Commit graph

1558 commits

Author SHA1 Message Date
Jeff Mitchell 13c5fe0a16 Fix regexes to allow hyphens in role names, as the documentation shows 2015-07-01 20:39:18 -05:00
Armon Dadgar 3f189f2c57 CHANGELOG updates 2015-07-01 16:53:00 -07:00
Armon Dadgar b52d3e6506 cred/app-id: testing upgrade to salted keys 2015-06-30 18:37:10 -07:00
Armon Dadgar eeb717c901 cred/app-id: first pass at automatic upgrading to salting 2015-06-30 18:09:08 -07:00
Armon Dadgar cf82f4d6d6 logical/testing: Allow factory to be provided instead of Backend 2015-06-30 18:08:43 -07:00
Armon Dadgar 4b27e4d8c5 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar 541014e315 logical: remove SetLogger method 2015-06-30 17:39:39 -07:00
Armon Dadgar 5d69e7da90 Updating for backend API change 2015-06-30 17:36:12 -07:00
Armon Dadgar 41b72a4d39 vault: provide view to backend initializer for setup 2015-06-30 17:30:43 -07:00
Armon Dadgar 3084f64e5c helper/salt: track if salt was generated 2015-06-30 16:47:49 -07:00
Armon Dadgar e892d728a2 logical/framework: support Salt in PathMap 2015-06-30 14:28:45 -07:00
Armon Dadgar 579c1433a2 vault: use helper/salt library to share code 2015-06-30 14:08:21 -07:00
Armon Dadgar a2eb1210a7 helper/salt: adding little helper for salting 2015-06-30 14:04:18 -07:00
Armon Dadgar 8bc99f8c23 helper/uuid: single generateUUID definition 2015-06-30 12:38:32 -07:00
Armon Dadgar 19b127f9f2 Godep updating dependencies 2015-06-30 12:07:00 -07:00
Armon Dadgar e025c33ab9 command: source general options docs from common source 2015-06-30 12:01:23 -07:00
Armon Dadgar 3c58773598 Merge pull request #380 from kgutwin/cert-cli
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Armon Dadgar b8f2e8d498 website: document insecure_tls for LDAP backend 2015-06-30 09:42:18 -07:00
Armon Dadgar d8a74f3307 Merge branch 'esell-master' 2015-06-30 09:41:01 -07:00
Armon Dadgar b1f7e2f0ea ldap: fixing merge conflict 2015-06-30 09:40:43 -07:00
Armon Dadgar 5aa4537389 Merge pull request #363 from jefferai/f-logical-cassandra
Cassandra logical backend
2015-06-30 09:38:22 -07:00
Jeff Mitchell 762108d9eb Put timestamp back into the username. Since Cassandra doesn't support expiration, this can be used by scripts to manually clean up old users if revocation fails for some reason.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 11:15:46 -04:00
Jeff Mitchell 42b90fa9b9 Address some issues from code review.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:27:23 -04:00
Karl Gutwin 70fc49be84 Website docs. 2015-06-30 09:18:39 -04:00
Karl Gutwin c12734b27c CLI docs 2015-06-30 09:04:57 -04:00
Jeff Mitchell fccbc587c6 A Cassandra secrets backend.
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin 0062d923cc Better error messages. 2015-06-30 08:59:38 -04:00
Karl Gutwin a54ba31635 Merge remote-tracking branch 'upstream/master' into cert-cli 2015-06-30 08:31:00 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
esell c0e1843263 change skipsslverify to insecure_tls 2015-06-29 19:23:31 -06:00
Armon Dadgar 12d3aee58e audit: fixing panic caused by tls connection state. Fixes #322 2015-06-29 17:16:17 -07:00
Armon Dadgar b6e422a0a5 Updating godep 2015-06-29 16:44:02 -07:00
Armon Dadgar c27d214280 Merge pull request #379 from hashicorp/sethvargo/authorship
Restore authorship on commits
2015-06-29 16:42:36 -07:00
Christian Svensson 3c000f5129 Update Godeps for go-ldap/ldap 2015-06-29 19:03:51 -04:00
Christian Svensson 862a04f7ad Pass ServerName for LDAPS TLS connection validation 2015-06-29 19:01:11 -04:00
Christian Svensson f862083dc1 Use go-ldap/ldap's ParseDN to extract group name from DN 2015-06-29 19:01:02 -04:00
Christian Svensson 1d177ea6d9 Allow almost all leagal LDAP names to be used
Implement LDAP escaping according to RFC 4514 to allow
complex LDAP usernames to be used.

Leaving ASN BER encoded values unsupported for now.
2015-06-29 19:00:53 -04:00
Armon Dadgar 3bc388f30d Merge pull request #366 from nbrownus/http_responses
Better http responses
2015-06-29 15:31:45 -07:00
Armon Dadgar 496ebe561c vault: cleanups for the audit log changes 2015-06-29 15:27:28 -07:00
Armon Dadgar c1ff26d186 Merge branch 'nbrownus-audit-logging' 2015-06-29 15:19:12 -07:00
Armon Dadgar add8e1a3fd Fixing merge conflict 2015-06-29 15:19:04 -07:00
Armon Dadgar deeb611ab2 vault: handle a panic while generating audit output 2015-06-29 15:11:35 -07:00
Armon Dadgar 8987bc7e00 Updating Godeps 2015-06-29 15:05:44 -07:00
Armon Dadgar 7573c37f8e Fixing godeps file 2015-06-29 14:54:25 -07:00
Armon Dadgar ba0b37e792 Merge branch 'bluecmd-master' 2015-06-29 14:51:03 -07:00
Armon Dadgar 337997ab04 Fixing merge conflict 2015-06-29 14:50:55 -07:00
Armon Dadgar 29e004ddbb Merge pull request #373 from nbrownus/audit_key-status
Fixing key-status if audit logging is on
2015-06-29 14:47:55 -07:00
Karl Gutwin 24d0af39b4 Initial sketch for client TLS auth 2015-06-29 15:33:16 -04:00
esell e81f966842 Set SkipSSLVerify default to false, add warning in help message 2015-06-24 13:38:14 -06:00
Nate Brown a0be7af858 Fixing key-status if audit logging is on 2015-06-24 10:57:05 -07:00