58b32e5432
Convert to logxi
2016-08-21 18:13:37 -04:00
37320f8798
Request forwarding ( #1721 )
...
Add request forwarding.
2016-08-15 09:42:42 -04:00
4f0310ed96
Don't allow root from authentication backends either.
...
We've disabled this in the token store, but it makes no sense to have
that disabled but have it enabled elsewhere. It's the same issue across
all, so simply remove the ability altogether.
2016-08-08 17:32:37 -04:00
e5737b6789
initial local commit
2016-07-23 21:46:28 -04:00
05b0e0a866
Enable audit-logging of seal and step-down commands.
...
This pulls the logical request building code into its own function so
that it's accessible from other HTTP handlers, then uses that with some
added logic to the Seal() and StepDown() commands to have meaningful
audit log entries.
2016-05-20 17:03:54 +00:00
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
af4e2feda7
When testing, increase the time we wait for the stepdown to occur.
...
2s -> 5s, no functional change.
2016-05-15 07:30:40 -07:00
aeea7628d6
Add a *log.Logger argument to physical.Factory
...
Logging in the backend is a good thing. This is a noisy interface change but should be a functional noop.
2016-04-25 20:10:32 -07:00
afae46feb7
SealInterface
2016-04-04 10:44:22 -04:00
90dd55b1e6
Sort policies before returning/storing, like we do in handleCreateCommon
2016-03-10 22:31:26 -05:00
8094077cd3
Fix broken test case
2016-03-10 20:06:22 -05:00
f478cc57e0
fix all the broken tests
2016-03-09 13:45:36 -05:00
62f1b3f91c
Remove unneeded sleeps in test code
2016-03-03 11:09:27 -05:00
6a980b88fd
Address review feedback
2016-02-28 21:51:50 -05:00
11ddd2290b
Provide 'sys/step-down' and 'vault step-down'
...
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.
Fixes #1093
2016-02-26 19:43:55 -05:00
4c87c101f7
Fix tests
2016-02-26 16:44:35 -05:00
eeea9710b6
Generalized the error message and updated doc
2016-02-03 15:06:18 -05:00
f5fbd12ac3
Test for seal on standby node
2016-02-03 12:28:01 -05:00
9857da207c
Move rekey to its own files for cleanliness
2016-01-14 17:01:04 -05:00
9c5ad28632
Update deps, and adjust usage of go-uuid to match new return values
2016-01-13 13:40:08 -05:00
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
a094eedce2
Add rekey nonce/backup.
2016-01-06 09:54:35 -05:00
5ddd243144
Store a last renewal time in the token entry and return it upon lookup
...
of the token.
Fixes #889
2016-01-04 11:20:49 -05:00
df68e3bd4c
Filter out duplicate policies during token creation.
2015-12-30 15:18:30 -05:00
f2da5b639f
Migrate 'uuid' to 'go-uuid' to better fit HC naming convention
2015-12-16 12:56:20 -05:00
b2a0b48a2e
Add test to ensure the right backend was used with separate HA
2015-12-14 20:48:22 -05:00
7ce8aff906
Address review feedback
2015-12-14 17:58:30 -05:00
ced0835574
Allow separate HA physical backend.
...
With no separate backend specified, HA will be attempted on the normal
physical backend.
Fixes #395 .
2015-12-14 07:59:58 -05:00
1a45696208
Add no-default-policy flag and API parameter to allow exclusion of the
...
default policy from a token create command.
2015-11-09 17:30:50 -05:00
d6693129de
Create a "default" policy with sensible rules.
...
It is forced to be included with each token, but can be changed (but not
deleted).
Fixes #732
2015-11-09 15:44:09 -05:00
a9155ef85e
Use split-out hashicorp/uuid
2015-10-12 14:07:12 -04:00
bd1dce7f95
Address review feedback for #684
2015-10-08 14:34:10 -04:00
d58a3b601c
Add a cleanLeaderPrefix function to clean up stale leader entries in core/leader
...
Fixes #679 .
2015-10-08 14:04:58 -04:00
47e8c0070a
Don't use leases on the generic backend...with a caveat.
...
You can now turn on and off the lease behavior in the generic backend by
using one of two factories. Core uses the normal one if it's not already
set, so unit tests can use the custom one and all stay working.
