0062d923cc
Better error messages.
2015-06-30 08:59:38 -04:00
91ed2dcdc2
Refactoring changes
2015-06-29 22:00:08 -04:00
24d0af39b4
Initial sketch for client TLS auth
2015-06-29 15:33:16 -04:00
29696d4b6b
Creating SSH keys and removal of files in pure 'go'
2015-06-26 15:43:27 -04:00
8c15e2313b
ssh/lookup implementation and refactoring
2015-06-25 21:47:32 -04:00
b237a3bcc2
POC: Rework. Doing away with policy file.
2015-06-24 18:13:12 -04:00
f8d164f477
SSHs to multiple users by registering the respective host keys
2015-06-19 12:59:36 -04:00
90605c6079
merging with master
2015-06-18 20:51:11 -04:00
8d98968a54
Roles, key renewal handled. End-to-end basic flow working.
2015-06-18 20:48:41 -04:00
9772a72772
command/read: Ensure only a single argument. Fixes #304
2015-06-18 16:00:41 -07:00
c54868120a
command/path-help: rename command, better error if sealed. Fixes #234
2015-06-18 15:56:42 -07:00
3533d87746
command/write: adding force flag for when no data fields are necessary. Fixes #357
2015-06-18 13:51:06 -07:00
7394c7bd8d
command/server: fixing output weirdness
2015-06-18 13:48:18 -07:00
7bd1e7d826
command/auth: warn earlier about VAULT_TOKEN
2015-06-18 13:48:04 -07:00
28f18119e0
command/auth: warn about the VAULT_TOKEN env var. Fixes #195
2015-06-17 19:19:02 -07:00
2aed5f8798
Implementation for storing and deleting the host information in Vault
2015-06-17 22:10:47 -04:00
3a2adcb3b8
cmomand/read: strip path prefix if necessary. Fixes #343
2015-06-17 18:33:15 -07:00
6bc2b06de4
server: graceful shutdown for fast failover. Fixes #308
2015-06-17 18:24:56 -07:00
cfef144dc2
Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
2015-06-17 20:34:56 -04:00
303a7cef9a
Received OTK in SSH client. Forked SSH process from CLI. Added utility file for SSH.
2015-06-17 20:33:03 -04:00
1f963ec1bb
command/token-create: provide more useful output. Fixes #337
2015-06-17 16:59:50 -07:00
3ed73d98c2
Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect
2015-06-17 12:39:49 -04:00
0ecf05c043
command/auth, github: improve cli docs
...
/cc @sethvargo
2015-06-16 10:05:11 -07:00
3a0e19cb4e
Merge pull request #270 from sheldonh/no_export_vault_token
...
Don't recommend exporting VAULT_TOKEN
2015-06-01 11:52:40 -04:00
d605a437b6
Merge pull request #278 from Zhann/feature/add_dev_to_server_options_help
...
Add help info for -dev flag
2015-06-01 13:08:50 +02:00
607fc295e5
command/rekey: use same language in rekey as init
2015-06-01 13:08:20 +02:00
fbc51109cc
Merge pull request #273 from hashicorp/unseal-keys-notice
...
Change phrasing for unseal key notification
2015-06-01 13:06:52 +02:00
8155b3927e
Add help info for -dev flag
2015-05-31 18:05:15 +02:00
4e79210934
Updated phrasing to note restarts, stop, and other sealing scenarios
2015-05-28 17:07:38 -07:00
528d0c6e28
Changed phrasing for unseal key notification
2015-05-28 17:02:09 -07:00
7f26f5a4cb
command/rekey: adding tests
2015-05-28 15:22:42 -07:00
9a162191cd
command/rekey: first pass at rekey
2015-05-28 15:08:09 -07:00
42b91fe411
command/rotate: Adding new rotate command
2015-05-28 10:16:33 -07:00
6cda28f9e7
Don't recommend exporting VAULT_TOKEN
...
It's not needed by the dev server (which writes ~/.vault-token),
and breaks the Getting Started guide (e.g. #267 ).
