mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-29 10:31:08 +02:00
Code Issues Projects Releases Wiki Activity
3,574 Commits 2,838 Branches 446 Tags
Commit Graph

34 Commits

Author SHA1 Message Date
vishalnayak
83adda998d Naming of the locked and nonLocked methods 2016-05-17 20:39:24 -04:00
vishalnayak
b53f0cb624 Rename 'role_name' to 'role' 2016-05-13 14:31:13 -04:00
vishalnayak
4aa01d390a Update docs and path names to the new patterns 2016-05-12 11:45:10 -04:00
Jeff Mitchell
dd5321a86a Switch whitelist to use longest max TTL 2016-05-05 20:44:48 -04:00
Jeff Mitchell
e83dbbe532 Fix HMAC being overwritten. Also some documentation, and add a lock to role operations 2016-05-05 14:51:09 -04:00
Jeff Mitchell
c41b024f36 More updates to mutexes and adjust blacklisted roletag default safety buffer 2016-05-05 14:12:22 -04:00
vishalnayak
ef83605f58 Change image/ to a more flexible /role endpoint 2016-05-03 23:36:59 -04:00
vishalnayak
fed55cff94 Ensure that the instance is running during renewal 2016-04-28 16:34:35 -04:00
vishalnayak
1a3c0a1f3e Change all time references to UTC 2016-04-28 10:19:29 -04:00
vishalnayak
05c10dad94 minor updates 2016-04-28 00:35:49 -04:00
vishalnayak
329361f951 Removed existence check on blacklist/roletags, docs fixes 2016-04-27 21:29:32 -04:00
vishalnayak
36193850fd Remove recreate parameter from clientEC2 2016-04-27 20:01:39 -04:00
vishalnayak
70ea33ccfc Added ami_id to token metadata 2016-04-27 11:32:05 -04:00
vishalnayak
06a174c2f0 tidy endpoint fixes 2016-04-26 10:22:29 -04:00
vishalnayak
dd03c55d68 HMAC Key per AMI ID and avoided secondary call to AWS to fetch the tags 2016-04-26 10:22:29 -04:00
vishalnayak
3110f65834 Rework and refactoring 2016-04-26 10:22:29 -04:00
vishalnayak
b76a4df110 Use fullsailor/pkcs7 package instead of its fork. Fix tests 2016-04-26 10:22:29 -04:00
vishalnayak
22c0ad94ba Removed region parameter from config/client endpoint. 
Region to create ec2 client objects is fetched from the identity document.
Maintaining a map of cached clients indexed by region.
 2016-04-26 10:22:29 -04:00
vishalnayak
01d417afbf Instance ID can optionally be accepted as a the role tag parameter. 2016-04-26 10:22:29 -04:00
vishalnayak
cd3e9e3b5b Support providing multiple certificates. 
Append all the certificates to the PKCS#7 parser during signature verification.
 2016-04-26 10:22:29 -04:00
vishalnayak
9a988ffdee Docs update 2016-04-26 10:22:29 -04:00
vishalnayak
9dc519ae68 Return 4xx error at appropriate places 2016-04-26 10:22:29 -04:00
vishalnayak
943cc345fe Tested pathImageTag 2016-04-26 10:22:29 -04:00
vishalnayak
a1ca3228b3 Make client nonce optional even during first login, when disallow_reauthentication is set 2016-04-26 10:22:29 -04:00
vishalnayak
8c439a2f61 Moved HMAC parsing inside parseRoleTagValue 2016-04-26 10:22:29 -04:00
vishalnayak
a2d774b0fc Properly handle empty client nonce case when disallow_reauthentication is set 2016-04-26 10:22:29 -04:00
vishalnayak
eecdfdc1e9 Added disallow_reauthentication feature 2016-04-26 10:22:29 -04:00
vishalnayak
39c93b5e54 Remove todo and change clientNonce length limit to 128 chars 2016-04-26 10:22:28 -04:00
Jeff Mitchell
8e3192eac1 Fix typo 2016-04-26 10:22:28 -04:00
Jeff Mitchell
7efc5eceb9 Add environment and EC2 instance metadata role providers for AWS creds. 2016-04-26 10:22:28 -04:00
Jeff Mitchell
c8afcafaf9 allow_instance_reboot -> allow_instance_migration 2016-04-26 10:22:28 -04:00
Jeff Mitchell
8aae383e39 Switch around some logic to be more consistent/readable and respect max 
TTL on initial token issuance.
 2016-04-26 10:22:28 -04:00
vishalnayak
93f8ec3086 Return un-expired entries from blacklist and whitelist 2016-04-26 10:22:28 -04:00
vishalnayak
e886d5aab9 AWS EC2 instances authentication backend 2016-04-26 10:22:28 -04:00