mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-17 12:07:02 +02:00
Code Issues Projects Releases Wiki Activity
5,323 Commits 2,844 Branches 445 Tags 454 MiB
ffb5ee7fda
Commit Graph

239 Commits

Author SHA1 Message Date
Jeff Mitchell
2ac644d983 Add ability to set max retries to API 2017-03-01 12:24:08 -05:00
Jordan Abderrachid
aae23b1ea1 api: add EnvVaultToken constant. (#2413) 2017-02-27 18:36:21 -05:00
Jeff Mitchell
7c4e5a775c Fix breakage for HTTP2 support due to changes in wrapping introduced in 1.8 (#2412) 2017-02-27 12:49:35 -05:00
Jeff Mitchell
615945a6b0 Move http-using API tests into http package 2017-02-24 14:23:21 -05:00
Jeff Mitchell
513f8b918d Add WithOptions methods to audit/auth enabling (#2383) 2017-02-16 11:37:27 -05:00
Jason Felice
0a1e7a7be4 ConfigureTLS() sets default HttpClient if nil (#2329) 2017-02-06 17:47:56 -05:00
Jeff Mitchell
ac0f45e45c Add nonce to unseal to allow seeing if the operation has reset (#2276) 2017-01-17 11:47:06 -05:00
Vishal Nayak
20fabef08b Use Vault client's scheme for auto discovery (#2146) 2016-12-02 11:24:57 -05:00
Jeff Mitchell
77d804e483 Better handle nil responses in logical unwrap 2016-12-01 16:38:08 -05:00
Jeff Mitchell
b7c655f45c Fix panic when unwrapping if the server EOFs 2016-11-29 16:50:07 -05:00
Jeff Mitchell
d9f97198bd Set number of pester retries to zero by default and make seal command… (#2093) 
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500

* Fix build

* Use 403 instead and update test

* Change another 500 to 403
 2016-11-16 14:08:09 -05:00
Jeff Mitchell
c7ca7aef0a Fix unwrap CLI command when there is no client token set. (#2077) 2016-11-08 11:36:15 -05:00
Jeff Mitchell
57870f7f05 change api so if wrapping token is the same as the client token it doesn't set it in the body 2016-10-27 12:15:30 -04:00
Jeff Mitchell
94ca45b121 Fix NOT logical bug. 
Ping #2014
 2016-10-18 09:51:45 -04:00
Jeff Mitchell
60deff1bad Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell
c748ff322f Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
Jeff Mitchell
941b066780 Add support for PGP encrypting the initial root token. (#1883) 2016-09-13 18:42:24 -04:00
Jeff Mitchell
47aafa6ee1 Reinstate the token parameter to api.RevokeSelf to avoid breaking compatibility 2016-09-13 11:03:05 -04:00
Jeff Mitchell
75f792b27e Add response wrapping to list operations (#1814) 2016-09-02 01:13:14 -04:00
Evan Gilman
d7a139ce4f Add golang api method for creating orphan tokens (#1834) 2016-09-01 15:39:44 -04:00
Jeff Mitchell
f447d21a72 Don't allow tokens in paths. (#1783) 2016-08-24 15:59:43 -04:00
markrzasa
6089d7f2d6 allow a TLS server name to be configured for SSH agents (#1720) 2016-08-23 22:06:56 -04:00
Jeff Mitchell
ed48b008ce Provide base64 keys in addition to hex encoded. (#1734) 
* Provide base64 keys in addition to hex encoded.

Accept these at unseal/rekey time.

Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
 2016-08-15 16:01:15 -04:00
Jeff Mitchell
92cb23fc85 Restore compatibility with pre-0.6.1 servers for CLI/Go API calls 2016-08-14 14:52:45 -04:00
Jeff Mitchell
146cdc69eb Add periodic support for root/sudo tokens to auth/token/create 2016-08-12 21:14:12 -04:00
Jeff Mitchell
2a0f946f6b Don't retry on redirections. 2016-08-12 15:13:42 -04:00
vishalnayak
b01a4ff1cb Use default config and read environment by default while creating client object 2016-08-12 11:37:13 -04:00
Jeff Mitchell
558ba440d4 Merge pull request #1699 from hashicorp/dataonly 
Return sys values in top level normal api.Secret
 2016-08-09 07:17:02 -04:00
Jeff Mitchell
7f13c4bcff Add ability to specify renew lease ID in POST body. 2016-08-08 18:00:44 -04:00
Jeff Mitchell
593954d40c Fix tests and update mapstructure 2016-08-08 16:00:31 -04:00
Alex Dadgar
bcf98fa8d6 Merge pull request #1682 from hashicorp/f-refactor-tls-config 
Refactor the TLS configuration between meta.Client and the api.Config
 2016-08-02 13:35:37 -07:00
Alex Dadgar
881d67e2fd Address comments 2016-08-02 13:17:45 -07:00
vishalnayak
8f1ccc6eff Add cluster information to 'vault status' 2016-07-29 14:13:53 -04:00
vishalnayak
5c38276598 Added Vault version informationto the 'status' command 2016-07-28 17:37:35 -04:00
Alex Dadgar
5fccb9a83e Refactor the TLS configuration between meta.Client and the api.Config 2016-07-27 17:26:26 -07:00
Jeff Mitchell
1109936700 Plumb request UUID through the API 2016-07-27 09:25:04 -04:00
vishalnayak
d22204914d Add service discovery to init command 2016-07-21 16:17:29 -04:00
Vishal Nayak
4e5c3631f4 Merge pull request #1583 from hashicorp/ssh-allowed-roles 
Add allowed_roles to ssh-helper-config and return role name from verify call
 2016-07-19 12:04:12 -04:00
vishalnayak
5b458db104 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
Jeff Mitchell
478f420912 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell
7129fd5785 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Jeff Mitchell
60df9d3461 Make the API client retry on 5xx errors. 
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.

Fix tests.
 2016-07-06 16:50:23 -04:00
vishalnayak
ef97199360 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
vishalnayak
b632ef58e4 Add allowed_roles to ssh-helper-config and return role name from verify call 2016-07-05 11:14:29 -04:00
vishalnayak
efaffa8f55 Added 'sys/auth/<path>/tune' endpoints. 
Displaying 'Default TTL' and 'Max TTL' in the output of 'vault auth -methods'
 2016-06-15 13:58:24 -04:00
Jeff Mitchell
47dc1ccd25 Add token accessor to wrap information if one exists 2016-06-13 23:58:17 +00:00
Jeff Mitchell
15a40fdde5 Add explicit max TTL capability to token creation API 2016-06-08 14:49:48 -04:00
Jeff Mitchell
517571c04a Add renewable flag and API setting for token creation 2016-06-08 11:14:30 -04:00
Jeff Mitchell
8dffc64388 Use time.Time which does RFC3339 across the wire to handle time zones. Arguably we should change the API to always do this... 2016-06-07 16:01:09 -04:00
Jeff Mitchell
91053b7471 Add creation time to returned wrapped token info 
This makes it easier to understand the expected lifetime without a
lookup call that uses the single use left on the token.

This also adds a couple of safety checks and for JSON uses int, rather
than int64, for the TTL for the wrapped token.
 2016-06-07 15:00:35 -04:00