Commit graph

309 commits

Author SHA1 Message Date
Tom Wilkie e06cb595fc Make the plugin catalog endpoint roundtrip so we can use terraform to manage them. (#3778) 2018-01-17 19:19:28 -05:00
Jeff Mitchell 88313f0398 Update replication state logic.
Fixes #3727
2018-01-16 13:51:55 -05:00
Jeff Mitchell d8009bced1 Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-10 11:15:49 -05:00
Brian Kassouf 1c190d4bda
Pass context to backends (#3750)
* Start work on passing context to backends

* More work on passing context

* Unindent logical system

* Unindent token store

* Unindent passthrough

* Unindent cubbyhole

* Fix tests

* use requestContext in rollback and expiration managers
2018-01-08 10:31:38 -08:00
Jeff Mitchell d1803098ae Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Jeff Mitchell 9630f93845
Fix audited request header lookup (#3707)
The headers are stored lowercased but the lookup function wasn't
properly lowercasing when indexing in the header map.

Fixes #3701
2017-12-18 10:05:51 -05:00
Jeff Mitchell 2b78bc2a9b
Port over bits (#3575) 2017-11-13 15:31:32 -05:00
Jeff Mitchell d55f94f4a3
Plumb more seal wrap stuff through and move to outside layer of mount options (#3572) 2017-11-13 11:22:22 -05:00
Seth Vargo c5665920f6
Standardize on "auth method"
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
2017-10-24 09:32:15 -04:00
Jeff Mitchell d38a699c32 Make compile 2017-10-23 17:15:56 -04:00
Jeff Mitchell 8e9317792d Fix some merge/update bugs 2017-10-23 16:49:46 -04:00
Jeff Mitchell 3c6fe40a91 Sync 2017-10-23 15:35:28 -04:00
Chris Hoffman e4065e33d2 copying general purpose tools from transit backend to /sys/tools (#3391) 2017-10-20 10:59:17 -04:00
Seth Vargo 6fd9d11c79 Allow more complex errors from plugins (no interface change) (#3444)
* Allow more complex errors from plugins

This enables more complex types to be registered and returned from plugins.

*  Register common error types

This is a slightly less drastic change, which keeps the HTTPCodedError
as an interface.

* Remove replication error from list
2017-10-19 13:29:59 -07:00
Chris Hoffman 9d73c81f38 Disable the sys/raw endpoint by default (#3329)
* disable raw endpoint by default

* adding docs

* config option raw -> raw_storage_endpoint

* docs updates

* adding listing on raw endpoint

* reworking tests for enabled raw endpoints

* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
Jeff Mitchell dae06d9a0e Simplify a lot of the mount tuning code (#3285) 2017-09-05 10:57:25 -04:00
Brian Kassouf a8d9426d9f Update locking components from DR replication changes (#3283)
* Update locking components from DR replication changes

* Fix plugin backend test

* Add a comment about needing the statelock:
2017-09-04 19:38:37 -04:00
Calvin Leung Huang 6f417d39da Normalize plugin_name option for mount and enable-auth (#3202) 2017-08-31 12:16:59 -04:00
Jeff Mitchell 654e7d92ac Properly lowercase policy names. (#3210)
Previously we lowercased names on ingress but not on lookup or delete
which could cause unexpected results. Now, just unilaterally lowercase
policy names on write and delete. On get, to avoid the performance hit
of always lowercasing when not necessary since it's in the critical
path, we have a minor optimization -- we check the LRU first before
normalizing. For tokens, because they're already normalized when adding
policies during creation, this should always work; it might just be
slower for API calls.

Fixes #3187
2017-08-18 19:47:23 -04:00
Jeff Mitchell 411419cbf8 plugins/backend/reload -> plugins/reload/backend (#3186) 2017-08-16 12:40:38 -04:00
Jeff Mitchell c34a5b2e93 * Add ability to specify a plugin dir in dev mode (#3184)
* Change (with backwards compatibility) sha_256 to sha256 for plugin
registration
2017-08-16 11:17:50 -04:00
Calvin Leung Huang 6853d80212 Add plugin backend reload capability (#3112)
* Add plugin reload capability on all mounts for a specific plugin type

* Comments cleanup

* Add per-mount plugin backend reload, add tests

* Fix typos

* Remove old comment

* Reuse existing storage view in reloadPluginCommon

* Correctly handle reloading auth plugin backends

* Update path to plugin/backend/reload

* Use multierrors on reloadMatchingPluginMounts, attempt to reload all mounts provided

