mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 19:17:02 +02:00
Code Issues Projects Releases Wiki Activity
6,740 Commits 2,844 Branches 445 Tags 454 MiB
d3a2844a75
Commit Graph

19 Commits

Author SHA1 Message Date
Jeff Mitchell
2f6c2b88bb Sanitize policy behavior across backends (#3324) 
Fixes #3323
Fixes #3318

* Fix tests

* Fix tests
 2017-09-13 11:36:52 -04:00
Michael Ansel
8da4405c99 Add constraints on the Common Name for certificate-based authentication (#2595) 
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
 2017-04-30 11:37:10 -04:00
vishalnayak
5f1829af67 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell
f52004e12a Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
vishalnayak
86df49b992 Added ExtKeyUsageAny, changed big.Int comparison and fixed code flow 2016-03-01 16:37:01 -05:00
vishalnayak
d8213e8094 corrections, policy matching changes and test cert changes 2016-03-01 16:37:01 -05:00
vishalnayak
9e610f6417 Added testcase for cert writes 2016-03-01 16:37:01 -05:00
vishalnayak
c506988cde supporting non-ca certs for verification 2016-03-01 16:37:01 -05:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell
5e0b16fe69 Use TypeDurationSecond instead of TypeString 2015-11-03 10:52:20 -05:00
Jeff Mitchell
5eac0671ae Add CRLSets endpoints; write method is done. Add verification logic to 
login path. Change certs "ttl" field to be a string to match common
backend behavior.
 2015-11-03 10:52:19 -05:00
Jeff Mitchell
4836e7ca4d Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527 2015-09-18 14:01:28 -04:00
Jeff Mitchell
99041b5b6d Merge pull request #561 from hashicorp/fix-wild-cards 
Allow hyphens in endpoint patterns of most backends
 2015-08-21 11:40:42 -07:00
vishalnayak
41678f18ae Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell
97112665e8 Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Armon Dadgar
8ae7b1288a credential/cert: support leasing and renewal 2015-04-24 12:58:39 -07:00
Armon Dadgar
b9a9c3677a credential/cert: default display name 2015-04-24 10:52:17 -07:00
Armon Dadgar
e17c11149f credential/cert: more validation on cert setup 2015-04-24 10:39:44 -07:00
Armon Dadgar
0ef9947b1d credential/cert: major refactor 2015-04-24 10:31:57 -07:00