luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
5656 commits 1 branch 0 tags 214 MiB
Commit graph

5656 commits

This branch
This branch
All branches
Author SHA1 Message Date
vishalnayak 1a02f9be11 Fix up the tests 2017-05-04 12:41:15 -04:00
vishalnayak 5683430cb7 Update Tidy function comment 2017-05-04 12:11:00 -04:00
Jeff Mitchell d74b1b284a Update commenting 2017-05-04 11:54:57 -04:00
Jeff Mitchell 9a91700263 Move tidy-leases to leases/tidy 2017-05-04 09:40:11 -04:00
Jeff Mitchell f8295a301d Merge branch 'master-oss' into sys-tidy-leases 2017-05-04 09:37:52 -04:00
Jeff Mitchell dc18a98e8e changelog++ 2017-05-04 09:28:14 -04:00
Chris Hoffman 399863d5c2 changelog++ 2017-05-04 09:11:49 -04:00
Jeff Mitchell 5c0bd68286 changelog++ 2017-05-04 06:43:08 -04:00
Jeff Mitchell ed24a1b5a5 Write always needs a path, even with force. (#2675) 
Fixes #2674
 2017-05-04 06:40:58 -04:00
Jeff Mitchell 3256a53de7 changelog++ 2017-05-04 06:37:45 -04:00
Chris Hoffman 3d9cf89ad6 Add the ability to view and list of leases metadata (#2650) 2017-05-03 22:03:42 -04:00
Jeff Mitchell 7250b3d01e Fix comment typo 2017-05-03 20:25:55 -04:00
Jeff Mitchell b7128f53a8 Add sys/leases/lookup and sys/leases/renew to the default policy 2017-05-03 20:22:16 -04:00
Calvin Leung Huang 26cf09ab15 Minor comment update on cert_util 2017-05-03 16:13:54 -04:00
Chris Hoffman c65c10c87f changelog++ 2017-05-03 15:18:28 -04:00
Jeff Mitchell 7f3891c734 Fix substitution of index/child in delete call 2017-05-03 15:09:13 -04:00
Chris Hoffman 1c14d207b5 Merge pull request #2575 from hashicorp/pki-colons-to-hyphens 
Change storage of PKI entries from colons to hyphens
 2017-05-03 15:07:15 -04:00
Jeff Mitchell 99884a8f13 Merge remote-tracking branch 'oss/master' into sys-tidy-leases 2017-05-03 15:02:42 -04:00
Chris Hoffman e34a45fdcd Minor readability enhancements for migration path from old to new 2017-05-03 14:58:22 -04:00
Jeff Mitchell 3b95e751c0 Add more cleanup if a lease fails to register and revoke tokens if registerauth fails 2017-05-03 14:29:57 -04:00
Jeff Mitchell bb6b5f7aa6 Add taint flag for looking up by accessor 2017-05-03 13:08:50 -04:00
vishalnayak a1a0c2950f logging updates 2017-05-03 12:58:10 -04:00
vishalnayak 6aa7f9b7c9 Added logs when deletion fails so we can rely on server logs 2017-05-03 12:47:05 -04:00
vishalnayak bc5d5b7319 consistent logging 2017-05-03 12:45:22 -04:00
Jeff Mitchell 596ad2c8f7 Adhere to tainted status in salted accessor lookup 2017-05-03 12:36:10 -04:00
Jeff Mitchell 5f18b1605a Two things: 
1) Ensure that if we fail to generate a lease for a secret we attempt to revoke it

2) Ensure that any lease that is registered should never have a blank token

In theory, number 2 will let us a) find places where this *is* the case, and b) if errors are encountered when revoking tokens due to a blank client token, it suggests that the client token values are being stripped somewhere along the way, which is also instructive.
 2017-05-03 12:17:09 -04:00
Jeff Mitchell 0553f7a8d1 change some logging output 2017-05-03 12:14:58 -04:00
Jeff Mitchell c9bd54ad65 Less scary debugging 2017-05-03 11:15:59 -04:00
vishalnayak dd898ed2e1 Added summary logs to help better understand the consequence 2017-05-03 10:54:07 -04:00
Calvin Leung Huang a00a7815f6 Include and use normalizeSerial func 2017-05-03 10:12:58 -04:00
vishalnayak 9f682eb9cd Test to check that leases with valid tokens are not being cleaned up 2017-05-02 18:12:03 -04:00
vishalnayak 850cda7861 Added test to check the atomicity of the lease tidy operation 2017-05-02 18:06:59 -04:00
vishalnayak 875658531b Do not duplicate log lines for invalid leases 2017-05-02 17:56:15 -04:00
vishalnayak 403fd62c61 Check if multiple leases with same invalid token is getting cleaned up 2017-05-02 17:15:26 -04:00
vishalnayak 5f70576715 Added steps to check if invalid token is properly cleaned up 2017-05-02 17:11:35 -04:00
vishalnayak 668595b902 Added a test for tidying of empty token 2017-05-02 16:54:03 -04:00
vishalnayak 68635e8a1c Skip checking the validity of an empty client token 2017-05-02 16:53:41 -04:00
Calvin Leung Huang 2b7a66e23b Use variables for string replacements on cert_util 2017-05-02 14:11:57 -04:00
mhristof df325288ac fix format for secret/pki (#2668) 2017-05-02 07:52:55 -04:00
Ben Gadbois 537342f038 Fixing printf (and similar) issues (#2666) 2017-05-01 23:34:10 -04:00
Seth Vargo 44e1c64cfd Add UI docs (#2664) 2017-05-01 17:36:37 -04:00
Marc Boudreau 5630b0ad4b Changing the ttl value in the Generate IAM with STS sample to a valid value (#2665) 2017-05-01 14:41:49 -04:00
Chris Hoffman e94c7ef3d1 changelog++ 2017-05-01 12:32:14 -04:00
Jeff Mitchell 0ed210c67f changelog++ 2017-05-01 10:42:41 -04:00
Justin Gerace 403efeb5ae Add globbing support to the PKI backend's allowed_domains list (#2517) 2017-05-01 10:40:18 -04:00
Jeff Mitchell 2b337083f3 changelog++ 2017-05-01 10:37:35 -04:00
vishalnayak 60add30b9d Merge branch 'oss' into sys-tidy-leases 2017-05-01 09:58:58 -04:00
vishalnayak 07e6d4336d changelog++ 2017-04-30 11:40:13 -04:00
Michael Ansel 30b71cbbac Add constraints on the Common Name for certificate-based authentication (#2595) 
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
 2017-04-30 11:37:10 -04:00
Calvin Leung Huang 71d9de9083 Merge pull request #2660 from hashicorp/version-metadata 
Add version metadata
 2017-04-28 17:30:45 -04:00