* Use internal value as check to ensure plugin backend reload

* Remove connection state from request for plugins at the moment

* Minor cleanup

* Refactor tests
2017-08-08 00:18:59 -04:00
Aaron Salvo ad1d74cae0 Set allowed headers via API instead of defaulting to wildcard. (#3023) 2017-08-07 10:03:30 -04:00
Calvin Leung Huang db9d9e6415 Store original request path in WrapInfo (#3100)
* Store original request path in WrapInfo as CreationPath

* Add wrapping_token_creation_path to CLI output

* Add CreationPath to AuditResponseWrapInfo

* Fix tests

* Add and fix tests, update API docs with new sample responses
2017-08-02 18:28:58 -04:00
Jeff Mitchell a9b1d699d0 Make sys/wrapping/lookup unauthenticated. (#3084)
We still perform validation on the token, so if the call makes it
through to this endpoint it's got a valid token (either explicitly
specified in data or as the request token). But this allows
introspection for sanity/safety checking without revoking the token in
the process.
2017-07-31 16:16:16 -04:00
Chris Hoffman b89114b011 root protect /sys/revoke-force/* (#2876) 2017-07-25 11:59:43 -04:00
Calvin Leung Huang bb54e9c131 Backend plugin system (#2874)
* Add backend plugin changes

* Fix totp backend plugin tests

* Fix logical/plugin InvalidateKey test

* Fix plugin catalog CRUD test, fix NoopBackend

* Clean up commented code block

* Fix system backend mount test

* Set plugin_name to omitempty, fix handleMountTable config parsing

* Clean up comments, keep shim connections alive until cleanup

* Include pluginClient, disallow LookupPlugin call from within a plugin

* Add wrapper around backendPluginClient for proper cleanup

* Add logger shim tests

* Add logger, storage, and system shim tests

* Use pointer receivers for system view shim

* Use plugin name if no path is provided on mount

* Enable plugins for auth backends

* Add backend type attribute, move builtin/plugin/package

* Fix merge conflict

* Fix missing plugin name in mount config

* Add integration tests on enabling auth backend plugins

* Remove dependency cycle on mock-plugin

* Add passthrough backend plugin, use logical.BackendType to determine lease generation

* Remove vault package dependency on passthrough package

* Add basic impl test for passthrough plugin

* Incorporate feedback; set b.backend after shims creation on backendPluginServer

* Fix totp plugin test

* Add plugin backends docs

* Fix tests

* Fix builtin/plugin tests

* Remove flatten from PluginRunner fields

* Move mock plugin to logical/plugin, remove totp and passthrough plugins

* Move pluginMap into newPluginClient

* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck

* Change shim logger's Fatal to no-op

* Change BackendType to uint32, match UX backend types

* Change framework.Backend Setup signature

* Add Setup func to logical.Backend interface

* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments

* Remove commented var in plugin package

* RegisterLicense on logical.Backend interface (#3017)

* Add RegisterLicense to logical.Backend interface

* Update RegisterLicense to use callback func on framework.Backend

* Refactor framework.Backend.RegisterLicense

* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs

* plugin: Revert BackendType to remove TypePassthrough and related references

* Fix typo in plugin backends docs
2017-07-20 13:28:40 -04:00
Chris Hoffman d481e65c5a Cleaning up logical and auth unmount functions (#2994) 2017-07-13 10:57:14 -07:00
Jeff Mitchell d169918465 Create and persist human-friendly-ish mount accessors (#2918) 2017-06-26 18:14:36 +01:00
Jeff Mitchell cf7d56e8f3 Fix up CORS.
Ref #2021
2017-06-17 01:26:25 -04:00
Aaron Salvo 0303f51b68 Cors headers (#2021) 2017-06-17 00:04:55 -04:00
Vishal Nayak 3696c9b779 Input checks for policy rules (#2771)
* Input checks for policy rules

