luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
5,986 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

5986 Commits

Author SHA1 Message Date
Jeff Mitchell 1d61e38a59
Cut version 0.7.3 2017-06-07 15:39:25 -04:00
Jeff Mitchell 3aeb14fc05 changelog++ 2017-06-07 15:38:04 -04:00
Jeff Mitchell b8bc3d101b Bump versions 2017-06-07 15:23:51 -04:00
Jeff Mitchell 39286c0500 Automatically upgrade values to salted on access if salt exists in PathMap (#2831) 2017-06-07 15:22:08 -04:00
Brian Kassouf 8d58b43906 update database interface in the docs 2017-06-07 11:20:13 -07:00
Jeff Mitchell 2cbdf740ba changelog++ 2017-06-07 13:56:02 -04:00
Jeff Mitchell ab5014534e Clone policy permissions and then use existing values rather than policy values for modifications (#2826) 
Should fix #2804
 2017-06-07 13:49:51 -04:00
Jeff Mitchell f6d48312d8 Add new transit features to documentation 2017-06-07 13:00:14 -04:00
Matthew Irish 29b7a13aa0 changelog ++ 2017-06-07 10:23:13 -05:00
Jeff Mitchell dd02c8ca32 changelog++ 2017-06-07 10:28:21 -04:00
Joel Thompson 4a934915d7 Resolve AWS IAM unique IDs (#2814) 2017-06-07 10:27:11 -04:00
Jeff Mitchell 3bc53d447a changelog++ 2017-06-07 10:18:35 -04:00
Jeff Mitchell 2cc4a761f7 Honor role period for IAM auth type in AWS backend (#2828) 
Fixes #2825
 2017-06-07 10:18:02 -04:00
Jeff Mitchell 3c765ffef1 changelog++ 2017-06-07 10:03:56 -04:00
Jeff Mitchell fdf92aeba5 Add listing to database connections. (#2827) 
Fixes #2823
 2017-06-07 10:03:17 -04:00
Dan Brown 4f3fb87b9d Docs typo fixes (#2830) 
* Fix passing payload.json file to curl

* Correct API endpoint
 2017-06-07 10:02:58 -04:00
Jeff Mitchell 3c727acd61 changelog++ 2017-06-06 22:36:12 -04:00
Joel Thompson 7437ada31c Check if there's a bound iam arn when renewing (#2819) 
Previously, the renew method would ALWAYS check to ensure the
authenticated IAM principal ARN matched the bound ARN.  However, there
is a valid use case in which no bound_iam_principal_arn is specified and
all bindings are done through inferencing. When a role is configured
like this, clients won't be able to renew their token because of the
check.

This now checks to ensure that the bound_iam_principal_arn is not empty
before requriing that it match the originally authenticated client.

Fixes #2781
 2017-06-06 22:35:12 -04:00
Katie Bayes cff022a65c update middleman version from 24 to 26 (#2824) 2017-06-06 22:33:26 -04:00
Jeff Mitchell 62526dcec3 changelog++ 2017-06-06 16:04:49 -04:00
Jeff Mitchell a7fca34076 Add ability to specify encryption key version in `transit` (#2821) 2017-06-06 16:02:54 -04:00
Jeff Mitchell 545cf1de8f changelog++ 2017-06-06 09:50:38 -04:00
Brian Kassouf 606fe393be Use the role name in the db username (#2812) 2017-06-06 09:49:49 -04:00
Jeff Mitchell 778e716677 changelog++ 2017-06-05 18:05:22 -04:00
Brian Rodgers e9b52ed928 Log auth info on permission denied due to ACL (#2754) 2017-06-05 18:04:31 -04:00
Jeff Mitchell 1f3ceba11b changelog++ 2017-06-05 16:44:35 -04:00
Jeff Mitchell abdd39ecb9 changelog++ 2017-06-05 16:37:34 -04:00
Jeff Mitchell fcc9f35c77 Add a `no-store` option to `vault auth` (#2809) 
Fixes #2746
 2017-06-05 16:36:28 -04:00
Jeff Mitchell 605d74d889 Don't try to clean up upgrades if we're sealed 2017-06-05 16:00:56 -04:00
Jeff Mitchell fb9029e3dd Log heartbeat stopping 2017-06-05 15:57:04 -04:00
Jeff Mitchell d9b11daec5 changelog++ 2017-06-05 15:03:34 -04:00
Jeff Mitchell 3eebd5cf5a ed25519 support in transit (#2778) 2017-06-05 15:00:39 -04:00
Jeff Mitchell d51b060f17 changelog++ 2017-06-05 12:40:59 -04:00
Scott Sinclair 0c7d240968 Change split on instance profile name (#2802) 
This now splits on the /, so we only get the last component of the instance profile name (ignoring paths)
 2017-06-05 12:39:37 -04:00
Matthew Irish 2bb2623bd0 changelog++ 2017-06-05 11:35:03 -05:00
sam boyer 789d7ab4e0 Minor typos & wordsmithing for clarity (#2807) 2017-06-05 09:32:09 -07:00
Jeff Mitchell 7e02082f5f Use the oauth2 context ability to specify a clean http client. (#2808) 
Hopefully fixes #2793
 2017-06-05 12:27:01 -04:00
Jeff Mitchell b90c84a2c6 Add unsalted test to app-id 2017-06-05 11:37:16 -04:00
Jeff Mitchell 0a8991813b changelog++ 2017-06-05 11:01:48 -04:00
Kiss György 0be37ca78b Add Health() method to Sys client (#2805) 2017-06-05 11:00:45 -04:00
Jeff Mitchell 3496e1c03c changelog++ 2017-06-05 10:55:42 -04:00
Jeff Mitchell 3e7205c4c1 Add another nil guard to S3, follow on from #2785 2017-06-05 10:54:26 -04:00
Vishal Nayak c31b076360 Avoid panic in s3 list operation (#2785) 2017-06-05 10:53:20 -04:00
Jeff Mitchell f7df60b131 Allow accessing Warnings directly in Response. (#2806) 
A change in copystructure has caused some panics due to the custom copy
function. I'm more nervous about production panics than I am about
keeping some bad code wiping out some existing warnings, so remove the
custom copy function and just allow direct setting of Warnings.
 2017-06-05 10:52:43 -04:00
Jeff Mitchell 9095e202d7 Update vendoring 2017-06-05 10:51:53 -04:00
Mevan Samaratunga 731a7f187f fixed bug where the project name was not being read from configuration if it was provided via the "tenant" attribute. this was causing the swift client to crash with an EOF error. (#2803) 2017-06-05 10:48:39 -04:00
Jeff Mitchell 898d3f12fe changelog++ 2017-06-05 10:06:12 -04:00
Jeff Mitchell 8f2ba268a0 Fix instantiation of salt funcs in app-id structs 2017-06-05 10:04:54 -04:00
Jeff Mitchell 357200763e changelog++ 2017-06-03 08:17:02 -04:00
Eugene Bekker b55d972d24 Fixes #2789 (#2790) 2017-06-03 08:15:37 -04:00