c5f914cb34
vault: Lock memory when possible
2015-04-19 13:42:47 -07:00
a03268bc32
vault: Adding an epoch prefix to keys to support eventual online key rotation
2015-04-17 16:51:13 -07:00
4473abd6ce
vault: core enforcement of limited use tokens
2015-04-17 11:57:56 -07:00
538c795f9b
vault: Adding method to consume a limited use token
2015-04-17 11:51:04 -07:00
fd3948d476
vault: Tokens can have a use count specified
2015-04-17 11:34:25 -07:00
b65e1b3e22
vault: using a constant to make @mitchellh feel better
2015-04-15 17:19:59 -07:00
95c37c1c4d
Clarify Barrier encryption defaults.
...
Declare the defaults in the comments to be what they are now (256 bit
key and default golang NONCE value). Make the key error message more
precise since. It isn't between 16 and 32, it is 16 OR 32.
2015-04-15 18:24:23 -05:00
818ce0a045
vault: token store allows specifying display_name
2015-04-15 14:24:07 -07:00
76b69b2514
vault: thread the display name through
2015-04-15 14:12:34 -07:00
e6fd2f2ce5
vault: Default key size to 256bit.
2015-04-15 13:33:47 -07:00
3ee434a783
vault: Allow AES key to be up to 256 bits. Fixes #7
2015-04-15 13:33:47 -07:00
9f7143cf44
vault: expose the current leader
2015-04-14 16:53:40 -07:00
445f64eb39
vault: leader should advertise address
2015-04-14 16:44:48 -07:00
ec8a41d2d2
vault: rename internal variable
2015-04-14 16:11:39 -07:00
7579cf76ab
vault: testing standby mode
2015-04-14 16:08:14 -07:00
2820bec479
vault: testing standby mode
2015-04-14 16:06:58 -07:00
a0e1b90b81
vault: reject operation if standby
2015-04-14 14:09:11 -07:00
d7102e2661
vault: first pass at HA standby mode
2015-04-14 14:06:15 -07:00
0be49a97b7
vault: stopExpiration should be idempotent
2015-04-14 13:32:56 -07:00
255e0fbda4
vault: enable physical cache in core
2015-04-14 11:08:04 -07:00
0f15aef9bb
vault: fix tests
2015-04-13 20:42:07 -07:00
a44eb0dcd0
http: renew endpoints
2015-04-13 20:42:07 -07:00
209b275bfd
logical/framework: allow max session time
2015-04-11 16:41:08 -07:00
33d66f0130
vault: token store allows unlimited renew
2015-04-11 16:28:16 -07:00
a360ca4928
logical/framework: AuthRenew callback, add LeaseExtend
...
/cc @armon - Going with this "standard library" of callbacks approach
to make extending leases in a customizable way easy. See the docs/tests
above.
2015-04-11 14:46:09 -07:00
5eff7f1b57
vault: upper bound on test
2015-04-10 21:22:17 -07:00
992028e23e
vault: the expiration time should be relative to the issue time
2015-04-10 21:21:06 -07:00
f2c0f79435
vault: Split SecurityBarrier interface to BarrierStorage
2015-04-10 16:43:35 -07:00
a6d974c74e
vault: revoking a token should revoke all secrets it has generated
2015-04-10 15:12:04 -07:00
c22d18a5be
vault: re-use revokeSalted to share logic
2015-04-10 15:06:54 -07:00
1e2863e2b8
vault: remove unused RevokeAll method
2015-04-10 14:59:49 -07:00
b10fbc4d83
vault: Adding token based revocation
2015-04-10 14:48:08 -07:00
98679ee7b8
vault: Split expiration manager views to index by token
2015-04-10 14:21:23 -07:00
39c51ede2e
vault: testing renewAuthEntry
2015-04-10 14:07:06 -07:00
13836e8612
vault: groundwork to allow auth renew
2015-04-10 13:59:49 -07:00
e7fe48c33f
vault: refactor expiration timer management
2015-04-09 12:39:12 -07:00
5a3ab973e6
vault: Simplify common lease logic
2015-04-09 12:29:13 -07:00
4679febdf3
logical: Refactor LeaseOptions to share between Secret and Auth
2015-04-09 12:14:04 -07:00
7df486482b
vault: Adding LeaseIssue for renew to allow limiting maximum lease length
2015-04-09 11:54:32 -07:00
9a034c4ab8
vault: lookup-self should allow unauthenticated requests
2015-04-08 22:09:47 -07:00
8ebc29d1b9
vault: audit broker profiles each backend
2015-04-08 17:09:36 -07:00
e25886859e
vault: router generates metrics per operation
2015-04-08 17:09:10 -07:00
82c5d9c478
vault: Enforce non-renewability
2015-04-08 17:03:46 -07:00
512b3d7afd
vault: Adding metrics profiling
2015-04-08 16:43:17 -07:00
429ad7e5cb
vault: Handle auth entry without lease
2015-04-08 15:43:26 -07:00
466c7575d3
Replace VaultID with LeaseID for terminology simplification
2015-04-08 13:35:32 -07:00
7e4f47a9e6
vault: proper meta parameter for vaultstorage (tests pass now)
2015-04-07 14:37:50 -07:00
9378d0388a
vault: token store inehrits policies by default
2015-04-07 14:19:52 -07:00
8dce065972
vault: use mapstructure to decode token args
...
JSON sends as interface{}, so we can't decode directly into types.
2015-04-07 14:16:35 -07:00
a8d4319ad5
vault: Update LRU on GetPolicy
2015-04-06 16:43:05 -07:00
Armon Dadgar