Commit graph

15 commits

Author SHA1 Message Date
Jeff Mitchell 3129187dc2 JWT wrapping tokens (#2172) 2017-01-04 16:44:03 -05:00
Vishal Nayak b3c805e662 Audit the client token accessors (#2037) 2016-10-29 17:01:49 -04:00
Jeff Mitchell e925987cb6 Add token accessor to wrap information if one exists 2016-06-13 23:58:17 +00:00
Jeff Mitchell 31e1ed2417 Implement WrapInfo audit logging 2016-05-07 20:03:56 -04:00
vishalnayak 0602bb25f1 Remove redundant variables 2016-03-11 21:36:38 -05:00
vishalnayak e09819fedc Added hash_accessor option to audit backends 2016-03-11 19:28:06 -05:00
Jeff Mitchell f0c66f0b8c Use reflect.Value.String() rather than a type assertion.
Fixes a panic in hashstructure/auditing that can occur with custom
string types.

Fixes #973
2016-01-26 12:32:50 -05:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell cf4b88c196 Write HMAC-SHA256'd client token to audited requests
Fixes #713
2015-10-29 13:26:18 -04:00
Jeff Mitchell 5dde76fa1c Expand HMAC support in Salt; require an identifier be passed in to specify type but allow generation with and without. Add a StaticSalt ID for testing functions. Fix bugs; unit tests pass. 2015-09-18 17:38:30 -04:00
Jeff Mitchell b655f6b858 Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash. 2015-09-18 17:38:22 -04:00
Armon Dadgar 46636ea52c audit: Guard against a few nil pointer cases 2015-04-27 15:56:40 -07:00
Mitchell Hashimoto 1b34aae7f1 audit: separate hashing from formatting to facilitate raw 2015-04-22 07:41:53 +02:00
Mitchell Hashimoto 97ff2ad09b audit: add SHA1 hash callback 2015-04-21 16:13:06 +01:00
Mitchell Hashimoto 2a6bb96276 audit: add hashstructure 2015-04-21 16:02:03 +01:00