mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-23 15:41:07 +02:00
Code Issues Projects Releases Wiki Activity
9,692 Commits 2,840 Branches 445 Tags
Commit Graph

9692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
989b33483b Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550. 2015-08-26 09:13:10 -07:00
Jeff Mitchell
8a0915b8ef Explicitly check for blank leases in AWS, and give a better error message if lease_max cannot be parsed. Fixes #569. 2015-08-26 09:04:47 -07:00
Jeff Mitchell
5584a11997 When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes. 2015-08-26 07:59:50 -07:00
Jeff Mitchell
29ef1a2167 If JSON decoding fails, make it clear that the problem is failing to 
parse the JSON, rather than returning the possibly confusing error from
the JSON decoder.

Fixes #553.
 2015-08-26 07:03:33 -07:00
Jeff Mitchell
078da0b6a9 Merge pull request #568 from ctennis/add_some_s3_info 
Make it clear for physical S3 backend we support instance profiles as well.
 2015-08-26 09:03:38 -04:00
Jeff Mitchell
3190a3a946 Merge pull request #570 from hashicorp/pgp-init-keys 
PGP keys at init/rekey time
 2015-08-25 19:41:21 -04:00
Jeff Mitchell
d7829adb73 Update godeps 2015-08-25 16:24:25 -07:00
Jeff Mitchell
4d877dc4eb Address comments from review. 2015-08-25 15:33:58 -07:00
Jeff Mitchell
f5271c2ab0 Update website documentation for init and rekey with secret_pgp_keys API option 2015-08-25 14:52:13 -07:00
Jeff Mitchell
e133536b79 Add support for pgp-keys argument to rekey, as well as tests, plus 
refactor common bits out of init.
 2015-08-25 14:52:13 -07:00
Jeff Mitchell
efccbcd23e Don't store the given public keys in the seal config 2015-08-25 14:52:13 -07:00
Jeff Mitchell
ee10f1a565 Handle people specifying PGP key files with @ in front 2015-08-25 14:52:13 -07:00
Jeff Mitchell
d2023234b9 Add support for "pgp-tokens" parameters to init. 
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
 2015-08-25 14:52:13 -07:00
Caleb Tennis
6e8bc25a94 Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required 2015-08-25 06:47:07 -07:00
Robin Walsh
2cf6af79d6 s/string replacement/regexp replacement 2015-08-24 17:00:54 -07:00
Robin Walsh
e0cfb891af spaces in displayName break AWS IAM 2015-08-24 16:12:45 -07:00
Vishal Nayak
41ec36e2a3 Merge pull request #566 from hashicorp/fix-install-script 
Cleanup of public key install script
 2015-08-24 15:06:28 -04:00
vishalnayak
0843c3400b Vault SSH: Documentation update 2015-08-24 14:18:37 -04:00
vishalnayak
2d5070ba50 Vault SSH: Replace args with named vars 2015-08-24 14:07:07 -04:00
vishalnayak
c33e4d24e1 Merging with master 2015-08-24 13:55:20 -04:00
vishalnayak
00c69bfacb Vault SSH: Cleanup of aux files in install script 2015-08-24 13:50:46 -04:00
Jeff Mitchell
1c34cdccf2 Merge pull request #564 from hashicorp/remove-cookie-auth 
Remove cookie authentication
 2015-08-21 19:55:00 -07:00
Jeff Mitchell
f1a301922d Remove cookie authentication. 2015-08-21 19:46:23 -07:00
Jeff Mitchell
3da9f81bdd Merge pull request #555 from hashicorp/toggleable-hostname-enforcement 
Allow enforcement of hostnames to be toggleable for certificates.
 2015-08-21 19:23:09 -07:00
Jeff Mitchell
99041b5b6d Merge pull request #561 from hashicorp/fix-wild-cards 
Allow hyphens in endpoint patterns of most backends
 2015-08-21 11:40:42 -07:00
Armon Dadgar
593d67944f Merge pull request #558 from captainill/master 
make sure header is below clickable area that hides sidebar
 2015-08-21 10:21:40 -07:00
vishalnayak
923fe4125c Vault SSH: Undo changes which does not belong to wild card changes 2015-08-21 09:58:15 -07:00
vishalnayak
41678f18ae Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell
654a9797fe Merge pull request #560 from hashicorp/refactor-lease-ttl 
Refactor Lease names internally for logical consistency
 2015-08-20 23:30:31 -07:00
Jeff Mitchell
e7f2a54720 Rejig Lease terminology internally; also, put a few JSON names back to their original values 2015-08-20 22:27:01 -07:00
Jeff Mitchell
97112665e8 Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Jeff Mitchell
8281965d7c Merge pull request #557 from hashicorp/generic-lease-to-ttl 
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion.
 2015-08-20 18:00:11 -07:00
Jeff Mitchell
c35fbca5e0 Update help text for TTL values in generic backend 2015-08-20 17:59:30 -07:00
captainill
4d9f658c97 make sure header is below clickable area that hides sidebar 2015-08-20 17:22:48 -07:00
Jeff Mitchell
358849fbc3 Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4. 
Fixes #528.
 2015-08-20 16:41:25 -07:00
vishalnayak
cdf2b4895d Vault SSH: +script link, -script file, in docs 2015-08-20 16:35:16 -07:00
vishalnayak
acb883c4b8 Vault SSH: Make the script readable 2015-08-20 16:12:17 -07:00
Jeff Mitchell
d3ea59e415 Disallow non-client X509 key usages for client TLS cert authentication. 2015-08-20 15:50:47 -07:00
Jeff Mitchell
b8a72cfd47 Allow enforcement of hostnames to be toggleable for certificates. Fixes #451. 2015-08-20 14:33:37 -07:00
Jeff Mitchell
e1ed043bc0 sys_mount.go is now unnecessary 2015-08-20 14:09:15 -07:00
Jeff Mitchell
2920cddc9c Send sys mounting logic directly to logical backend. Unit tests run. 2015-08-20 13:59:57 -07:00
Jeff Mitchell
b81fcab150 Begin factoring out sys paths into logical routes. Also, standardize on 307 as redirect code. 2015-08-20 13:20:35 -07:00
vishalnayak
440b11c279 Vault SSH: Adding the missed out config file 2015-08-20 11:30:21 -07:00
Jeff Mitchell
1f51372537 Merge pull request #552 from hashicorp/fix-uselimit-decrement 
Fix #461 properly by defering potential revocation of a token until a…
 2015-08-20 10:39:24 -07:00
Jeff Mitchell
ae1d235056 Don't defer revocation when sealing, and clear out response/auth if there is a token use error 2015-08-20 10:37:42 -07:00
Jeff Mitchell
1cc78bcab1 Fix #461 properly by defering potential revocation of a token until after the request is fully handled. 2015-08-20 10:14:13 -07:00
Vishal Nayak
41db9d25c7 Merge pull request #385 from hashicorp/vishal/vault 
SSH Secret Backend for Vault
 2015-08-20 10:03:15 -07:00
Jeff Mitchell
c4654c2d9c Actually include the Godeps files, derp. 2015-08-20 09:52:21 -07:00
Jeff Mitchell
caab8dd086 Merge pull request #549 from bkw/cassandraUsernamesUnderscore 
Use underscores in cassandra username generation
 2015-08-20 07:02:52 -07:00
Bernhard K. Weisshuhn
08aafee5b6 skip revoke permissions step on cassandra rollback (drop user is enough) 2015-08-20 11:15:43 +02:00