* Address review feedback
2017-05-26 10:48:41 -04:00
Jeff Mitchell d25aa9fc21 Don't write salts in initialization, look up on demand (#2702) 2017-05-09 17:51:09 -04:00
Jeff Mitchell 726bd6f379 Don't load a required mount if in secondary mode, let sync invalidate do that 2017-05-05 19:40:26 -04:00
Jeff Mitchell 6f6f242061 Add logic to skip initialization in some cases and some invalidation logic 2017-05-05 15:01:52 -04:00
Jeff Mitchell 55ef4f2566 Merge branch 'master-oss' into sys-tidy-leases 2017-05-05 10:53:41 -04:00
Brian Kassouf 5ee0d696d4 Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 10:45:18 -07:00
Jeff Mitchell 9a91700263 Move tidy-leases to leases/tidy 2017-05-04 09:40:11 -04:00
Jeff Mitchell f8295a301d Merge branch 'master-oss' into sys-tidy-leases 2017-05-04 09:37:52 -04:00
Chris Hoffman 3d9cf89ad6 Add the ability to view and list of leases metadata (#2650) 2017-05-03 22:03:42 -04:00
Jeff Mitchell bb6b5f7aa6 Add taint flag for looking up by accessor 2017-05-03 13:08:50 -04:00
vishalnayak 58967c0bbd Merge branch 'oss' into sys-tidy-leases 2017-04-27 11:23:48 -04:00
Chris Hoffman 1a60fede58 Updating revoke/renew to prefer PUT method (#2646) 2017-04-27 10:47:43 -04:00
vishalnayak 5909d81b7b Merge branch 'oss' into clean-stale-leases 2017-04-26 15:07:27 -04:00
Brian Kassouf e4e61ec18c return a 404 when no plugin is found 2017-04-24 18:31:27 -07:00
Brian Kassouf 657d433330 Update the ResponseWrapData function to return a wrapping.ResponseWrapInfo object 2017-04-24 12:15:01 -07:00
Brian Kassouf c4e2ad74c5 Update path for the plugin catalog in logical system 2017-04-24 11:35:32 -07:00
Brian Kassouf 6c8239ba03 Update the builtin keys; move catalog to core; protect against unset plugin directory 2017-04-24 10:30:33 -07:00
Brian Kassouf 8ccf10641b Merge branch 'master' into database-refactor 2017-04-12 14:29:10 -07:00
Brian Kassouf c3724c6f17 Add path help and comments for plugin-catalog 2017-04-12 10:01:36 -07:00
Brian Kassouf faaeb09065 Add remaining crud functions to plugin catalog and tests 2017-04-12 09:40:54 -07:00
Brian Kassouf e8781b6a2b Plugin catalog 2017-04-03 17:52:29 -07:00
Jeff Mitchell f03d500808 Add option to disable caching per-backend. (#2455) 2017-03-08 09:20:09 -05:00
vishalnayak f54ff0f842 Add locking where possible while doing auth/token/tidy 2017-03-07 16:06:05 -05:00
vishalnayak 3522b67e14 Added sys/tidy-leases endpoint 2017-03-07 15:50:17 -05:00
Jeff Mitchell 5119b173c4 Rename helper 'duration' to 'parseutil'. (#2449)
Add a ParseBool function that accepts various kinds of ways of
specifying booleans.

Have config use ParseBool for UI and disabling mlock/cache.
2017-03-07 11:21:22 -05:00
Jeff Mitchell a585f709d3 Understand local when persisting mount tables, to avoid invalidations when not necessary (#2427) 2017-03-02 14:37:59 -05:00
Jeff Mitchell 0e1b1e33be Add comment around not allowing users to create JWT wrapping tokens 2017-02-22 11:13:40 -05:00
Jeff Mitchell 4a966726e5 Make reindex a root path as well 2017-02-16 23:36:06 -05:00
Jeff Mitchell 674a0a48bf Fix rep path fetching method into a function 2017-02-16 23:23:21 -05:00
Jeff Mitchell 494b4c844b More porting from rep (#2389)
* More porting from rep

* Address feedback
2017-02-16 20:13:19 -05:00
Jeff Mitchell c81582fea0 More porting from rep (#2388)
* More porting from rep

* Address review feedback
2017-02-16 16:29:30 -05:00
Brian Kassouf 8ef4bc32dd Update the help text for auditing headers (#2330)
* Update the help text for auditing headers

* Update help name
2017-02-03 10:08:31 -08:00
Brian Kassouf 6701ba8a10 Configure the request headers that are output to the audit log (#2321)
* Add /sys/config/audited-headers endpoint for configuring the headers that will be audited

* Remove some debug lines

* Add a persistant layer and refactor a bit

* update the api endpoints to be more restful

* Add comments and clean up a few functions

* Remove unneeded hash structure functionaility

* Fix existing tests

* Add tests

* Add test for Applying the header config

* Add Benchmark for the ApplyConfig method

* ResetTimer on the benchmark:

