 from hashicorp/dont-delete-certs 
Do not delete certs (or revocation information)
 2016-02-22 16:11:13 -05:00
Jeff Mitchell
db8b4287e3 Address review feedback 2016-02-22 16:11:01 -05:00
Jeff Mitchell
5176c75a0f Remove extra debugging from PKI tests 2016-02-22 13:39:05 -05:00
Jeff Mitchell
9685c94459 Do not delete certs (or revocation information) to avoid potential 
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
 2016-02-22 13:36:17 -05:00
Jeff Mitchell
4c2c932816 Fix issue where leftover values after cn tests could trigger errors in ipsan tests 2016-02-22 13:35:57 -05:00
Vishal Nayak
7dac5efe27 Merge pull request #1112 from hashicorp/1089-postgres-connection-url 
postgres: connection_url fix
 2016-02-22 11:36:04 -05:00
Jeff Mitchell
7c60548b9a More improvements to PKI tests; allow setting a specific seed, output 
the seed to the console, and split generated steps to make it
understandable which seed is for which set of steps.
 2016-02-22 11:22:52 -05:00
vishalnayak
046d7f87b4 postgres: connection_url fix 2016-02-22 11:22:49 -05:00
Jeff Mitchell
ec97c6c8e2 Use more fuzziness in PKI backend tests 2016-02-22 10:59:37 -05:00
Jeff Mitchell
d993993f18 Better handle errors from fetchCertBySerial 2016-02-22 10:36:26 -05:00
Kevin Pike
6ac1a8c48b Update update operation and uuid references 2016-02-21 15:31:22 -08:00
Kevin Pike
79ed734a2f Merge branch 'master' into rabbitmq 2016-02-21 14:55:06 -08:00
Kevin Pike
d805f2ef57 Add RabbitMQ secret backend 2016-02-21 14:52:57 -08:00
Jeff Mitchell
d3af63193b Add tests for minimum key size checking. (This will also verify that the 
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
 2016-02-19 21:39:40 -05:00
Jeff Mitchell
5da2949d45 Check role key type and bits when signing CSR. 
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
 2016-02-19 20:50:49 -05:00
vishalnayak
992a32975c Cap the length midString in IAM user's username to 42 2016-02-19 18:31:10 -05:00
Vishal Nayak
d123d4c02e Merge pull request #1102 from hashicorp/shorten-aws-usernames 
Set limits on generated IAM user and STS token names.
 2016-02-19 18:25:29 -05:00
Jeff Mitchell
9b57078b26 Some minor changes in mysql commenting and names 2016-02-19 16:44:52 -05:00
Jeff Mitchell
63a8061e87 Set limits on generated IAM user and STS token names. 
Fixes #1031
Fixes #1063
 2016-02-19 16:35:06 -05:00
vishalnayak
b4cd7d019e mysql: fix error message 2016-02-19 16:07:06 -05:00
vishalnayak
20342d9049 Don't deprecate value field yet 2016-02-19 16:07:06 -05:00
vishalnayak
d8f72887fc Removed connectionString.ConnectionString 2016-02-19 16:07:05 -05:00
vishalnayak
5f19c77897 mysql: provide allow_verification option to disable connection_url check 2016-02-19 16:07:05 -05:00