luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
4,568 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

4568 Commits

Author SHA1 Message Date
Vishal Nayak 464f479ff0 Merge pull request #1889 from hashicorp/configurable-nonce 
aws-ec2: generate the client nonce by default during first login attempt
 2016-09-15 11:49:38 -04:00
vishalnayak 92986bb2a0 Address review feedback 2016-09-15 11:41:52 -04:00
vishalnayak a1de742dce s/disableReauthenticationNonce/reauthentication-disabled-nonce 2016-09-15 11:29:02 -04:00
vishalnayak 9bca127631 Updated docs with nonce usage 2016-09-14 19:31:09 -04:00
vishalnayak 857f921d76 Added comment 2016-09-14 18:27:35 -04:00
vishalnayak 39796e8801 Disable reauthentication if nonce is explicitly set to empty 2016-09-14 17:58:00 -04:00
James Pearson Hughes f598c78d98 DynamoDB: fix log typo (#1891) 2016-09-14 15:16:24 -04:00
Jeff Mitchell bd4584c346 Make bootstrap use -u to ensure up-to-date versions of tools, as that's 
what we build with.

Fixes #1890
 2016-09-14 15:10:02 -04:00
vishalnayak d0e4d77fce address review feedback 2016-09-14 14:28:02 -04:00
vishalnayak d7ce69c5eb Remove the client nonce being empty check 2016-09-14 14:28:02 -04:00
vishalnayak 53c919b1d0 Generate the nonce by default 2016-09-14 14:28:02 -04:00
Vishal Nayak eece4e047b Merge pull request #1887 from hashicorp/ec2-nonce-constant-compare 
Use constant time comparisons for client nonce
 2016-09-14 12:40:17 -04:00
vishalnayak 455a4ae055 address review feedback 2016-09-14 12:08:35 -04:00
vishalnayak b1392567d1 Use constant time comparisons for client nonce 2016-09-13 20:12:43 -04:00
Jeff Mitchell 74a0bfadb8 changelog++ 2016-09-13 18:42:56 -04:00
Jeff Mitchell 722e26f27a Add support for PGP encrypting the initial root token. (#1883) 2016-09-13 18:42:24 -04:00
Jeff Mitchell 08f1541a82 changelog++ 2016-09-13 18:09:24 -04:00
Jeff Mitchell 29b67141eb Only use running state for checking if instance is alive. (#1885) 
Fixes #1884
 2016-09-13 18:08:05 -04:00
vishalnayak c364ac823b changelog++ 2016-09-13 16:55:20 -04:00
Jeff Mitchell bc3cce7d2d Add 0.6.2 page to sidebar 2016-09-13 16:49:54 -04:00
Vishal Nayak e320dea60a Merge pull request #1882 from hashicorp/approle-constraints 
Ensure at least one constraint on the role
 2016-09-13 16:46:27 -04:00
vishalnayak bef9c2ee61 Ensure at least one constraint on the role 2016-09-13 16:03:15 -04:00
vishalnayak 6e5ae6b003 Added a comment to explain a logically not-useful instruction 2016-09-13 14:03:02 -04:00
Jeff Mitchell 9f70e57e89 changelog++ 2016-09-13 12:00:41 -04:00
Jeff Mitchell 197c7eae5f Allow encrypting empty ciphertext values. (#1881) 
Replaces #1874
 2016-09-13 12:00:04 -04:00
Jeff Mitchell cb6bf54f8d changelog++ 2016-09-13 11:59:47 -04:00
Jeff Mitchell 5b79e5c115 Redirect rekey operation from standby to master (#1868) 2016-09-13 11:59:12 -04:00
Jeff Mitchell 60d242dadf changelog++ 2016-09-13 11:52:58 -04:00
Jeff Mitchell 6d551e002c Deter leakage from Shamir. (#1877) 2016-09-13 11:52:04 -04:00
Jeff Mitchell 888e833aae Remove old text from upgrade notes, as changes were made 2016-09-13 11:51:46 -04:00
Jeff Mitchell d8dcd70e4b changelog++ 2016-09-13 11:51:15 -04:00
Jeff Mitchell fffee5611a Rejig locks during unmount/remount. (#1855) 2016-09-13 11:50:14 -04:00
Jeff Mitchell ac5ea8ccc2 Reinstate the token parameter to api.RevokeSelf to avoid breaking compatibility 2016-09-13 11:03:05 -04:00
sashman c01bf6cb1b Update libraries.html.md (#1879) 2016-09-13 09:23:46 -04:00
Jeff Mitchell 5278aca191 Merge pull request #1876 from icebourg/master 
Small change: Fix permission vault requires.
 2016-09-12 17:09:14 -04:00
AJ Bourg b524e43f15 Small change: Fix permission vault requires. 
Vault requires ec2:DescribeInstances, not ec2:DescribeInstance. (the
non-plural form doesn't exist)
 2016-09-12 14:38:10 -06:00
Jeff Mitchell 640351b7d1 Update text of init/rekey around recovery values 2016-09-12 16:20:21 -04:00
Vishal Nayak d7c8715a72 Merge pull request #1875 from mwarkentin/patch-1 
Out of date `code`
 2016-09-12 13:11:14 -07:00
Michael Warkentin 14f2a673e2 Out of date `code` 
Looks like the `500` is now a `405`:

```
$ vault read aws/config/root
Error reading aws/config/root: Error making API request.

URL: GET http://127.0.0.1:8200/v1/aws/config/root
Code: 405. Errors:

* 1 error(s) occurred:

* unsupported operation
```
 2016-09-12 15:58:25 -04:00
Jeff Mitchell 437da1ab43 Merge pull request #1872 from hashicorp/transit-uuid-generate 
Use uuid.GenerateRandomBytes
 2016-09-12 15:45:59 -04:00
Jeff Mitchell 538ce6a9ea Bump to 1.7.1 2016-09-12 15:41:49 -04:00
Jeff Mitchell 5dff6a9e1a Update deps 2016-09-12 15:16:55 -04:00
vishalnayak b599948e1c Use uuid.GenerateRandomBytes 2016-09-09 14:17:09 -04:00
Jeff Mitchell 3639ecf5ec Merge pull request #1867 from hashicorp/issue-1860 
Don't panic on bad auth path
 2016-09-08 11:15:44 -04:00
Jeff Mitchell 7e5aef279c Don't panic on bad auth path 
Fixes #1860
 2016-09-08 11:14:47 -04:00
Raja Nadar d8b1ab05dd doc: change invalid otp response code to 400 (#1863) 
invalid otp response code is 400 bad request.
 2016-09-08 11:13:13 -04:00
Jeff Mitchell 7ba006acd9 Remove too-verbose log 2016-09-04 07:43:54 -04:00
Raja Nadar b06167c748 doc: fixing field name to security_token (#1850) 
response field is security_token, not secret_token.
 2016-09-03 22:40:57 -04:00
Jeff Mitchell 487e05d25c Update deps 2016-09-02 18:05:09 -04:00
Jeff Mitchell 999c133db9 changelog++ 2016-09-02 01:14:16 -04:00