Commit graph

289 commits

Author SHA1 Message Date
Chris Hoffman 1029ad3b33 Rename "generic" secret backend to "kv" (#3292) 2017-09-15 09:02:29 -04:00
Calvin Leung Huang 6f417d39da Normalize plugin_name option for mount and enable-auth (#3202) 2017-08-31 12:16:59 -04:00
Seth Vargo ae5996a737
Add SignKey endpoint for SSH API client 2017-08-18 12:59:08 -04:00
Jeff Mitchell d2410e3399 gofmt 2017-08-02 19:38:35 -04:00
nrhall-deshaw 888e1e3859 Add SRV record functionality for client side host/port discovery of Vault (#3035)
* added SRV record functionality for client side port discovery of Vault

* Add a check on returned address length
2017-08-02 19:19:06 -04:00
Calvin Leung Huang db9d9e6415 Store original request path in WrapInfo (#3100)
* Store original request path in WrapInfo as CreationPath

* Add wrapping_token_creation_path to CLI output

* Add CreationPath to AuditResponseWrapInfo

* Fix tests

* Add and fix tests, update API docs with new sample responses
2017-08-02 18:28:58 -04:00
Jeff Mitchell cefa70c8a3 Have sys health api always return even in an error case (#3087)
* Have sys health api always return even in an error case, which HTTP API docs say it should

* Use specific return codes to bypass automatic error handling
2017-08-02 10:01:40 -04:00
Jeff Mitchell d0f329e124 Add leader cluster address to status/leader output. (#3061)
* Add leader cluster address to status/leader output. This helps in
identifying a particular node when all share the same redirect address.

Fixes #3042
2017-07-31 18:25:27 -04:00
Jeff Mitchell 1bfc6d4fe7 Add a -dev-three-node option for devs. (#3081) 2017-07-31 11:28:06 -04:00
Chris Hoffman 5cb87e26ef moving client calls to new endpoint (#2867) 2017-07-25 11:58:33 -04:00
Calvin Leung Huang bb54e9c131 Backend plugin system (#2874)
* Add backend plugin changes

* Fix totp backend plugin tests

* Fix logical/plugin InvalidateKey test

* Fix plugin catalog CRUD test, fix NoopBackend

* Clean up commented code block

* Fix system backend mount test

* Set plugin_name to omitempty, fix handleMountTable config parsing

* Clean up comments, keep shim connections alive until cleanup

* Include pluginClient, disallow LookupPlugin call from within a plugin

* Add wrapper around backendPluginClient for proper cleanup

* Add logger shim tests

* Add logger, storage, and system shim tests

* Use pointer receivers for system view shim

* Use plugin name if no path is provided on mount

* Enable plugins for auth backends

* Add backend type attribute, move builtin/plugin/package

* Fix merge conflict

* Fix missing plugin name in mount config

* Add integration tests on enabling auth backend plugins

* Remove dependency cycle on mock-plugin

* Add passthrough backend plugin, use logical.BackendType to determine lease generation

* Remove vault package dependency on passthrough package

* Add basic impl test for passthrough plugin

* Incorporate feedback; set b.backend after shims creation on backendPluginServer

* Fix totp plugin test

* Add plugin backends docs

* Fix tests

* Fix builtin/plugin tests

* Remove flatten from PluginRunner fields

* Move mock plugin to logical/plugin, remove totp and passthrough plugins

* Move pluginMap into newPluginClient

* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck

* Change shim logger's Fatal to no-op

* Change BackendType to uint32, match UX backend types

* Change framework.Backend Setup signature

* Add Setup func to logical.Backend interface

* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments

* Remove commented var in plugin package

* RegisterLicense on logical.Backend interface (#3017)