2015-05-28 14:39:35 +02:00
388022bac1
command/key-status: Adding new key-status command
2015-05-27 18:17:02 -07:00
11b6abe886
Merge pull request #251 from DavidWittman/auth-prompt-without-args
...
Prompt for auth token when no args provided
2015-05-27 11:24:33 -07:00
5df1d725aa
Add test for stdin input
...
Shamelessly borrowed this pattern from write_test.go
2015-05-23 13:23:38 -05:00
1411749222
Read from stdin with auth command
2015-05-23 13:23:37 -05:00
48778c5260
Add ability to read raw field from secret
2015-05-22 11:28:23 -07:00
3713ef9fb7
command/renew: typo fix. Fixes #240
2015-05-21 11:03:25 -07:00
fb898ecc1b
Prompt for auth token when no args provided
...
This makes `vault auth` work as documented:
> If no -method is specified, then the token is expected. If it is not
> given on the command-line, it will be asked via user input. If the
> token is "-", it will be read from stdin.
2015-05-20 22:10:02 -05:00
a3ddd9ddb2
server: Minor copy change
2015-05-20 17:49:16 -07:00
7e08d68e48
Merge pull request #222 from DavidWittman/config-backend-check
...
Fail gracefully if a physical backend is not supplied
2015-05-20 17:47:45 -07:00
268db24819
command/listener: Request TLS client cert. Fixes #214
2015-05-20 16:01:40 -07:00
faa07cc165
Improve unseal CLI message
2015-05-19 00:34:18 -07:00
b04332f8fc
Fail gracefully if a phys backend is not supplied
2015-05-18 22:55:12 -05:00
88d5d6a4c8
Use strconv.ParseBool
2015-05-15 16:41:30 -04:00
a2831b0144
Explicitly check if tls_disable == 1
2015-05-15 16:39:30 -04:00
f40dba1c48
command/token: add Env to Helper
...
Specify environment variables on the Helper rather than on
the command line.
Fixes command/token test failures on Windows.
2015-05-12 07:22:38 +02:00
ce5786d133
Rename skip verify env
2015-05-11 11:27:54 -07:00
7c180fb6fd
Merge pull request #181 from jefferai/fix-ca-path-walk
...
Fix CA path walking, and add TLS-related env vars.
2015-05-11 11:26:47 -07:00
66c8d2dd2a
command: fix tests
2015-05-11 11:25:45 -07:00
073820a6cc
command/token: Use cmd on windows instead of sh
2015-05-11 11:08:08 -07:00
7bff682e8e
command/*: -tls-skip-verify [GH-130]
2015-05-11 11:01:52 -07:00
4f8c9e8fe2
This adds one bugfix and one feature enhancement.
...
Bugfix: When walking a given CA path, the walk gives both files and
directories to the function. However, both were being passed in to be
read as certificates, with the result that "." (the given directory for
the CA path) would cause an error. This fixes that problem by simply
checking whether the given path in the walk is a directory or a file.
Feature enhancement: VAULT_CACERT, VAULT_CAPATH, and VAULT_INSECURE now
perform as expected.
2015-05-11 17:58:56 +00:00
a3afed6811
command/meta: don't read token file if token is already set [GH-162]
2015-05-11 10:31:14 -07:00
bbddaff5c9
Make the VAULT_TOKEN and VAULT_ADDR copy-pastable in dev mode
...
This allows someone to quickly start a dev mode server and hit the ground
running without the need to copy-paste twice.
2015-05-07 18:32:40 -04:00
b71afe54e5
Merge pull request #139 from fubar-coder/master
...
Escape backslash to allow usage of dev server on Windows using MinGW
2015-05-06 11:05:06 -07:00
a4b92ebb3a
Merge pull request #133 from hashicorp/f-advertise
...
Attempt advertise address detection
2015-05-04 12:13:45 -07:00
47d2cc8349
Escape backslash to allow usage of dev server on Windows using MinGW (partially fixes issue #95 )
2015-05-04 09:20:40 +02:00
53d5a801e5
Fix lease_renewable output
2015-05-02 19:58:48 -07:00
c76b59812e
command/server: Attempt advertise address detection
2015-05-02 15:57:40 -07:00
c7ff8f8458
Merge pull request #82 from DavidWittman/75-auth-revoked-token
...
