Armon Dadgar
|
3ee434a783
|
vault: Allow AES key to be up to 256 bits. Fixes #7
|
2015-04-15 13:33:47 -07:00 |
|
|
Armon Dadgar
|
9f7143cf44
|
vault: expose the current leader
|
2015-04-14 16:53:40 -07:00 |
|
|
Armon Dadgar
|
445f64eb39
|
vault: leader should advertise address
|
2015-04-14 16:44:48 -07:00 |
|
|
Armon Dadgar
|
ec8a41d2d2
|
vault: rename internal variable
|
2015-04-14 16:11:39 -07:00 |
|
|
Armon Dadgar
|
7579cf76ab
|
vault: testing standby mode
|
2015-04-14 16:08:14 -07:00 |
|
|
Armon Dadgar
|
2820bec479
|
vault: testing standby mode
|
2015-04-14 16:06:58 -07:00 |
|
|
Armon Dadgar
|
a0e1b90b81
|
vault: reject operation if standby
|
2015-04-14 14:09:11 -07:00 |
|
|
Armon Dadgar
|
d7102e2661
|
vault: first pass at HA standby mode
|
2015-04-14 14:06:15 -07:00 |
|
|
Armon Dadgar
|
0be49a97b7
|
vault: stopExpiration should be idempotent
|
2015-04-14 13:32:56 -07:00 |
|
|
Armon Dadgar
|
255e0fbda4
|
vault: enable physical cache in core
|
2015-04-14 11:08:04 -07:00 |
|
|
Mitchell Hashimoto
|
0f15aef9bb
|
vault: fix tests
|
2015-04-13 20:42:07 -07:00 |
|
|
Mitchell Hashimoto
|
a44eb0dcd0
|
http: renew endpoints
|
2015-04-13 20:42:07 -07:00 |
|
|
Mitchell Hashimoto
|
209b275bfd
|
logical/framework: allow max session time
|
2015-04-11 16:41:08 -07:00 |
|
|
Mitchell Hashimoto
|
33d66f0130
|
vault: token store allows unlimited renew
|
2015-04-11 16:28:16 -07:00 |
|
|
Mitchell Hashimoto
|
a360ca4928
|
logical/framework: AuthRenew callback, add LeaseExtend
/cc @armon - Going with this "standard library" of callbacks approach
to make extending leases in a customizable way easy. See the docs/tests
above.
|
2015-04-11 14:46:09 -07:00 |
|
|
Mitchell Hashimoto
|
5eff7f1b57
|
vault: upper bound on test
|
2015-04-10 21:22:17 -07:00 |
|
|
Mitchell Hashimoto
|
992028e23e
|
vault: the expiration time should be relative to the issue time
|
2015-04-10 21:21:06 -07:00 |
|
|
Armon Dadgar
|
f2c0f79435
|
vault: Split SecurityBarrier interface to BarrierStorage
|
2015-04-10 16:43:35 -07:00 |
|
|
Armon Dadgar
|
a6d974c74e
|
vault: revoking a token should revoke all secrets it has generated
|
2015-04-10 15:12:04 -07:00 |
|
|
Armon Dadgar
|
c22d18a5be
|
vault: re-use revokeSalted to share logic
|
2015-04-10 15:06:54 -07:00 |
|
|
Armon Dadgar
|
1e2863e2b8
|
vault: remove unused RevokeAll method
|
2015-04-10 14:59:49 -07:00 |
|
|
Armon Dadgar
|
b10fbc4d83
|
vault: Adding token based revocation
|
2015-04-10 14:48:08 -07:00 |
|
|
Armon Dadgar
|
98679ee7b8
|
vault: Split expiration manager views to index by token
|
2015-04-10 14:21:23 -07:00 |
|
|
Armon Dadgar
|
39c51ede2e
|
vault: testing renewAuthEntry
|
2015-04-10 14:07:06 -07:00 |
|
|
Armon Dadgar
|
13836e8612
|
vault: groundwork to allow auth renew
|
2015-04-10 13:59:49 -07:00 |
|
|
Armon Dadgar
|
e7fe48c33f
|