* Add RegisterLicense to logical.Backend interface

* Update RegisterLicense to use callback func on framework.Backend

* Refactor framework.Backend.RegisterLicense

* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs

* plugin: Revert BackendType to remove TypePassthrough and related references

* Fix typo in plugin backends docs
2017-07-20 13:28:40 -04:00
Gobin Sougrakpam 2ddbc4a939 Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 09:48:31 -04:00
Seth Vargo c77986d03e
Do not double-convert to seconds 2017-07-11 16:06:50 -07:00
Seth Vargo cfad705ddc Fix typo 2017-07-10 22:26:42 -07:00
Chris Hoffman 8fee1ec31d updating for TestCluster changes 2017-07-10 20:47:03 -07:00
Seth Vargo 725e0e5b73
Fix doc 2017-07-07 17:15:43 -04:00
Seth Vargo 8da29a5a23
Use the core client 2017-07-07 17:14:49 -04:00
Seth Vargo 994cf1db5c
Fix failing test 2017-07-07 17:14:49 -04:00
Seth Vargo 462d30fd38
Buffer doneCh 2017-07-07 17:14:49 -04:00
Seth Vargo d48c51185d
Add configurable buffer size 2017-07-07 17:14:48 -04:00
Seth Vargo 29255fd2eb
Do not block writing to doneCh if stopped 2017-07-07 17:14:48 -04:00
Seth Vargo e22b3d9ec8
Make lock private 2017-07-07 17:14:48 -04:00
Seth Vargo 7f47f06014
Remove init() seed 2017-07-07 17:14:47 -04:00
Seth Vargo 81a24fda29
Fix vet errors 2017-07-07 17:14:47 -04:00
Seth Vargo ae7d6da993
Allow a custom randomizer 2017-07-07 17:14:47 -04:00
Seth Vargo 5f658abc12
Use Fatalf 2017-07-07 17:14:47 -04:00
Seth Vargo 207e1d5dd3
Use a more heurstic function for calculating sleep backoff 2017-07-07 17:14:46 -04:00
Seth Vargo f18b7fd6dc
Seed the random generator 2017-07-07 17:14:46 -04:00
Seth Vargo 10cdc62c62
Move renewer integration tests into separate package 2017-07-07 17:14:46 -04:00
Seth Vargo a09c84ce75
Use a separate package for API integration tests
This removes the cyclic dependency
2017-07-07 17:14:45 -04:00
Seth Vargo d711dfebd1
Send a more useful struct for renewal 2017-07-07 17:14:45 -04:00
Seth Vargo 951421e613
Reorg 2017-07-07 17:14:45 -04:00
Seth Vargo 1ea998e2f5
Use unbuffered channels 2017-07-07 17:14:45 -04:00
Seth Vargo dcdbef1dfb
Use a time.Duration instead of an int for grace 2017-07-07 17:14:44 -04:00
Seth Vargo 62e1f5c498
Use RenewTokenAsSelf instead 2017-07-07 17:14:44 -04:00
Seth Vargo 77ee95cb82
Add secret renewer 2017-07-07 17:14:44 -04:00
Seth Vargo 4069eb21b6
Add test stubs for starting a vault server and pg database 2017-07-07 17:14:43 -04:00
Seth Vargo 506a304ecc
Add API helper for renewing a token as another token 2017-07-07 17:14:42 -04:00
Jeff Mitchell d169918465 Create and persist human-friendly-ish mount accessors (#2918) 2017-06-26 18:14:36 +01:00
Seth Vargo 084064389e Add a convenience function for copying a client (#2887) 2017-06-20 04:08:15 +01:00
Jeff Mitchell 5817a8a5f8 Return error on bad CORS and add Header specification to API request primitive 2017-06-19 18:20:44 -04:00
Aaron Salvo 0303f51b68 Cors headers (#2021) 2017-06-17 00:04:55 -04:00
Chris Hoffman a91763b81f reverting client changes in #2856 (#2866) 2017-06-14 16:39:20 -04:00
Chris Hoffman ec1d943dce moving client calls to new endpoint (#2856) 2017-06-14 10:38:15 -04:00
Vishal Nayak 2d61087b99 api: Don't treat 429 as error (#2850)
* api: Don't treat 429 as error

* Added parenthesis
2017-06-12 18:31:36 -04:00
Kiss György 0be37ca78b Add Health() method to Sys client (#2805) 2017-06-05 11:00:45 -04:00
emily aa40d2cff6 add gofmt checks to Vault and format existing code (#2745) 2017-05-19 08:34:17 -04:00
Lee Avital bf34484d9d Respect the configured address's path in the client (#2588) 2017-04-13 14:06:38 -04:00
pkrolikowski 0fb75d9e89 Pass user/pass for HTTP Basic Authentication in URL parameters (#2469) 2017-03-10 07:19:23 -05:00
Jeff Mitchell f03d500808 Add option to disable caching per-backend. (#2455) 2017-03-08 09:20:09 -05:00