mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-30 02:51:07 +02:00
Code Issues Projects Releases Wiki Activity
3,860 Commits 2,839 Branches 446 Tags
Commit Graph

60 Commits

Author SHA1 Message Date
vishalnayak
cfe0aa860e Backend() functions should return 'backend' objects. 
If they return pointers to 'framework.Backend' objects, the receiver functions can't be tested.
 2016-06-10 15:53:02 -04:00
Jeff Mitchell
74a1e3bd61 Remove most Root paths 2016-05-31 23:42:54 +00:00
vishalnayak
80faa2f4ed s/logical.ErrorResponse/fmt.Errorf in renewal functions of credential backends 2016-05-26 10:21:03 -04:00
Jeff Mitchell
0b7e8cf1c8 Merge pull request #1245 from LeonDaniel/master 
Improved groups search for LDAP login
 2016-05-19 12:13:29 -04:00
Oren Shomron
24ae32f10d Support listing ldap group to policy mappings (Fixes #1270) 2016-05-14 20:00:40 -04:00
leon
7caa667fef - updated refactored functions in ldap backend to return error instead of ldap response and fixed interrupted search in ldap groups search func 2016-04-27 18:17:54 +03:00
leon
df7723bb38 - refactored functionality in separate functions in ldap backend and used a separate ldap query to get ldap groups from userDN 2016-04-27 15:00:26 +03:00
leon
2d31a064f3 - fixed merge with upstream master 2016-04-26 13:23:43 +03:00
leon
ea2efb6531 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	builtin/credential/ldap/backend.go
 2016-04-26 13:16:42 +03:00
vishalnayak
5f1829af67 Utility Enhancements 2016-04-05 20:32:59 -04:00
vishalnayak
ac5ceae0bd Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell
f5f9c098b7 Some fixups around error/warning in LDAP 2016-04-02 13:33:00 -04:00
Jeff Mitchell
aca4e79ac6 If no group DN is configured, still look for policies on local users and 
return a warning, rather than just trying to do an LDAP search on an
empty string.
 2016-04-02 13:11:36 -04:00
Jeff Mitchell
aa6a5fa25b Fix potential error scoping issue. 
Ping #1262
 2016-03-30 19:48:23 -04:00
Jeff Mitchell
8926a7c7c7 Check for nil connection back from go-ldap, which apparently can happen even with no error 
Ping #1262
 2016-03-29 10:00:04 -04:00
Jeff Mitchell
7ce9701800 Properly check for policy equivalency during renewal. 
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
 2016-03-24 09:41:51 -04:00
leon
8ebacbc563 - updated LDAP group search by iterating through all the attributes and searching for CN value instead of assuming the CN is always the first attribute from the RDN list 2016-03-21 19:44:08 +02:00
leon
df96234ac9 - added another method to search LDAP groups by querying the userDN for memberOf attribute 2016-03-21 16:55:38 +02:00
Jeff Mitchell
7ef904b930 Use better error message on LDAP renew failure 2016-03-07 09:34:16 -05:00
Jeff Mitchell
65494f8268 Merge pull request #1100 from hashicorp/issue-1030 
Properly escape filter values in LDAP filters
 2016-02-19 14:56:40 -05:00
Jeff Mitchell
73e84b8c38 Address some feedback on ldap escaping help text 2016-02-19 13:47:26 -05:00
Jeff Mitchell
a2aad0bbd6 Properly escape filter values. 
Fixes #1030
 2016-02-19 13:16:52 -05:00
Jeff Mitchell
331f57c082 Update LDAP documentation with a note on escaping 2016-02-19 13:16:18 -05:00
Jeff Mitchell
6ef35dcbb7 Add tests to ldap using the discover capability 2016-02-19 11:46:59 -05:00
Jeff Mitchell
7458084e09 Add ldap tests that use a bind dn and bind password 2016-02-19 11:38:27 -05:00
Jeff Mitchell
2eb08d3bde Make backends much more consistent: 
1) Use the new LeaseExtend
2) Use default values controlled by mount tuning/system defaults instead
of a random hard coded value
3) Remove grace periods
 2016-01-29 20:03:37 -05:00
Hanno Hecker
ba9b20d275 discover bind dn with anonymous binds 2016-01-27 17:06:27 +01:00
Hanno Hecker
a702f849bc fix stupid c&p error 2016-01-26 16:15:25 +01:00
Hanno Hecker
11aee85c0b add binddn/bindpath to search for the users bind DN 2016-01-26 15:56:41 +01:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell
5c73e779c4 Add StaticSystemView to LDAP acceptance tests 2015-10-06 15:48:10 -04:00
Bradley Girardeau
7b6547abf7 Clean up naming and add documentation 2015-07-30 17:36:40 -07:00
Bradley Girardeau
083226f317 mfa: improve edge cases and documentation 2015-07-27 21:14:00 -07:00
Bradley Girardeau
85a4d740b5 ldap: add mfa support to CLI 2015-07-27 21:14:00 -07:00
Bradley Girardeau
5afc6115c7 ldap: add mfa to LDAP login 2015-07-27 21:14:00 -07:00
Bradley Girardeau
709b91fbd1 ldap: change setting user policies to setting user groups 2015-07-20 11:33:39 -07:00
Bradley Girardeau
7ee2419323 ldap: add ability to set policies based on username as well as groups 2015-07-14 15:46:15 -07:00
Bradley Girardeau
cbb6b64ce6 ldap: add ability to login with a userPrincipalName (user@upndomain) 2015-07-14 15:37:46 -07:00
Bradley Girardeau
0ef2eca24f ldap: add starttls support and option to specificy ca certificate 2015-07-02 15:49:51 -07:00
Armon Dadgar
6a9dc00e57 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar
22f543f837 Updating for backend API change 2015-06-30 17:36:12 -07:00
Armon Dadgar
dd9040b85d ldap: fixing merge conflict 2015-06-30 09:40:43 -07:00
esell
dac2cd8c62 change skipsslverify to insecure_tls 2015-06-29 19:23:31 -06:00
Armon Dadgar
de6ce89c39 Fixing merge conflict 2015-06-29 14:50:55 -07:00
esell
11a0b3b6c6 Set SkipSSLVerify default to false, add warning in help message 2015-06-24 13:38:14 -06:00
esell
e3a3fc8ab1 cleanup the code a bit 2015-06-24 10:09:29 -06:00
esell
ee690118b9 allow skipping SSL verification on ldap auth 2015-06-24 10:05:45 -06:00
Armon Dadgar
28dd283c93 builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Ian Unruh
82bca95537 Allow dot in LDAP login username 2015-05-20 11:54:15 -07:00
Giovanni Bajo
4273247923 auth/ldap: move password into InternalData 2015-05-09 22:06:34 +02:00