This also adds logic into core to check, when the response is coming
from a generic backend, whether that backend has leases enabled. This
adds some slight overhead.
2015-09-21 16:37:37 -04:00
5dde76fa1c
Expand HMAC support in Salt; require an identifier be passed in to specify type but allow generation with and without. Add a StaticSalt ID for testing functions. Fix bugs; unit tests pass.
2015-09-18 17:38:30 -04:00
d775445efe
Store token creation time and TTL. This can be used to properly populate
...
fields in 'lookup-self'. Importantly, this also makes credential
backends use the SystemView per-backend TTL values and fixes unit tests
to expect this.
Fully fixes #527
2015-09-18 16:39:35 -04:00
3f45f3f41b
Rename config lease_duration parameters to lease_ttl in line with current standardization efforts
2015-08-27 07:50:24 -07:00
93ef9a54bd
Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod
2015-08-20 18:00:51 -07:00
151ec72d00
Add configuration options for default lease duration and max lease duration.
2015-07-30 09:42:49 -04:00
dc8cc308af
vault: fixing test with glob change
2015-07-05 17:31:41 -06:00
41b72a4d39
vault: provide view to backend initializer for setup
2015-06-30 17:30:43 -07:00
dbf6cf6e6d
vault: support core shutdown
2015-06-17 18:23:59 -07:00
5c75a6c5c7
vault: ensure token renew does not double register
2015-06-17 15:22:50 -07:00
716f8d9979
core: adding tests for HA rekey and rotate
2015-05-29 12:16:34 -07:00
0877160754
vault: minor rekey cleanups
2015-05-28 12:07:52 -07:00
c5352d14a4
vault: testing rekey
2015-05-28 12:02:30 -07:00
ba7bfed1af
vault: Expose MountPoint to secret backend. Fixes #248
2015-05-27 11:46:42 -07:00
d15eed47ad
vault: reproducing GH-203
2015-05-15 17:48:03 -07:00
3bcd32228d
vault: lease renewal should not create new lease entry
2015-05-15 17:47:39 -07:00
18795a4b26
vault: Adding test based on bug report
2015-05-15 17:19:41 -07:00
8f4ddfd904
vault: adding test for e33a904
2015-05-11 11:16:21 -07:00
843d9e6484
vault: verify login endpoint never returns a secret
2015-05-09 11:51:58 -07:00
13ab31f4b5
vault: ensure InternalData is never returned from the core
2015-05-09 11:47:46 -07:00
a6eef6bba3
vault: Guard against an invalid seal config
2015-05-08 11:05:31 -07:00
727e0e90cd
vault: validate advertise addr is valid URL [GH-106]
2015-05-02 13:28:33 -07:00
95c8001388
Disable mlock in tests
2015-04-28 22:18:00 -04:00
4473abd6ce
vault: core enforcement of limited use tokens
2015-04-17 11:57:56 -07:00
818ce0a045
vault: token store allows specifying display_name
2015-04-15 14:24:07 -07:00
76b69b2514
vault: thread the display name through
2015-04-15 14:12:34 -07:00
9f7143cf44
vault: expose the current leader
2015-04-14 16:53:40 -07:00
445f64eb39
vault: leader should advertise address
2015-04-14 16:44:48 -07:00
7579cf76ab
vault: testing standby mode
2015-04-14 16:08:14 -07:00
2820bec479
vault: testing standby mode
2015-04-14 16:06:58 -07:00
4679febdf3
logical: Refactor LeaseOptions to share between Secret and Auth
2015-04-09 12:14:04 -07:00
466c7575d3
Replace VaultID with LeaseID for terminology simplification
2015-04-08 13:35:32 -07:00
df8dbe9677
vault: allow mount point queries without trailing /
2015-04-03 20:45:00 -07:00
eaa483ff87
vault: Enforce default and max length leasing
2015-04-03 15:42:34 -07:00
0ba7c64c0f
vault: Verify client token is not passed through in the plain
2015-04-03 15:39:56 -07:00
eec6c27fae
vault: Special case auth/token/create
2015-04-02 18:05:23 -07:00
c6479642e9
vault: integrate login with expiration manager
2015-04-02 17:52:11 -07:00
a8912e82d8
enable github
2015-04-01 15:48:56 -07:00
4138e43f00
vault: Adding audit trail for login
2015-04-01 14:48:37 -07:00
3d3e18793b
