Commit graph

5872 commits

Author SHA1 Message Date
Calvin Leung Huang c0ce0ae499 Merge branch 'database-refactor' of github.com:hashicorp/vault into database-refactor 2017-05-04 16:46:47 -04:00
Calvin Leung Huang b49993f81f Update mssql docs 2017-05-04 16:46:34 -04:00
Brian Kassouf 3c41bdfa16 update docs 2017-05-04 13:38:49 -07:00
Brian Kassouf a255cd9b93 changelog++ 2017-05-04 12:49:47 -07:00
Brian Kassouf 812841ff38 changelog++ 2017-05-04 12:48:52 -07:00
Brian Kassouf 7dcec6e68f Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 12:40:00 -07:00
Brian Kassouf 2d6dfbf147 Don't store the plugin directory prepended command in the barrier, prepend on get 2017-05-04 12:36:06 -07:00
Brian Kassouf 82b58d5b9c Update docs and return a better error message 2017-05-04 11:45:27 -07:00
mymercurialsky 4c0e3c5d2f Implemented TOTP Secret Backend (#2492)
* Initialized basic outline of TOTP backend using Postgresql backend as template

* Updated TOTP backend.go's structure and help string

* Updated TOTP path_roles.go's structure and help strings

* Updated TOTP path_role_create.go's structure and help strings

* Fixed typo in path_roles.go

* Fixed errors in path_role_create.go and path_roles.go

* Added TOTP secret backend information to cli commands

* Fixed build errors in path_roles.go and path_role_create.go

* Changed field values of period and digits from uint to int, added uint conversion of period when generating passwords

* Initialized TOTP test file based on structure of postgresql test file

* Added enforcement of input values

* Added otp library to vendor folder

* Added test steps and cleaned up errors

* Modified read credential test step, not working yet

* Use of vendored package not allowed - Test error

* Removed vendor files for TOTP library

* Revert "Removed vendor files for TOTP library"

This reverts commit fcd030994bc1741dbf490f3995944e091b11da61.

* Hopefully fixed vendor folder issue with TOTP Library

* Added additional tests for TOTP backend

* Cleaned up comments in TOTP backend_test.go

* Added default values of period, algorithm and digits to field schema

* Changed account_name and issuer fields to optional

* Removed MD5 as a hash algorithm option

* Implemented requested pull request changes

* Added ability to validate TOTP codes

* Added ability to have a key generated

* Added skew, qr size and key size parameters

* Reset vendor.json prior to merge

* Readded otp and barcode libraries to vendor.json

* Modified help strings for path_role_create.go

* Fixed test issue in testAccStepReadRole

* Cleaned up error formatting, variable names and path names. Also added some additional documentation

* Moveed barcode and url output to key creation function and did some additional cleanup based on requested changes

* Added ability to pass in TOTP urls

* Added additional tests for TOTP server functions

* Removed unused QRSize, URL and Generate members of keyEntry struct

* Removed unnecessary urlstring variable from pathKeyCreate

* Added website documentation for TOTP secret backend

* Added errors if generate is true and url or key is passed, removed logger from backend, and revised parameter documentation.

* Updated website documentation and added QR example

* Added exported variable and ability to disable QR generation, cleaned up error reporting, changed default skew value, updated documentation and added additional tests