Check for invalid token when authing via cli
2015-05-02 13:20:57 -07:00
842a8ec818
command/format: add `lease_renewable` to output
2015-05-02 13:11:40 -07:00
2fff913263
Check for invalid token when authing via cli
...
If a token does not exist, the Read request returns without an
error, but the secret returned is `nil`, so we need to check for
that.
Closes #75
2015-04-28 21:50:51 -05:00
3d3274a66b
command/server: fix one race condition
2015-04-28 19:11:46 -07:00
d29ada47eb
command/server: disable mlock in dev mode
2015-04-28 15:11:39 -07:00
006d4fccfd
command/server: allow disabling mlock
2015-04-28 15:09:30 -07:00
6898c60292
command/server: warning if no mlock
2015-04-28 15:04:40 -07:00
c53dc04d92
command/token: use executable path to find token helper [GH-60]
2015-04-28 14:52:55 -07:00
1346040c86
Update server.go
...
Did you mean "talking?" Or something else?
2015-04-28 14:01:45 -06:00
3998804347
command: support custom CAs
2015-04-28 09:36:03 -07:00
244a0c56bc
command/*: lets try to remove this before 0.1.0
2015-04-28 09:20:42 -07:00
1b0d75719d
command/*: more TODO removal
2015-04-28 09:15:38 -07:00
fc6569ad59
command/*: fix spacing
2015-04-28 09:15:21 -07:00
0e112bf026
command/* fill in the addr
2015-04-28 09:13:32 -07:00
ff352c32fe
command/server: Catch error from core initialization. Fixes #42
2015-04-27 21:29:40 -07:00
3b0c993909
command/write: test output
2015-04-27 15:08:03 -07:00
4ff3acfbe3
command/write: handle writes with output
2015-04-27 14:55:43 -07:00
06a4c6b08f
command: refactor to share output formating code
2015-04-27 14:55:29 -07:00
b2a689bfc9
command/init: minor output text fix
2015-04-22 11:48:07 -07:00
3f9711fa63
command/status: no weird indentintg
2015-04-21 20:11:15 +02:00
d56a0ce2ef
command/status: refactor to improve output
2015-04-20 13:37:32 -07:00
2609977683
command/status: improve output when sealed
2015-04-20 12:21:35 -07:00
52f8b2d8ef
command/status: improve output when sealed
2015-04-20 12:19:25 -07:00
f76e5b2fc5
command: Rename seal-status to status
2015-04-20 12:11:21 -07:00
f1c97ab2cf
command: Adding HA status
2015-04-20 12:08:54 -07:00
fb3645214c
command/token-create: add display name and one time use
2015-04-19 18:08:08 -07:00
58d476edd0
command/token-renew
2015-04-19 18:04:01 -07:00
0ebf2508e0
command/policy-delete
2015-04-19 16:36:11 -07:00
6c497a8708
command/read: handle 404s
2015-04-18 22:05:08 -07:00
ee254a332e
command/server: can set advertise addr
2015-04-17 12:56:31 -07:00
415e7cef22
command/server: config for setting stats addresses
2015-04-17 12:56:31 -07:00
44b634c0d5
command/server: not HA possibilities when starting
2015-04-17 12:56:31 -07:00
f04d33b170
command/server: Enable telemetry. cc: @mitchellh
2015-04-14 18:44:09 -07:00
d251876363
command/read: output the duration
2015-04-13 20:42:07 -07:00
0cc0fb066b
command/renew
2015-04-13 20:42:07 -07:00
770116b8e9
command: Set minimum TLS version to 1.2
2015-04-13 19:09:44 -07:00
cc21b80a64
command/unseal: update error message
2015-04-12 18:41:42 -07:00
1f084139d5
command/unseal: can accept key from command-line
2015-04-12 18:39:41 -07:00
e8fec8b658
