luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
4033 commits 1 branch 0 tags 214 MiB
Commit graph

832 commits

Author SHA1 Message Date
Jeff Mitchell 434ed2faf2 Merge pull request #1573 from mickhansen/logical-postgresql-revoke-sequences 
handle revocations for roles that have privileges on sequences
 2016-07-18 13:30:42 -04:00
vishalnayak c14235b206 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
Vishal Nayak cdf58da43b Merge pull request #1610 from hashicorp/min-tls-ver-12 
Set minimum TLS version in all tls.Config objects
 2016-07-13 10:53:14 -06:00
vishalnayak 09a4142fd3 Handled upgrade path for TLSMinVersion 2016-07-13 12:42:51 -04:00
Vishal Nayak 9f1e6c7b26 Merge pull request #1607 from hashicorp/standardize-time 
Remove redundant invocations of UTC() call on `time.Time` objects
 2016-07-13 10:19:23 -06:00
vishalnayak de19314f18 Address review feedback 2016-07-13 11:52:26 -04:00
vishalnayak 407722a9b4 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
vishalnayak f34f0ef503 Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak 46d34130ac Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak 8269f323d3 Revert 'risky' changes 2016-07-12 16:38:07 -04:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Mick Hansen 9ee4542a7c incorporate code style guidelines 2016-07-11 13:35:35 +02:00
Mick Hansen c25788e1d4 handle revocations for roles that have privileges on sequences 2016-07-11 13:16:45 +02:00
vishalnayak e09b40e155 Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC 2016-07-08 18:30:18 -04:00
vishalnayak db3670c353 Fix transit tests 2016-07-06 22:04:08 -04:00
vishalnayak ad7cb2c8f1 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
Sean Chittenden 2e828383e0
Move the parameter down to where the statement is executed. 2016-07-03 16:20:27 -07:00
Sean Chittenden 08fb1a30d4
Use lib/pq's QuoteIdentifier() on all identifiers and Prepare 
for all literals.
 2016-07-03 16:01:39 -07:00
Jeff Mitchell 4a8d9eb942 Shave off a lot of PKI testing time by not requiring key generation when testing CSRs. Also enable all tests all the time. 2016-07-01 17:28:48 -04:00
Jeff Mitchell 369dcff5f9 Merge pull request #1581 from mp911de/cassandra_connect_timeout 
Support connect_timeout for Cassandra and align timeout.
 2016-07-01 22:33:24 +02:00
Mark Paluch ab63c938c4 Address review feedback. 
Switch ConnectTimeout to framework.TypeDurationSecond  with a default of 5. Remove own parsing code.
 2016-07-01 22:26:08 +02:00
Mark Paluch 3859f7938a Support connect_timeout for Cassandra and align timeout. 
The cassandra backend now supports a configurable connect timeout. The timeout is configured using the connect_timeout parameter in the session configuration.  Also align the timeout to 5 seconds which is the default for the Python and Java drivers.

Fixes #1538
 2016-07-01 21:22:37 +02:00
Jeff Mitchell 51cd67115c Run appid/cert auth tests always 2016-07-01 14:06:33 -04:00
Jeff Mitchell db211a4b61 Migrate Consul acceptance tests to Docker 2016-07-01 13:59:56 -04:00
Jeff Mitchell a2e95614d6 Have SQL backends Ping() before access. 
If unsuccessful, reestablish connections as needed.
 2016-07-01 12:02:17 -04:00
Jeff Mitchell e50e331ffc Always run transit acceptance tests 2016-07-01 11:45:56 -04:00
Jeff Mitchell 5313ae8a1b Merge pull request #1578 from hashicorp/dockerize-mysql-acc-tests 
Convert MySQL tests to Dockerized versions
 2016-07-01 17:38:52 +02:00
Jeff Mitchell 5d707c41ff Always run userpass acceptance tests 2016-07-01 11:37:38 -04:00
Jeff Mitchell 8d984c111d Convert MySQL tests to Dockerized versions 2016-07-01 11:36:28 -04:00
Jeff Mitchell 2488d520a4 Merge branch 'master-oss' into dockerize-pg-secret-tests 2016-06-30 14:31:52 -04:00
Jeff Mitchell 3e515c5885 Fix up breakage from bumping deps 2016-06-30 14:31:41 -04:00
Jeff Mitchell 8da8881825 Add comment around bind to localhost 2016-06-30 13:49:11 -04:00
Jeff Mitchell 22e83ae7f5 Dockerize Postgres secret backend acceptance tests 
Additionally enable them on all unit test runs.
 2016-06-30 13:46:39 -04:00
Jeff Mitchell 619ddc38b7 Use TRACE not WARN here 2016-06-30 12:41:56 -04:00
Jeff Mitchell 16d4f79c71 Fix test 2016-06-30 08:21:00 -04:00
Jeff Mitchell 5df2dd30c5 Change warn to trace for these messages 2016-06-29 21:04:02 -04:00
Jeff Mitchell cf178d3c9e Merge remote-tracking branch 'oss/master' into postgres-pl-lock 2016-06-29 17:40:34 -04:00
Jeff Mitchell 934e60c3c9 Add stmt close calls 2016-06-29 17:39:47 -04:00
Jeff Mitchell a56f79adcb Run prepare on the transaction, not the db 2016-06-29 17:20:41 -04:00
cara marie 11c205e19b removed option to create 1024 keybitlength certs 2016-06-28 16:56:14 -04:00
Jeff Mitchell 43df682365 Add more debug output 2016-06-28 11:03:56 -04:00
Jeff Mitchell 0802497c8a Add some logging to enter/exit of some functions 2016-06-24 16:11:22 -04:00
Jeff Mitchell 9dc0599a30 Address review feedback 2016-06-23 10:18:03 -04:00
Jeff Mitchell d7029fc49a Add some more testing 2016-06-23 09:49:03 -04:00
Jeff Mitchell 45a442e593 Set some basic key usages by default. 
Some programs (such as OpenVPN) don't like it if you don't include key
usages. This adds a default set that should suffice for most extended
usages. However, since things get twitchy when these are set in ways
various crypto stacks don't like, it's fully controllable by the user.

Fixes #1476
 2016-06-22 16:08:24 -04:00
Jeff Mitchell 407373df5d Revert "Use x509 package ext key usage instead of custom type" 
This reverts commit 0b2d8ff475a26ff98c37337a64859d150d62cfc1.
 2016-06-22 13:07:31 -04:00
Jeff Mitchell c0dee06aab Use x509 package ext key usage instead of custom type 2016-06-22 11:51:32 -04:00
Jeff Mitchell 62f66dc4d8 Do some internal renaming in PKI 2016-06-22 11:39:57 -04:00
vishalnayak 5f5a81d8da Fix broken build 2016-06-21 18:25:36 -04:00
vishalnayak e97f81ecaa Print role name in the error message 2016-06-21 17:53:33 -04:00