vault: refactor expiration timer management
|
2015-04-09 12:39:12 -07:00 |
|
|
Armon Dadgar
|
5a3ab973e6
|
vault: Simplify common lease logic
|
2015-04-09 12:29:13 -07:00 |
|
|
Armon Dadgar
|
4679febdf3
|
logical: Refactor LeaseOptions to share between Secret and Auth
|
2015-04-09 12:14:04 -07:00 |
|
|
Armon Dadgar
|
7df486482b
|
vault: Adding LeaseIssue for renew to allow limiting maximum lease length
|
2015-04-09 11:54:32 -07:00 |
|
|
Mitchell Hashimoto
|
9a034c4ab8
|
vault: lookup-self should allow unauthenticated requests
|
2015-04-08 22:09:47 -07:00 |
|
|
Armon Dadgar
|
8ebc29d1b9
|
vault: audit broker profiles each backend
|
2015-04-08 17:09:36 -07:00 |
|
|
Armon Dadgar
|
e25886859e
|
vault: router generates metrics per operation
|
2015-04-08 17:09:10 -07:00 |
|
|
Armon Dadgar
|
82c5d9c478
|
vault: Enforce non-renewability
|
2015-04-08 17:03:46 -07:00 |
|
|
Armon Dadgar
|
512b3d7afd
|
vault: Adding metrics profiling
|
2015-04-08 16:43:17 -07:00 |
|
|
Armon Dadgar
|
429ad7e5cb
|
vault: Handle auth entry without lease
|
2015-04-08 15:43:26 -07:00 |
|
|
Armon Dadgar
|
466c7575d3
|
Replace VaultID with LeaseID for terminology simplification
|
2015-04-08 13:35:32 -07:00 |
|
|
Mitchell Hashimoto
|
7e4f47a9e6
|
vault: proper meta parameter for vaultstorage (tests pass now)
|
2015-04-07 14:37:50 -07:00 |
|
|
Mitchell Hashimoto
|
9378d0388a
|
vault: token store inehrits policies by default
|
2015-04-07 14:19:52 -07:00 |
|
|
Mitchell Hashimoto
|
8dce065972
|
vault: use mapstructure to decode token args
JSON sends as interface{}, so we can't decode directly into types.
|
2015-04-07 14:16:35 -07:00 |
|
|
Armon Dadgar
|
a8d4319ad5
|
vault: Update LRU on GetPolicy
|
2015-04-06 16:43:05 -07:00 |
|
|
Armon Dadgar
|
f022ec97c4
|
vault: Adding policy LRU cache
|
2015-04-06 16:41:48 -07:00 |
|
|
Armon Dadgar
|
493ee49e4d
|
vault: unify the token renew response
|
2015-04-06 16:35:39 -07:00 |
|
|
Mitchell Hashimoto
|
7aee6269f7
|
vault: pass a logger around to logical backends
|
2015-04-04 11:39:58 -07:00 |
|
|
Mitchell Hashimoto
|
246c2839b0
|
logical/framework: make help look nicer
|
2015-04-03 21:00:23 -07:00 |
|
|
Mitchell Hashimoto
|
8ff435ba1a
|
vault: fix issue with wrong path getting passed through
|
2015-04-03 20:48:04 -07:00 |
|
|
Mitchell Hashimoto
|
df8dbe9677
|
vault: allow mount point queries without trailing /
|
2015-04-03 20:45:00 -07:00 |
|
|
Armon Dadgar
|
148fe3d864
|
vault: Adding Hash function to MountTable
|
2015-04-03 17:46:57 -07:00 |
|
|
Armon Dadgar
|
d74c4c1c33
|
vault: Remove log about rollback
|
2015-04-03 17:11:24 -07:00 |
|
|
Armon Dadgar
|
3250bfad0a
|
vault: test credential unmount does cleanup
|
2015-04-03 16:15:34 -07:00 |
|
|
Armon Dadgar
|
82eda2b169
|
vault: Do early check for missing backend
|
2015-04-03 16:09:06 -07:00 |
|