command/meta: can force config
2015-04-12 17:51:38 -07:00
4fd3bd8ab1
command: can force address
2015-04-12 17:30:19 -07:00
8ef487a4f5
command/revoke: rename vars to leaseId
2015-04-10 20:49:10 -07:00
48205d166b
rename vault id to lease id all over
2015-04-10 20:35:14 -07:00
466c7575d3
Replace VaultID with LeaseID for terminology simplification
2015-04-08 13:35:32 -07:00
9366be4895
command/auth: should let <1 args go through
2015-04-07 23:53:45 -07:00
071b72186e
command/auth: unify
2015-04-07 23:29:49 -07:00
73edbebd4d
command/audit-enable
2015-04-07 22:42:04 -07:00
8e3746d347
helper/kv-builder
2015-04-07 22:30:25 -07:00
71923a3abc
command/audit-disable
2015-04-07 18:23:50 -07:00
0b45ffcd66
command/audit-list
2015-04-07 18:19:44 -07:00
d97d9b928a
command/token-revoke
2015-04-07 14:36:17 -07:00
457694c28b
command/token-create: test
2015-04-07 14:22:18 -07:00
ee690ee3b3
command/token-create
2015-04-07 14:20:18 -07:00
7442bc1ef6
command/delete
2015-04-07 11:15:20 -07:00
f2ee82a17f
command/remount
2015-04-07 10:46:47 -07:00
ce0b0202ea
command/unmount: better output
2015-04-07 10:39:17 -07:00
a5ef1b6437
command/unmount
2015-04-07 10:38:51 -07:00
169666972a
command/server: env var for dev mode
2015-04-06 10:28:17 -07:00
62f4d1dd0e
credential/github: CLI handler
2015-04-06 09:53:43 -07:00
c1bca480e6
command/auth: test for other methods
2015-04-06 09:40:47 -07:00
ba2feae3f8
command/auth: add -method-help flag
2015-04-06 09:38:16 -07:00
22197fefa7
command/unseal: print newline after reading password
2015-04-06 09:34:08 -07:00
481628c41f
command/auth: framework for supporting more auth methods
2015-04-05 20:50:18 -07:00
8bfa12297d
builtin/audit: add file audit
2015-04-04 18:10:25 -07:00
b0da4056a0
command/server: tests
2015-04-04 17:43:20 -07:00
929931175c
command/server: log levels
2015-04-04 12:11:10 -07:00
afc71d2a7b
command/server: cleaner output
2015-04-04 12:06:41 -07:00
2e3d6d6a0e
command/help
2015-04-02 22:42:05 -07:00
8433b3bfa6
Revert "command/policy"
...
This reverts commit da81ab3b4c813b0c207555b9cdf46c6e67319546.
2015-04-01 23:07:49 -07:00
4a0810dd6a
command/policy
2015-04-01 23:02:03 -07:00
20d6fdf83f
command/policy-write
2015-04-01 23:00:15 -07:00
ca5c55c3eb
command/policies: read a single policy
2015-04-01 18:50:43 -07:00
a31ae896b4
command/policy-list
2015-04-01 18:46:32 -07:00
e87d41d352
command/auth-disable
2015-04-01 17:14:11 -07:00
f21da26766
command/auth-enable
2015-04-01 17:09:11 -07:00
8b3b10abc8
command/mounts: columnize
2015-04-01 17:01:10 -07:00
3876970564
command/read
2015-04-01 16:44:20 -07:00
cee51ddde9
command/server: support CredentialBackends
2015-04-01 15:48:13 -07:00
b5e4e4bf25
command/read: better UX on vault read
2015-03-31 20:50:05 -07:00
d6a57d8a2b
command/revoke: prefix
2015-03-31 19:33:16 -07:00
bbaa137f4e
command/revoke: revoke
2015-03-31 19:21:02 -07:00
67e4bdf1e4
misc typos
2015-03-31 17:27:04 -07:00
4f2ca0bca9
command/write: new format
2015-03-31 17:16:26 -07:00
19283eb5f7
command/server: dev mode
2015-03-31 16:44:47 -07:00
61efbf4930
command/mount
2015-03-31 16:29:04 -07:00
eba817a21c
command/auth: validate the token
