luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
3,114 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

158 Commits

Author SHA1 Message Date
vishalnayak 533b136fe7 Reduce the visibility of setUser 2016-03-16 11:39:52 -04:00
vishalnayak 2914ff7502 Use helper for existence check. Avoid panic by fetching default values for field data 2016-03-16 11:26:33 -04:00
vishalnayak 1e889bc08c Input validations and field renaming 2016-03-15 17:47:13 -04:00
vishalnayak a0958c9359 Refactor updating and creating userEntry into a helper function 2016-03-15 17:32:39 -04:00
vishalnayak acd545f1ed Fetch and store UserEntry to properly handle both create and update 2016-03-15 17:05:23 -04:00
vishalnayak 9609fe151b Change path structure of password and policies endpoints in userpass 2016-03-15 16:46:12 -04:00
vishalnayak 8be36b6925 Reuse the variable instead of fetching 'name' again 2016-03-15 16:21:47 -04:00
vishalnayak 61b4cac458 Added paths to update policies and password 2016-03-15 16:12:55 -04:00
vishalnayak 731bb97db5 Tests for updating password and policies in userpass backend 2016-03-15 16:09:23 -04:00
vishalnayak b7eb0a97e5 Userpass: Support updating policies and password 2016-03-15 15:18:21 -04:00
Jeff Mitchell 8aaf29b78d Add forgotten test 2016-03-15 14:18:35 -04:00
Jeff Mitchell 8bf935bc2b Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
Jeff Mitchell d648306d52 Add the ability to specify the app-id in the login path. 
This makes it easier to use prefix revocation for tokens.

Ping #424
 2016-03-14 16:24:01 -04:00
Vishal Nayak a6d8fc9d98 Merge pull request #1190 from grunzwei/master 
fix github tests to use the provided GITHUB_ORG environment variable
 2016-03-09 09:51:28 -05:00
Nathan Grunzweig ae469cc796 fix github tests to use the provided GITHUB_ORG environment variable 
(tests fail for non hashicorp people)
 2016-03-09 15:34:03 +02:00
Jeff Mitchell 5a17735dcb Add subject/authority key id to cert metadata 2016-03-07 14:59:00 -05:00
Jeff Mitchell 4a3d3ef300 Use better error message on LDAP renew failure 2016-03-07 09:34:16 -05:00
vishalnayak 44208455f6 continue if non-CA policy is not found 2016-03-01 16:43:51 -05:00
vishalnayak 9a3ddc9696 Added ExtKeyUsageAny, changed big.Int comparison and fixed code flow 2016-03-01 16:37:01 -05:00
vishalnayak cc1592e27a corrections, policy matching changes and test cert changes 2016-03-01 16:37:01 -05:00
vishalnayak 09eef70853 Added testcase for cert writes 2016-03-01 16:37:01 -05:00
vishalnayak f056e8a5a5 supporting non-ca certs for verification 2016-03-01 16:37:01 -05:00
vishalnayak aee006ba2d moved the test cert keys to appropriate test-fixtures folder 2016-02-29 15:49:08 -05:00
vishalnayak cf672400d6 fixed the error log message 2016-02-29 10:41:10 -05:00
vishalnayak dca18aec2e replaced old certs, with new certs generated from PKI backend, containing IP SANs 2016-02-28 22:15:54 -05:00
Jeff Mitchell 6b6005ee2e Remove root token requirement from GitHub configuration 2016-02-25 08:51:53 -05:00
vishalnayak 69bcbb28aa rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
vishalnayak 902c780f2b make the verification of certs in renewal configurable 2016-02-24 16:42:20 -05:00
vishalnayak bc4710eb06 Cert: renewal enhancements 2016-02-24 14:31:38 -05:00
vishalnayak 053bbd97ea check CIDR block for renewal as well 2016-02-24 10:55:31 -05:00
vishalnayak 978075a1b4 Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Jeff Mitchell fab2d8687a Remove root requirement for certs/ and crls/ in TLS auth backend. 
Fixes #468
 2016-02-21 15:33:33 -05:00
Jeff Mitchell 6df75231b8 Merge pull request #1100 from hashicorp/issue-1030 
Properly escape filter values in LDAP filters
 2016-02-19 14:56:40 -05:00
Jeff Mitchell 05b5ff69ed Address some feedback on ldap escaping help text 2016-02-19 13:47:26 -05:00
Jeff Mitchell d7b40b32db Properly escape filter values. 
Fixes #1030
 2016-02-19 13:16:52 -05:00
Jeff Mitchell c67871c36e Update LDAP documentation with a note on escaping 2016-02-19 13:16:18 -05:00
Jeff Mitchell d3f3122307 Add tests to ldap using the discover capability 2016-02-19 11:46:59 -05:00
Jeff Mitchell 154c326060 Add ldap tests that use a bind dn and bind password 2016-02-19 11:38:27 -05:00
vishalnayak 0b44d81a16 Github renewal enhancement 2016-02-11 20:42:42 -05:00
Jeff Mitchell 61eec74b4e Remove app-id renewal for the moment until verification logic is added 2016-01-31 19:12:20 -05:00
Jeff Mitchell bf13d68372 Fix userpass acceptance tests by giving it a system view 2016-01-29 20:14:14 -05:00
Jeff Mitchell d3a705f17b Make backends much more consistent: 
1) Use the new LeaseExtend
2) Use default values controlled by mount tuning/system defaults instead
of a random hard coded value
3) Remove grace periods
 2016-01-29 20:03:37 -05:00
Hanno Hecker 0db33274b7 discover bind dn with anonymous binds 2016-01-27 17:06:27 +01:00
Hanno Hecker 4606cd1492 fix stupid c&p error 2016-01-26 16:15:25 +01:00
Hanno Hecker 6a570345a0 add binddn/bindpath to search for the users bind DN 2016-01-26 15:56:41 +01:00
Jack DeLoach 8fecccde21 Add STS path to AWS backend. 
The new STS path allows for obtaining the same credentials that you would get
from the AWS "creds" path, except it will also provide a security token, and
will not have an annoyingly long propagation time before returning to the user.
 2016-01-21 14:05:09 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 5e72453b49 Use TypeDurationSecond instead of TypeString 2015-11-03 10:52:20 -05:00
Jeff Mitchell 154fc24777 Address first round of feedback from review 2015-11-03 10:52:20 -05:00
Jeff Mitchell 59cc61cc79 Add documentation for CRLs and some minor cleanup. 2015-11-03 10:52:20 -05:00