Armon Dadgar
3c58773598
Merge pull request #380 from kgutwin/cert-cli
...
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Armon Dadgar
b8f2e8d498
website: document insecure_tls for LDAP backend
2015-06-30 09:42:18 -07:00
Armon Dadgar
d8a74f3307
Merge branch 'esell-master'
2015-06-30 09:41:01 -07:00
Armon Dadgar
b1f7e2f0ea
ldap: fixing merge conflict
2015-06-30 09:40:43 -07:00
Armon Dadgar
5aa4537389
Merge pull request #363 from jefferai/f-logical-cassandra
...
Cassandra logical backend
2015-06-30 09:38:22 -07:00
Jeff Mitchell
762108d9eb
Put timestamp back into the username. Since Cassandra doesn't support expiration, this can be used by scripts to manually clean up old users if revocation fails for some reason.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 11:15:46 -04:00
Jeff Mitchell
42b90fa9b9
Address some issues from code review.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:27:23 -04:00
Karl Gutwin
70fc49be84
Website docs.
2015-06-30 09:18:39 -04:00
Karl Gutwin
c12734b27c
CLI docs
2015-06-30 09:04:57 -04:00
Jeff Mitchell
fccbc587c6
A Cassandra secrets backend.
...
Supports creation and deletion of users in Cassandra using flexible CQL queries.
TLS, including client authentication, is supported.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin
0062d923cc
Better error messages.
2015-06-30 08:59:38 -04:00
Karl Gutwin
a54ba31635
Merge remote-tracking branch 'upstream/master' into cert-cli
2015-06-30 08:31:00 -04:00
Karl Gutwin
dafcc5b2ce
enable CLI cert login
2015-06-29 23:29:41 -04:00
esell
c0e1843263
change skipsslverify to insecure_tls
2015-06-29 19:23:31 -06:00
Armon Dadgar
12d3aee58e
audit: fixing panic caused by tls connection state. Fixes #322
2015-06-29 17:16:17 -07:00
Armon Dadgar
b6e422a0a5
Updating godep
2015-06-29 16:44:02 -07:00
Armon Dadgar
c27d214280
Merge pull request #379 from hashicorp/sethvargo/authorship
...
Restore authorship on commits
2015-06-29 16:42:36 -07:00
Christian Svensson
3c000f5129
Update Godeps for go-ldap/ldap
2015-06-29 19:03:51 -04:00
Christian Svensson
862a04f7ad
Pass ServerName for LDAPS TLS connection validation
2015-06-29 19:01:11 -04:00
Christian Svensson
f862083dc1
Use go-ldap/ldap's ParseDN to extract group name from DN
2015-06-29 19:01:02 -04:00
Christian Svensson
1d177ea6d9
Allow almost all leagal LDAP names to be used
...
Implement LDAP escaping according to RFC 4514 to allow
complex LDAP usernames to be used.
Leaving ASN BER encoded values unsupported for now.
2015-06-29 19:00:53 -04:00
Armon Dadgar
3bc388f30d
Merge pull request #366 from nbrownus/http_responses
...
Better http responses
2015-06-29 15:31:45 -07:00
Armon Dadgar
496ebe561c
vault: cleanups for the audit log changes
2015-06-29 15:27:28 -07:00
Armon Dadgar
c1ff26d186
Merge branch 'nbrownus-audit-logging'
2015-06-29 15:19:12 -07:00
Armon Dadgar
add8e1a3fd
Fixing merge conflict
2015-06-29 15:19:04 -07:00
Armon Dadgar
deeb611ab2
vault: handle a panic while generating audit output
2015-06-29 15:11:35 -07:00
Armon Dadgar
8987bc7e00
Updating Godeps
2015-06-29 15:05:44 -07:00
Armon Dadgar
7573c37f8e
Fixing godeps file
2015-06-29 14:54:25 -07:00
Armon Dadgar
ba0b37e792
Merge branch 'bluecmd-master'
2015-06-29 14:51:03 -07:00
Armon Dadgar
337997ab04
Fixing merge conflict
2015-06-29 14:50:55 -07:00
Armon Dadgar
29e004ddbb
Merge pull request #373 from nbrownus/audit_key-status
...
Fixing key-status if audit logging is on
2015-06-29 14:47:55 -07:00
Karl Gutwin
24d0af39b4
Initial sketch for client TLS auth
2015-06-29 15:33:16 -04:00
esell
e81f966842
Set SkipSSLVerify default to false, add warning in help message
2015-06-24 13:38:14 -06:00
Nate Brown
a0be7af858
Fixing key-status if audit logging is on
2015-06-24 10:57:05 -07:00
esell
d3225dae07
cleanup the code a bit
2015-06-24 10:09:29 -06:00
esell
84371ea734
allow skipping SSL verification on ldap auth
2015-06-24 10:05:45 -06:00
Armon Dadgar
3902626163
Merge pull request #310 from jefferai/f-pki
...
Initial PKI backend implementation
2015-06-21 11:12:22 +01:00
Armon Dadgar
2ddd4392cc
Merge pull request #365 from swills/passwd
...
allow building on FreeBSD
2015-06-21 11:09:19 +01:00
Armon Dadgar
4edb78bf42
Merge pull request #368 from sergiopatino/master
...
Fix typo in link to Atlas URL on Community page.
2015-06-21 11:08:57 +01:00
sergiopatino
3e58e8fff2
Fix typo in link to Atlas URL.
...
Missing a colon after https!
2015-06-21 02:41:26 -07:00
Nate Brown
94e89537a1
Fixing tests
2015-06-19 14:04:32 -07:00
Nate Brown
31ab086063
Doing a little better with http response codes
2015-06-19 14:00:48 -07:00
Steve Wills
7244094509
allow building on FreeBSD
...
Allow this file to build on FreeBSD
2015-06-19 16:59:24 -04:00
Jeff Mitchell
390f769d1a
Add unit tests for certutil, and fix a whitespace stripping issue.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-19 16:06:56 -04:00
Jeff Mitchell
e086879fa3
Merge remote-tracking branch 'upstream/master' into f-pki
2015-06-19 13:01:26 -04:00
Jeff Mitchell
a6fc48b854
A few things:
...
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-19 12:48:18 -04:00
Mitchell Hashimoto
0809378c9b
audit: some tests
2015-06-19 03:31:19 -07:00
Nate Brown
91611a32c9
Fixing tests
2015-06-18 20:14:20 -07:00
Nate Brown
b667ef4c71
Collapsing audit response logging to a single point
2015-06-18 19:48:26 -07:00
Nate Brown
3a860fe5c1
Actually not logging auth in the response if nil
2015-06-18 19:48:00 -07:00