vault: Integrate audit logging with core
2015-04-01 14:33:48 -07:00
c8294170cc
vault: test bad key to seal
2015-03-31 10:00:04 -07:00
0666bda865
vault: require root token for seal
2015-03-31 09:59:02 -07:00
d4509b0ee3
vault: keep the connection info around for auth
2015-03-30 20:55:01 -07:00
c9acfa17cb
vault: get rid of HangleLogin
2015-03-30 20:26:39 -07:00
69593cde56
remove credential/ lots of tests faililng
2015-03-30 18:07:05 -07:00
e9a3a34c27
vault: tests passing
2015-03-29 16:18:08 -07:00
9a4946f115
vault: Testing core ACL enforcement
2015-03-24 15:55:27 -07:00
23864839bb
vault: testing root privilege restrictions
2015-03-24 15:52:07 -07:00
49df1570d6
vault: test missing and invalid tokens
2015-03-24 11:57:08 -07:00
20c2375352
vault: Adding ACL enforcement
2015-03-24 11:37:07 -07:00
6481ff9e34
vault: Generate a root token when initializing
2015-03-23 17:31:30 -07:00
192dcf7d39
vault: first pass at HandleLogin
2015-03-23 13:56:43 -07:00
c349e97168
vault: clean up VaultID duplications, make secret responses clearer
...
/cc @armon - This is a reasonably major refactor that I think cleans up
a lot of the logic with secrets in responses. The reason for the
refactor is that while implementing Renew/Revoke in logical/framework I
found the existing API to be really awkward to work with.
Primarily, we needed a way to send down internal data for Vault core to
store since not all the data you need to revoke a key is always sent
down to the user (for example the user than AWS key belongs to).
At first, I was doing this manually in logical/framework with
req.Storage, but this is going to be such a common event that I think
its something core should assist with. Additionally, I think the added
context for secrets will be useful in the future when we have a Vault
API for returning orphaned out keys: we can also return the internal
data that might help an operator.
So this leads me to this refactor. I've removed most of the fields in
`logical.Response` and replaced it with a single `*Secret` pointer. If
this is non-nil, then the response represents a secret. The Secret
struct encapsulates all the lease info and such.
It also has some fields on it that are only populated at _request_ time
for Revoke/Renew operations. There is precedent for this sort of
behavior in the Go stdlib where http.Request/http.Response have fields
that differ based on client/server. I copied this style.
All core unit tests pass. The APIs fail for obvious reasons but I'll fix
that up in the next commit.
2015-03-19 23:11:42 +01:00
15b7dc2d02
vault: integration expiration manager with core
2015-03-16 15:28:50 -07:00
d1d1929192
vault: convert to logical.Request and friends
2015-03-15 14:53:41 -07:00
866b91d858
vault: public TestCoreUnsealed, don't modify key in Unseal
...
/cc @armon - I do a key copy within Unseal now. It tripped me up for
quite awhile that that method actually modifies the param in-place and I
can't think of any scenario that is good for the user. Do you see any
issues here?
2015-03-14 17:47:11 -07:00
d0380e553d
vault: Support a pre-seal teardown
2015-03-13 11:16:24 -07:00
aa0ca02b8c
vault: sanity check key length
2015-03-12 11:20:38 -07:00
718065c733
vault: the config has to be exported
2015-03-12 10:22:12 -07:00
c6009345d1
vault: Testing mount table setup
2015-03-11 15:33:25 -07:00
f54e4e0f6a
vault: Loading mount tables on start
2015-03-11 15:19:41 -07:00
fdad9e9ce3
vault: Test routing while sealed
2015-03-11 14:31:55 -07:00
a6508b4010
vault: Testing core unseal
2015-03-11 14:25:16 -07:00
faa337dcbe
vault: Testing initialization
2015-03-11 11:57:05 -07:00
8fdac427a7
vault: Test initialization simple
2015-03-11 11:52:01 -07:00
Jeff Mitchell