luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
5470 commits 1 branch 0 tags 214 MiB
Commit graph

5470 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Vargo 849f57e73a
Update layouts and assets for consistency 2017-03-16 09:46:47 -07:00
Jeff Mitchell d1d74da57c
Cut version 0.7.0 2017-03-16 11:42:13 -04:00
Jeff Mitchell dce031bec2 Bump for 0.7 release 2017-03-16 11:41:50 -04:00
Jeff Mitchell 24886c1006 Ensure CN check is made when exclude_cn_from_sans is used 
Fixes #2363
 2017-03-16 11:41:13 -04:00
Jeff Mitchell ae8967d635 Always include a hash of the public key and "vault" (to know where it (#2498) 
came from) when generating a cert for SSH.

Follow on from #2494
 2017-03-16 11:14:17 -04:00
Mike Okner 95df7beed9 Adding allow_user_key_ids field to SSH role config (#2494) 
Adding a boolean field that determines whether users will be allowed to
set the ID of the signed SSH key or whether it will always be the token
display name.  Preventing users from changing the ID and always using
the token name is useful for auditing who actually used a key to access
a remote host since sshd logs key IDs.
 2017-03-16 08:45:11 -04:00
Jeff Mitchell 2b98f004ac Fix layout for replication 2017-03-16 06:50:33 -04:00
Jeff Mitchell e85cd50ed0 changelog++ 2017-03-15 14:39:05 -04:00
Jeff Mitchell 4160950126 Bump test timeout 2017-03-15 14:38:34 -04:00
Jeff Mitchell 12e5132779 Allow roles to specify whether CSR SANs should be used instead of (#2489) 
request values. Fix up some documentation.

Fixes #2451
Fixes #2488
 2017-03-15 14:38:18 -04:00
Andy Manoske 8aa7f120b0 Vault_Enterprise_WWW (#2327) 2017-03-15 14:31:14 -04:00
Jeff Mitchell 584aedad04 Add upgrade to 0.7 page 2017-03-15 12:34:11 -04:00
Jeff Mitchell c1666179ed changelog++ 2017-03-15 11:54:56 -04:00
Jeff Mitchell 7ab6844eb4 Set CA chain when intermediate does not have an authority key ID. 
This is essentially an approved review of the code provided in #2465.

Fixes #2465
 2017-03-15 11:52:02 -04:00
captainill c50dfb0356 Merge branch 'master' of github.com:hashicorp/vault 2017-03-14 14:12:28 -07:00
captainill ea3e2afe19 remove unused _meta partial. merge 2017-03-14 14:12:17 -07:00
Jeff Mitchell cd73714ff9 Fix error message grammar 2017-03-14 17:10:43 -04:00
vishalnayak 5bbc26facd changelog++ 2017-03-14 10:24:17 -04:00
Stanislav Grozev 4bc3abd152 Remove superfluous argument from SSH CA docs 2017-03-14 10:21:48 -04:00
Stanislav Grozev 662b372364 Reads on unconfigured SSH CA public key return 400 2017-03-14 10:21:48 -04:00
Stanislav Grozev 7d59d7d3ac Reads on ssh/config/ca return the public keys 
If configured/generated.
 2017-03-14 10:21:48 -04:00
Stanislav Grozev 830de2dbbd If generating an SSH CA signing key - return the public part 
So that the user can actually use the SSH CA, by adding the public key
to their respective sshd_config/authorized_keys, etc.
 2017-03-14 10:21:48 -04:00
Jeff Mitchell ab56fdbebf Clarify cluster_addr and cluster_address 2017-03-14 10:17:58 -04:00
Jeff Mitchell 4fa4034d50 Minor doc updates 2017-03-14 10:11:47 -04:00
Vishal Nayak 285bdf0a6f docs: clarify 'storage' and 'ha_storage' requirements (#2471) 2017-03-11 09:43:14 -05:00
vishalnayak 1194d0db64 changelog++ 2017-03-10 07:32:41 -05:00
pkrolikowski 0fb75d9e89 Pass user/pass for HTTP Basic Authentication in URL parameters (#2469) 2017-03-10 07:19:23 -05:00
Jeff Mitchell ff3c3db91b Have Consul's transaction handler use the permit pool 2017-03-09 12:59:42 -05:00
Vishal Nayak 220beb2cde doc: ssh allowed_users update (#2462) 
* doc: ssh allowed_users update

* added some more context in default_user field
 2017-03-09 10:34:55 -05:00
vishalnayak 431070f828 doc: ssh markdown alignments 2017-03-08 21:58:12 -05:00
Jack Pearkes 838dc4319c Merge pull request #2461 from jasoncostello/website-add-meganav 
Website add meganav
 2017-03-08 17:38:50 -08:00
Jason Costello 012c8f6c2f remove offset from footer 2017-03-08 17:36:59 -08:00
Jason Costello 52b3d7beb5 Re apply offset change after rebase 2017-03-08 17:34:57 -08:00
Jack Pearkes 2c3736bbe2 website: add squashed mega-nav work 2017-03-08 17:27:31 -08:00
vishalnayak b066f1ff72 Fix typo 2017-03-08 20:05:23 -05:00
vishalnayak f085cd71ab Fix typo 2017-03-08 17:49:39 -05:00
vishalnayak 317f0fa84a changelog++ 2017-03-08 17:46:07 -05:00
Vishal Nayak 5a6193a56e Audit: Add token's use count to audit response (#2437) 
* audit: Added token_num_uses to audit response

* Fixed jsonx tests

* Revert logical auth to NumUses instead of TokenNumUses

* s/TokenNumUses/NumUses

* Audit: Add num uses to audit requests as well

* Added RemainingUses to distinguish NumUses in audit requests
 2017-03-08 17:36:50 -05:00
Vishal Nayak 766c2e6ee0 SSH CA enhancements (#2442) 
* Use constants for storage paths

* Upgrade path for public key storage

* Fix calculateValidPrincipals, upgrade ca_private_key, and other changes

* Remove a print statement

* Added tests for upgrade case

* Make exporting consistent in creation bundle

* unexporting and constants

* Move keys into a struct instead of plain string

* minor changes
 2017-03-08 17:36:21 -05:00
Seth Vargo f18318f6dd Move upgrade into guides (#2460) 
* Move upgrades to guides

* Make root token copy-pastable
 2017-03-08 17:33:58 -05:00
Seth Vargo aa6346a8f6
Use htmlcompat in middleman-hashicorp 2017-03-08 14:14:52 -08:00
Seth Vargo d9c10960b7
Update license 2017-03-08 11:38:38 -08:00
Seth Vargo 7cd31072c2
Update license 2017-03-08 11:36:25 -08:00
Seth Vargo 2204e50f53
Delete config.ru 2017-03-08 11:28:43 -08:00
Seth Vargo 23c0c47ff5
Update favicons, container, turbolinks 2017-03-08 11:07:20 -08:00
Seth Vargo 49189e76f2
Fix website command 2017-03-08 09:47:16 -08:00
Seth Vargo d26d87f4a8
Remove Vagrantfile 2017-03-08 09:35:34 -08:00
Jeff Mitchell 4d133b8423 Minor doc updates 2017-03-08 10:25:57 -05:00
Jeff Mitchell 438b9b1d73 changelog++ 2017-03-08 10:23:02 -05:00
Jeff Mitchell 5d760d4090 Add option to require valid client certificates (#2457) 2017-03-08 10:21:31 -05:00