luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
4,389 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

181 Commits

Author SHA1 Message Date
Jeff Mitchell cdea4b3445 Add some tests and fix some bugs 2016-08-13 14:03:22 -04:00
Jeff Mitchell de60702d76 Don't check the role period again as we've checked it earlier and it may be greater than the te Period 2016-08-13 13:21:56 -04:00
Jeff Mitchell bcb4ab5422 Add periodic support for root/sudo tokens to auth/token/create 2016-08-12 21:14:12 -04:00
Jeff Mitchell 0f40fba40d Don't allow a root token that expires to create one that doesn't 2016-08-09 20:32:40 -04:00
Jeff Mitchell d7f6218869 Move checking non-assignable policies above the actual token creation 2016-08-08 16:44:29 -04:00
Laura Bennett da615642f5 Merge pull request #1687 from hashicorp/token-store-update 
Minor update to token-store
 2016-08-08 10:25:05 -04:00
vishalnayak e783bfe7e1 Minor changes to test cases 2016-08-05 20:22:07 -04:00
Laura Bennett 405eb0075a fix an error, tests still broken 2016-08-05 17:58:48 -04:00
Jeff Mitchell 82b3d136e6 Don't mark never-expiring root tokens as renewable 2016-08-05 11:15:25 -04:00
Laura Bennett 68d351c70c addresses feedback, but tests broken 2016-08-05 10:04:02 -04:00
Laura Bennett c626277632 initial commit for minor update to token-store 2016-08-03 14:32:17 -04:00
Vishal Nayak 0b2098de2f Merge pull request #1681 from hashicorp/disallowed-policies 
Support disallowed_policies in token roles
 2016-08-02 17:32:53 -04:00
vishalnayak e7cb3fd990 Addressed review feedback 2016-08-02 16:53:06 -04:00
vishalnayak 4f45910dfc disallowed_policies doc update 2016-08-02 16:33:22 -04:00
Jeff Mitchell 31b36fe2c2 Use duration helper to allow not specifying duration units 2016-08-02 15:12:45 -04:00
vishalnayak a936914101 Address review feedback and fix existing tests 2016-08-02 14:10:20 -04:00
vishalnayak a0c711d0cf Added disallowed_policies to token roles 2016-08-02 10:33:50 -04:00
Jeff Mitchell 357f2d972f Add some extra safety checking in accessor listing and update website 
docs.
 2016-08-01 13:12:06 -04:00
Jeff Mitchell 6546005487 Fix typo 2016-07-29 23:24:04 -04:00
Jeff Mitchell e606aab6e0 oops, fix createAccessor 2016-07-29 18:23:55 -04:00
Jeff Mitchell 23ab63c78e Add accessor list function to token store 2016-07-29 18:20:38 -04:00
Laura Bennett 7e29cf1cae edits based on comments in PR 2016-07-25 09:46:10 -04:00
Laura Bennett 9ea1c8b801 initial commit for nonAssignablePolicies 2016-07-24 22:27:41 -04:00
vishalnayak 331f229858 Added a cap of 256 for CreateLocks utility 2016-07-20 04:48:35 -04:00
vishalnayak 50e8a189e9 Added helper to create locks 2016-07-19 21:37:28 -04:00
vishalnayak c14235b206 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
vishalnayak 8269f323d3 Revert 'risky' changes 2016-07-12 16:38:07 -04:00
vishalnayak e09b40e155 Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC 2016-07-08 18:30:18 -04:00
vishalnayak ad7cb2c8f1 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
Jeff Mitchell 09720bbd8e Fix picking wrong token lock 2016-06-27 11:17:08 -04:00
Jeff Mitchell 2b4b6559e3 Merge pull request #1504 from hashicorp/token-store-roles-renewability 
Add renewable flag to token store roles
 2016-06-08 15:56:54 -04:00
Jeff Mitchell 8a1bff7c11 Make out-of-bounds explicit max a cap+warning instead of an error 2016-06-08 15:25:17 -04:00
Jeff Mitchell cf8f38bd4c Add renewable flag to token store roles 2016-06-08 15:17:22 -04:00
Jeff Mitchell 65d8973864 Add explicit max TTL capability to token creation API 2016-06-08 14:49:48 -04:00
Jeff Mitchell c0155ac02b Add renewable flag and API setting for token creation 2016-06-08 11:14:30 -04:00
Jeff Mitchell f8d70b64a0 Show renewable status for tokens in output 2016-06-01 17:30:31 -04:00
vishalnayak 1e4834bd20 Remove addDefault param from ParsePolicies 2016-05-31 13:39:58 -04:00
vishalnayak 49b4c83580 Adding default policies while creating tokens 2016-05-31 13:39:58 -04:00
vishalnayak c0e745dbfa s/logical.ErrorResponse/fmt.Errorf in renewal functions of credential backends 2016-05-26 10:21:03 -04:00
Jeff Mitchell c4431a7e30 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell 4c67a739b9 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-16 12:14:40 -04:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Jeff Mitchell ce5614bf9b Merge branch 'master-oss' into cubbyhole-the-world 2016-05-11 19:29:52 -04:00
Jeff Mitchell 6ec1ca05c8 Fix bug around disallowing explicit max greater than sysview max 2016-05-11 18:46:55 -04:00
Jeff Mitchell aecc3ad824 Add explicit maximum TTLs to token store roles. 2016-05-11 16:51:18 -04:00
Jeff Mitchell 1b190c9c62 Don't check if numuses is -1 with a read lock, it shouldn't come in with that from lookup anyways 2016-05-02 15:31:28 -04:00
Jeff Mitchell 324bb9cfac Use a 256-level mutex map instead of 4096, and optimize the case for tokens that are not limited use 2016-05-02 14:57:17 -04:00
Jeff Mitchell 2ebe49d3a1 Change UseToken mechanics. 
Add locking around UseToken and Lookup. Have UseToken flag an entry that
needs to be revoked so that it can be done at the appropriate time, but
so that Lookup in the interm doesn't return a value.

The locking is a map of 4096 locks keyed off of the first three
characters of the token ID which should provide good distribution.
 2016-05-02 03:44:24 -04:00
Jeff Mitchell 81da06de05 Fix fetching parameters in token store when it's optionally in the URL 2016-04-28 15:15:37 -04:00
Jeff Mitchell 98d09b0dc6 Add seal tests and update generate-root and others to handle dualseal. 2016-04-25 19:39:04 +00:00