Calvin Leung Huang
138510c531
Barrier unseal using recovery keys ( #3541 )
...
* Barrier unseal using recovery keys
* Remove tests
2017-11-07 15:15:39 -05:00
Jeff Mitchell
962ef74cb2
Add seal type to seal-status output. ( #3516 )
2017-11-01 21:00:41 -05:00
Jeff Mitchell
63e66d09f4
Fix error message grammar
2017-03-14 17:10:43 -04:00
Jeff Mitchell
98c7bd6c03
Port some replication bits to OSS ( #2386 )
2017-02-16 15:15:02 -05:00
Jeff Mitchell
ac0f45e45c
Add nonce to unseal to allow seeing if the operation has reset ( #2276 )
2017-01-17 11:47:06 -05:00
Thomas Soëte
ebe1cf8081
Use 'http.MaxBytesReader' to limit request size ( #2131 )
...
Fix 'connection reset by peer' error introduced by 300b72e
2016-12-01 10:59:00 -08:00
Jeff Mitchell
d9f97198bd
Set number of pester retries to zero by default and make seal command… ( #2093 )
...
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500
* Fix build
* Use 403 instead and update test
* Change another 500 to 403
2016-11-16 14:08:09 -05:00
Vishal Nayak
9a60bf2a50
Audit the client token accessors ( #2037 )
2016-10-29 17:01:49 -04:00
vishalnayak
ee26c7e7b6
Remove the string 'Vault' from version information
2016-09-01 14:54:04 -04:00
Jeff Mitchell
c22e616999
Remove outdated comment.
2016-08-24 14:16:02 -04:00
Jeff Mitchell
a82b44df3d
Error when an invalid (as opposed to incorrect) unseal key is given. ( #1782 )
...
Fixes #1777
2016-08-24 14:15:25 -04:00
Jeff Mitchell
ed48b008ce
Provide base64 keys in addition to hex encoded. ( #1734 )
...
* Provide base64 keys in addition to hex encoded.
Accept these at unseal/rekey time.
Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
vishalnayak
baa1a1c9cf
Address review feedback from @jefferai
2016-08-10 15:22:12 -04:00
vishalnayak
a9155e8038
Fix Cluster object being returned as nil when unsealed
2016-08-10 15:09:16 -04:00
vishalnayak
e5e02332c5
Removed duplicated check in tests
2016-07-29 14:18:53 -04:00
vishalnayak
8f1ccc6eff
Add cluster information to 'vault status'
2016-07-29 14:13:53 -04:00
vishalnayak
5c38276598
Added Vault version informationto the 'status' command
2016-07-28 17:37:35 -04:00
Jeff Mitchell
fa08f1f0fe
Enable audit-logging of seal and step-down commands.
...
This pulls the logical request building code into its own function so
that it's accessible from other HTTP handlers, then uses that with some
added logic to the Seal() and StepDown() commands to have meaningful
audit log entries.
2016-05-20 17:03:54 +00:00
Jeff Mitchell
ab93e3aa63
SealInterface
2016-04-04 10:44:22 -04:00
Jeff Mitchell
6b0c692385
Provide 'sys/step-down' and 'vault step-down'
...
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.
Fixes #1093
2016-02-26 19:43:55 -05:00
Jeff Mitchell
d7f528a768
Add reset support to the unseal command.
...
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.
Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell
b86f252c77
Allow POST as well as PUT for seal/unseal command, fits in more with how logical handles things
2015-09-10 15:09:53 -04:00
Mitchell Hashimoto
d666e79a3a
http: /sys/seal requires a token
2015-03-31 11:45:44 -07:00
Mitchell Hashimoto
e657ac8b52
http: /sys/seal-status should return 400 if still uninitialized
2015-03-30 23:36:03 -07:00
Mitchell Hashimoto
e3fbe54a04
http: mask user error away from unseal since its not actionable
2015-03-12 11:26:59 -07:00
Mitchell Hashimoto
d564131cef
http: test all seal endpoints
2015-03-12 11:12:44 -07:00
Mitchell Hashimoto
59ce4265de
http: start the API server
2015-03-11 23:05:16 -07:00
