Vault SSH: keys/ designated special path

2015-07-23 18:12:13 -04:00 · 2015-07-23 18:12:13 -04:00 · e8daf2d0a5
parent e998face87
commit e8daf2d0a5
4 changed files with 9 additions and 5 deletions
--- a/builtin/logical/ssh/backend.go
+++ b/builtin/logical/ssh/backend.go
@ -28,8 +28,13 @@ func Backend(conf *logical.BackendConfig) (*framework.Backend, error) {
 		Help: strings.TrimSpace(backendHelp),

 		PathsSpecial: &logical.Paths{
-			Root:            []string{"config/*"},
-			Unauthenticated: []string{"verify"},
+			Root: []string{
+				"config/*",
+				"keys/*",
+			},
+			Unauthenticated: []string{
+				"verify",
+			},
 		},

 		Paths: []*framework.Path{
@ -42,7 +47,7 @@ func Backend(conf *logical.BackendConfig) (*framework.Backend, error) {
 		},

 		Secrets: []*framework.Secret{
-			secretSSHKey(&b),
+			secretDynamicKey(&b),
 			secretOTP(&b),
 		},
 	}
--- a/builtin/logical/ssh/path_creds_create.go
+++ b/builtin/logical/ssh/path_creds_create.go
--- a/builtin/logical/ssh/path_verify.go
+++ b/builtin/logical/ssh/path_verify.go
@ -41,7 +41,6 @@ func (b *backend) pathVerifyWrite(req *logical.Request, d *framework.FieldData)
 		return nil, nil
 	}

-	log.Printf("Vishal: key found. Deleting now. Returning valid=yes\n")
 	err = req.Storage.Delete("otp/" + otpSalted)
 	if err != nil {
 		return nil, err
--- a/builtin/logical/ssh/secret_dynamic_key.go
+++ b/builtin/logical/ssh/secret_dynamic_key.go
@ -10,7 +10,7 @@ import (

 const SecretDynamicKeyType = "secret_dynamic_key_type"

-func secretSSHKey(b *backend) *framework.Secret {
+func secretDynamicKey(b *backend) *framework.Secret {
 	return &framework.Secret{
 		Type: SecretDynamicKeyType,
 		Fields: map[string]*framework.FieldSchema{