Commit Graph

72 Commits

Author SHA1 Message Date
vishalnayak d3adc85886 AWS EC2 instances authentication backend 2016-04-26 10:22:28 -04:00
Jeff Mitchell a137081241 Move token helper out of meta 2016-04-01 14:23:15 -04:00
Jeff Mitchell 133d9c1008 Move meta into its own package 2016-04-01 13:16:05 -04:00
Jeff Mitchell 0e3764832a Add test for listener reloading, and update website docs. 2016-03-14 14:05:47 -04:00
Jeff Mitchell b3218d26d6 Properly scope config objects for reloading 2016-03-14 11:18:02 -04:00
Jeff Mitchell d75ce9de9b Retool to have reloading logic run in command/server 2016-03-11 16:47:03 -05:00
Vishal Nayak 343e6f1671 Merge pull request #998 from chrishoffman/mssql
Sql Server (mssql) secret backend
2016-03-10 22:30:24 -05:00
vishalnayak 5749a6718c Added sys/capabililties endpoint 2016-03-04 10:36:02 -05:00
Chris Hoffman 0b4a8f5b94 Adding mssql secret backend 2016-03-03 09:19:17 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down'
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
2016-02-26 19:43:55 -05:00
Jeff Mitchell 5341cb69cc Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell 10c307763e Add list capability, which will work with the generic and cubbyhole
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
2016-01-22 10:07:32 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Nicki Watt 442d538deb Make token-lookup functionality available via Vault CLI 2015-12-29 20:18:59 +00:00
Jeff Mitchell 1a324cf347 Make TokenHelper an interface and split exisiting functionality
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.

Fixes #850 among others
2015-12-22 10:23:30 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup.
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell f098e1dd07 Tag with dev for builds 2015-11-06 13:39:30 -05:00
Jeff Mitchell de571c304d Add changelog entries for 0.3.1 and bump version in CLI 2015-10-06 11:03:55 -04:00
Jeff Mitchell 4ba4488269 Update version number 2015-09-27 17:10:33 -04:00
Jeff Mitchell af27a99bb7 Remove JWT for the 0.3 release; it needs a lot of rework. 2015-09-24 16:23:44 -04:00
Jeff Mitchell 9231476428 Bump version to v0.3.0-rc 2015-09-22 13:29:29 -04:00
Jeff Mitchell 488d33c70a Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
vishalnayak 93dfa67039 Merging changes from master 2015-08-12 09:28:16 -07:00
Erik Kristensen 2233f993ae initial pass at JWT secret backend 2015-08-06 17:49:44 -06:00
Vishal Nayak 27e66e175f Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-17 17:22:17 -04:00
Armon Dadgar 8b9093cc86 Change version to 0.2.1 dev 2015-07-13 19:57:54 +10:00
Armon Dadgar 2d32b0a1ca Cutting v0.2.0 2015-07-13 19:40:01 +10:00
Vishal Nayak 2901890df2 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-10 09:56:21 -06:00
Armon Dadgar 8be831530f Cutting 0.2rc 2015-07-07 16:02:49 -06:00
Vishal Nayak 92b8cfff82 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-01 20:35:16 -04:00
Armon Dadgar 3f189f2c57 CHANGELOG updates 2015-07-01 16:53:00 -07:00
Vishal Nayak d691a95531 Vault SSH: PR review rework - 1 2015-07-01 11:58:49 -04:00
Vishal Nayak 8627f3c360 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-30 18:33:37 -04:00
Armon Dadgar 3c58773598 Merge pull request #380 from kgutwin/cert-cli
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Jeff Mitchell fccbc587c6 A Cassandra secrets backend.
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
Vishal Nayak f39df58eef Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-24 18:13:26 -04:00
Jeff Mitchell e086879fa3 Merge remote-tracking branch 'upstream/master' into f-pki 2015-06-19 13:01:26 -04:00
Vishal Nayak 90605c6079 merging with master 2015-06-18 20:51:11 -04:00
Armon Dadgar fcb0bddb01 cli: adding path-help to common commands list 2015-06-18 17:12:21 -07:00
Armon Dadgar c54868120a command/path-help: rename command, better error if sealed. Fixes #234 2015-06-18 15:56:42 -07:00
Armon Dadgar 6bc2b06de4 server: graceful shutdown for fast failover. Fixes #308 2015-06-17 18:24:56 -07:00
Vishal Nayak 3ed73d98c2 Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect 2015-06-17 12:39:49 -04:00
Vishal Nayak 08c921c75e Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 16:58:54 -04:00
Jeff Mitchell 0d832de65d Initial PKI backend implementation.
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Armon Dadgar 9a162191cd command/rekey: first pass at rekey 2015-05-28 15:08:09 -07:00
Armon Dadgar 42b91fe411 command/rotate: Adding new rotate command 2015-05-28 10:16:33 -07:00
Armon Dadgar 388022bac1 command/key-status: Adding new key-status command 2015-05-27 18:17:02 -07:00
Mitchell Hashimoto fd6104e4d6 up version for dev 2015-05-13 10:37:35 -07:00
Mitchell Hashimoto 91a852e259 cli: should be != 2015-05-11 11:45:48 -07:00