2015-03-31 15:22:52 -07:00
407b32ccd5
command/seal: test should use the token
2015-03-31 11:46:55 -07:00
b62d0f187b
command/seal
2015-03-30 23:39:56 -07:00
78a783a1b9
command/meta: tests passing
2015-03-30 23:30:30 -07:00
27d4d861e9
command/auth: add newline so reading token doesn't output
2015-03-30 23:24:41 -07:00
b2e46896f6
command/meta: add token to client if we have it
2015-03-30 23:10:59 -07:00
e40d0874e1
command/auth: tests work wihtout vault installed
2015-03-30 11:07:31 -07:00
47a293579f
command/auth: setting tokens works
2015-03-30 10:55:41 -07:00
e3593d8bdc
command: load configuration
2015-03-30 10:25:24 -07:00
cb09c95824
command/token: HelperPath
2015-03-30 10:11:17 -07:00
27bc188758
token/disk: implement unencrypted disk store
2015-03-30 09:21:59 -07:00
62e36ecb68
command/token: helper to read/write tokens from a helper
2015-03-29 17:42:26 -07:00
e78c972351
command/auth: boilerplate
2015-03-29 16:42:45 -07:00
bd471bfffb
command/init: show root token
2015-03-29 16:25:53 -07:00
db65fd7b95
command: unit tests pass
2015-03-29 16:20:34 -07:00
2024c7a155
Fixing compilation errors due to API change
2015-03-24 16:20:05 -07:00
86a6062ba2
main: enable AWS backend
2015-03-20 19:32:18 +01:00
7b1402b104
command/mounts
2015-03-15 21:28:31 -07:00
9eb22bd3c0
command/read
2015-03-15 20:52:28 -07:00
c206755bdc
command/meta: VAULT_ADDR to set the addr via env var
2015-03-15 20:41:36 -07:00
602281213e
command/write: can write arbitrary data from stdin
2015-03-15 20:40:12 -07:00
1d07df9db6
command/write
2015-03-15 20:35:33 -07:00
ab722a5ec2
fix all tests
2015-03-15 17:10:33 -07:00
fd8f84e00e
command/unseal: tests
2015-03-13 20:17:55 -07:00
e473c655ac
website: imageoptim
2015-03-13 12:58:21 -07:00
c84a9bcaed
command/seal-status
2015-03-13 12:53:09 -07:00
5c2915ba52
command/init: tests
2015-03-13 12:53:09 -07:00
5c8a2812fe
command/init: make the output a little nicer
2015-03-13 12:53:09 -07:00
3c3e96575f
command/init
2015-03-13 12:53:08 -07:00
f71f29b801
command/server: initial working
2015-03-13 12:53:08 -07:00
cb3e91b338
command/sever: copy the TCP keep alive listener
2015-03-13 12:53:08 -07:00
393c6c6c20
command/server: support TLS
2015-03-13 12:53:08 -07:00
61224ce312
command/server: tcp listener
2015-03-13 12:53:08 -07:00
86c7a4c155
command/server: load config from flags
2015-03-12 15:30:07 -07:00
d88c20e293
command/server: add config loading
2015-03-12 15:21:11 -07:00
853e21defb
command/get,put
2015-03-04 11:08:13 -08:00
86d593a8f9
command/seal
2015-03-04 08:56:10 -08:00
115fd9c30d
command/unseal: forward error along
2015-03-04 00:35:02 -08:00
a524ef6537
helper/password: for reading passwords securely
2015-03-04 00:31:35 -08:00
2cb4c63208
command/unseal
2015-03-03 23:57:23 -08:00
cedeb056df
command/auth: document the serer options
2015-03-03 23:52:54 -08:00
38bfea80cc
command/meta: server options
2015-03-03 23:49:37 -08:00
32e640c8d0
command/auth
2015-03-03 23:34:32 -08:00
fdc3368ac0
command: version test
2015-03-03 23:14:54 -08:00
ba870b8fd2
scripts
2015-03-03 23:14:18 -08:00
adbae744fb
basic main boilerplate stuff
2015-03-03 23:03:24 -08:00
Karl Gutwin