* Updated API documentation to inlude to exported variable and qr size option

* Cleaned up return statements in path_code, added error handling while validating codes and clarified documentation for generate parameters in path_keys
2017-05-04 10:49:42 -07:00
Brian Kassouf 5ee0d696d4 Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 10:45:18 -07:00
Brian Kassouf 29bfc0a0d4 PR comments 2017-05-04 10:41:59 -07:00
Jeff Mitchell b568ea751b Move client token check in exp register to top 2017-05-04 12:45:57 -04:00
Jeff Mitchell abd63096f8 Update comments 2017-05-04 12:44:31 -04:00
vishalnayak 1a02f9be11 Fix up the tests 2017-05-04 12:41:15 -04:00
vishalnayak 5683430cb7 Update Tidy function comment 2017-05-04 12:11:00 -04:00
Jeff Mitchell d74b1b284a Update commenting 2017-05-04 11:54:57 -04:00
Jeff Mitchell 9a91700263 Move tidy-leases to leases/tidy 2017-05-04 09:40:11 -04:00
Jeff Mitchell f8295a301d Merge branch 'master-oss' into sys-tidy-leases 2017-05-04 09:37:52 -04:00
Jeff Mitchell dc18a98e8e changelog++ 2017-05-04 09:28:14 -04:00
Chris Hoffman 399863d5c2 changelog++ 2017-05-04 09:11:49 -04:00
Jeff Mitchell 5c0bd68286 changelog++ 2017-05-04 06:43:08 -04:00
Jeff Mitchell ed24a1b5a5 Write always needs a path, even with force. (#2675)
Fixes #2674
2017-05-04 06:40:58 -04:00
Jeff Mitchell 3256a53de7 changelog++ 2017-05-04 06:37:45 -04:00
Chris Hoffman 3d9cf89ad6 Add the ability to view and list of leases metadata (#2650) 2017-05-03 22:03:42 -04:00
Brian Kassouf ce391ca425 add new mysql plugin names and fix grammar 2017-05-03 18:41:39 -07:00
Brian Kassouf 0875e78a13 Feedback from PR 2017-05-03 17:37:34 -07:00
Jeff Mitchell 7250b3d01e Fix comment typo 2017-05-03 20:25:55 -04:00
Jeff Mitchell b7128f53a8 Add sys/leases/lookup and sys/leases/renew to the default policy 2017-05-03 20:22:16 -04:00
Brian Kassouf cbcb8635a4 Update databse backend tests to use the APIClientMeta for the plugin conns 2017-05-03 16:34:09 -07:00
Brian Kassouf 9faf234869 Fix the TLS functionality in cassandra plugin 2017-05-03 15:36:49 -07:00
Brian Kassouf b1a5f45d2c Fix parsing the connection duration when it's nil 2017-05-03 13:45:27 -07:00
Brian Kassouf 015e63164b Fix mysql plugin tests 2017-05-03 13:36:16 -07:00
Brian Kassouf 223598c675 Add the other mysql plugin types with the correct username length settings 2017-05-03 13:33:56 -07:00
Calvin Leung Huang 26cf09ab15 Minor comment update on cert_util 2017-05-03 16:13:54 -04:00
Brian Kassouf cf15c023df Use ParseDurationSecond to parse the timeouts in connutil 2017-05-03 13:11:30 -07:00
Brian Kassouf 37bd3ed76e Use log to output errors instead of fmt 2017-05-03 13:01:05 -07:00
Chris Hoffman c65c10c87f changelog++ 2017-05-03 15:18:28 -04:00
Jeff Mitchell 7f3891c734 Fix substitution of index/child in delete call 2017-05-03 15:09:13 -04:00
Chris Hoffman 1c14d207b5 Merge pull request #2575 from hashicorp/pki-colons-to-hyphens
Change storage of PKI entries from colons to hyphens
2017-05-03 15:07:15 -04:00
Jeff Mitchell 99884a8f13 Merge remote-tracking branch 'oss/master' into sys-tidy-leases 2017-05-03 15:02:42 -04:00
Chris Hoffman e34a45fdcd Minor readability enhancements for migration path from old to new 2017-05-03 14:58:22 -04:00
Brian Kassouf bf29861d49 Add the plugins catalog API docs 2017-05-03 11:43:24 -07:00
Jeff Mitchell 3b95e751c0 Add more cleanup if a lease fails to register and revoke tokens if registerauth fails 2017-05-03 14:29:57 -04:00
Brian Kassouf e92818e0ae Upate links in docs 2017-05-03 10:25:12 -07:00
Jeff Mitchell bb6b5f7aa6 Add taint flag for looking up by accessor 2017-05-03 13:08:50 -04:00
vishalnayak a1a0c2950f logging updates 2017-05-03 12:58:10 -04:00
vishalnayak 6aa7f9b7c9 Added logs when deletion fails so we can rely on server logs 2017-05-03 12:47:05 -04:00
vishalnayak bc5d5b7319 consistent logging 2017-05-03 12:45:22 -04:00
Jeff Mitchell 596ad2c8f7 Adhere to tainted status in salted accessor lookup 2017-05-03 12:36:10 -04:00
Jeff Mitchell 5f18b1605a Two things:
1) Ensure that if we fail to generate a lease for a secret we attempt to revoke it

2) Ensure that any lease that is registered should never have a blank token

In theory, number 2 will let us a) find places where this *is* the case, and b) if errors are encountered when revoking tokens due to a blank client token, it suggests that the client token values are being stripped somewhere along the way, which is also instructive.
2017-05-03 12:17:09 -04:00