mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-20 18:21:09 +01:00
Code Issues Projects Releases Wiki Activity
6,745 Commits 2,848 Branches 460 Tags
Commit Graph

299 Commits

Author SHA1 Message Date
vishalnayak
583c968971 Added GetDefaultOrZero method to FieldData 2016-06-10 10:42:01 -04:00
Jeff Mitchell
8dffc64388 Use time.Time which does RFC3339 across the wire to handle time zones. Arguably we should change the API to always do this... 2016-06-07 16:01:09 -04:00
Jeff Mitchell
91053b7471 Add creation time to returned wrapped token info 
This makes it easier to understand the expected lifetime without a
lookup call that uses the single use left on the token.

This also adds a couple of safety checks and for JSON uses int, rather
than int64, for the TTL for the wrapped token.
 2016-06-07 15:00:35 -04:00
Jeff Mitchell
196776b9b8 Make logical.InmemStorage a wrapper around physical.InmemBackend. 
This:

* Allows removing LockingInmemStorage since the physical backend already
  locks properly
* Makes listing work properly by adhering to expected semantics of only
  listing up to the next prefix separator
* Reduces duplicated code
 2016-06-06 12:03:08 -04:00
Jeff Mitchell
f7ffa87696 Add some comments to sanitize 2016-05-16 16:12:45 -04:00
Jeff Mitchell
b626bfa725 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell
53afa06beb Merge branch 'master-oss' into cubbyhole-the-world 2016-05-16 12:14:40 -04:00
Sean Chittenden
339c0a4127
Speling police 2016-05-15 09:58:36 -07:00
vishalnayak
116e2cf024 Fix framework rollback manager tests 2016-05-14 19:35:36 -04:00
vishalnayak
7a10134f87 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
Jeff Mitchell
8672b61bef Implement WrapInfo audit logging 2016-05-07 20:03:56 -04:00
Jeff Mitchell
e36f66000e Make WrapInfo a pointer to match secret/auth in response 2016-05-07 19:17:51 -04:00
Jeff Mitchell
908487191f Merge branch 'master-oss' into cubbyhole-the-world 2016-05-07 16:40:04 -04:00
Jeff Mitchell
3ca09fdf30 Merge pull request #1346 from hashicorp/disable-all-caches 
Disable all caches
 2016-05-07 16:33:45 -04:00
Jeff Mitchell
e0e838c1ae Merge branch 'master-oss' into cubbyhole-the-world 2016-05-05 20:45:36 -04:00
Jeff Mitchell
50e3f7d40e Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
vishalnayak
0481976696 Split SanitizeTTL method to support time.Duration parameters as well 2016-05-05 09:45:48 -04:00
Jeff Mitchell
32601f4424 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
Jeff Mitchell
b18854be70 Plumb disabling caches through the policy store 2016-05-02 22:36:44 -04:00
Jeff Mitchell
d8ed24ac8a Remove MountPoint from internal wrap object, for now at least 2016-05-02 10:29:51 -04:00
Jeff Mitchell
21c0e4ee42 Add wrapping through core and change to use TTL instead of Duration. 2016-05-02 00:47:35 -04:00
Jeff Mitchell
778d000b5f Add: 
* Request/Response field extension
* Parsing of header into request object
* Handling of duration/mount point within router
* Tests of router WrapDuration handling
 2016-05-02 00:24:32 -04:00
vishalnayak
4f46bbaa32 Added cooldown period for periodic tidying operation 2016-04-26 10:22:29 -04:00
vishalnayak
81e4235fc0 Support periodic tidy callback and config endpoints. 2016-04-26 10:22:29 -04:00
Sean Chittenden
455b76828f Add a *log.Logger argument to physical.Factory 
Logging in the backend is a good thing.  This is a noisy interface change but should be a functional noop.
 2016-04-25 20:10:32 -07:00
Seth Vargo
ff0366f6fe Only show params if there are fields 2016-04-13 22:15:06 +01:00
vishalnayak
5c640601eb Added a TODO for 'Check' function 2016-04-06 12:51:49 -04:00
vishalnayak
a0471471cd Fix ErrorOk handling 2016-04-06 12:29:04 -04:00
vishalnayak
f4712a4999 Use AcceptanceTest bool in Test() function 2016-04-05 16:48:11 -04:00
vishalnayak
d71dcf2da2 s/TF_ACC/VAULT_ACC 2016-04-05 15:24:59 -04:00
vishalnayak
ac5ceae0bd Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell
ab93e3aa63 SealInterface 2016-04-04 10:44:22 -04:00
vishalnayak
daab5d6777 Fix SanitizeTTL check 2016-03-16 14:27:01 -04:00
vishalnayak
5556b35d01 Accept params both as part of URL or as part of http body 2016-03-14 19:14:36 -04:00
vishalnayak
2a35de81dc AccessorID --> Accessor, accessor_id --> accessor 2016-03-09 06:23:31 -05:00
vishalnayak
7b996523cd Error text corrections and minor refactoring 2016-03-08 22:27:24 -05:00
vishalnayak
38a5d75caa Introduced AccessorID in TokenEntry and returning it along with token 2016-03-08 14:06:10 -05:00
Jeff Mitchell
7ed0399e1f Add "tidy/" which allows removing expired certificates. 
A buffer is used to ensure that we only remove certificates that are
both expired and for which the buffer has past. Options allow removal
from revoked/ and/or certs/.
 2016-02-24 21:24:48 -05:00
Jeff Mitchell
ceeb47c9c9 Make SanitizeTTL treat an empty string the same as a "0" string. 
This causes a 0 TTL to be returned for the value, which is a clue to
other parts of Vault to use appropriate defaults. However, this makes
the defaults be used at lease allocation or extension time instead of
when parsing parameters.
 2016-02-18 16:51:36 -05:00
Jeff Mitchell
f75e121d8c Introduce a locking inmem storage for unit tests that are doing concurrent things 2016-02-04 09:40:35 -05:00
Jeff Mitchell
c60a9cd130 Remove grace periods 2016-01-31 19:33:16 -05:00
Jeff Mitchell
c4c170555a invert logic to prefer client increment 2016-01-29 20:02:15 -05:00
Jeff Mitchell
8a5bf09c49 Update proposed time 2016-01-29 19:31:37 -05:00
Jeff Mitchell
bde65134e6 Adjust framework unit tests for new LeaseExtend 2016-01-29 19:31:37 -05:00
Jeff Mitchell
0e15ac04c6 Update LeaseExtend 2016-01-29 19:31:37 -05:00
Jeff Mitchell
cf95982d80 Allow backends to see taint status. 
This can be seen via System(). In the PKI backend, if the CA is
reconfigured but not fully (e.g. an intermediate CSR is generated but no
corresponding cert set) and there are already leases (issued certs), the
CRL is unable to be built. As a result revocation fails. But in this
case we don't actually need revocation to be successful since the CRL is
useless after unmounting. By checking taint status we know if we can
simply fast-path out of revocation with a success in this case.

Fixes #946
 2016-01-22 17:01:22 -05:00
Jeff Mitchell
cc0d88cabe Address some listing review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell
2613343c3d Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell
87dbe89d17 Use logical operations instead of strings for comparison 2016-01-12 21:16:31 -05:00
Jeff Mitchell
45b96ed140 Address some more review feedback 2016-01-12 15:09:16 -05:00