* Update the headers comment

* Add test for audit broker

* Use hyphens instead of camel case

* Add size paramater to the allocation of the result map

* Fix the tests for the audit broker

* PR feedback

* update the path and permissions on config/* paths

* Add docs file

* Fix TestSystemBackend_RootPaths test
2017-02-02 11:49:20 -08:00
Jeff Mitchell 64fc18e523 When a JWT wrapping token is returned, audit the inner token both for
request and response. This makes it far easier to properly check
validity elsewhere in Vault because we simply replace the request client
token with the inner value.
2017-01-04 23:50:24 -05:00
Jeff Mitchell 3129187dc2 JWT wrapping tokens (#2172) 2017-01-04 16:44:03 -05:00
Jeff Mitchell 6c1d2ffea9 Allow wrapping to be specified by backends, and take the lesser of the request/response times (#2088) 2016-11-11 15:12:11 -05:00
Jeff Mitchell b45a481365 Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell f3ab4971a6 Follow Vault convention on DELETE being idempotent (#1903)
* Follow Vault convention on `DELETE` being idempotent with
audit/auth/mounts deletes (a.k.a. disabling/unmounting).
2016-09-19 13:02:25 -04:00
Jeff Mitchell 58b32e5432 Convert to logxi 2016-08-21 18:13:37 -04:00
Jeff Mitchell 62c69f8e19 Provide base64 keys in addition to hex encoded. (#1734)
* Provide base64 keys in addition to hex encoded.

Accept these at unseal/rekey time.

Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
Jeff Mitchell c86fd0353c urllease_id -> url_lease_id 2016-08-08 18:34:00 -04:00
Jeff Mitchell 56b7f595aa Fix parsing optional URL param 2016-08-08 18:08:25 -04:00
Jeff Mitchell ab71b981ad Add ability to specify renew lease ID in POST body. 2016-08-08 18:00:44 -04:00
Jeff Mitchell 23ab63c78e Add accessor list function to token store 2016-07-29 18:20:38 -04:00
Jeff Mitchell d2cbe48aaf Use RFC3339Nano for better precision 2016-07-25 14:11:57 -04:00
Jeff Mitchell 5b210b2a1f Return a duration instead and port a few other places to use it 2016-07-11 18:19:35 +00:00
Jeff Mitchell ab6c2bc5e8 Factor out parsing duration second type and use it for parsing tune values too 2016-07-11 17:53:39 +00:00
vishalnayak 2933c5ce08 Made default_lease_ttl and max_lease_ttl as int64 and fixed tests 2016-06-20 20:23:49 -04:00
vishalnayak 848b479a61 Added 'sys/auth/<path>/tune' endpoints.
Displaying 'Default TTL' and 'Max TTL' in the output of 'vault auth -methods'
2016-06-15 13:58:24 -04:00
Jeff Mitchell a57996ac08 Add to auth/audit too 2016-05-26 13:38:51 -04:00
Jeff Mitchell 475b0e2d33 Add table/type checking to mounts table. 2016-05-26 12:55:00 -04:00
Jeff Mitchell 99a5b4402d Merge branch 'master-oss' into cubbyhole-the-world 2016-05-04 14:42:14 -04:00
Jeff Mitchell 1bc2abecd5 Properly persist auth mount tuning 2016-05-03 14:24:04 -04:00
Jeff Mitchell aba689a877 Add wrapping through core and change to use TTL instead of Duration. 2016-05-02 00:47:35 -04:00
Jeff Mitchell f293b1bb98 Merge pull request #1328 from hashicorp/sethvargo/path-help
Add missing path-helps and clarify subpaths in tables
2016-04-25 13:53:06 -04:00
Jeff Mitchell 556039344a There's no good story around accessing any of core via /sys/raw, so blacklist it all 2016-04-19 16:01:15 +00:00
Seth Vargo 03c09341a4 Add missing path-helps and clarify subpaths in tables 2016-04-13 22:15:54 +01:00
Jeff Mitchell afae46feb7 SealInterface 2016-04-04 10:44:22 -04:00
vishalnayak fbfe72f286 Removed http/sys_capabilties_test.go 2016-03-18 09:48:45 -04:00
vishalnayak 55f03b5d25 Add separate path for capabilities-self to enable ACL 2016-03-17 22:52:03 -04:00
vishalnayak 68367f60c8 Fix broken testcases 2016-03-17 21:03:32 -04:00
vishalnayak d348735322 Fix help descriptions 2016-03-17 21:03:32 -04:00
vishalnayak f275cd2e9c Fixed capabilities API to receive logical response 2016-03-17 21:03:32 -04:00
vishalnayak a5d79d587a Refactoring the capabilities function 2016-03-17 21:03:32 -04:00
vishalnayak dcb7f00bcc Move sys/capabilities to logical_system along with business logic from core 2016-03-17 21:03:32 -04:00
vishalnayak 2b712bc778 Move capabilities accessor logic to logical_system 2016-03-17 21:03:32 -04:00
vishalnayak 71fc07833f Rename id to path and path to file_path, print audit backend paths 2016-03-14 17:15:07 -04:00
Jeff Mitchell cba947b049 Fix path help description for rekey_backup 2016-03-09 21:04:54 -05:00
Jeff Mitchell 6df72e6efd Merge pull request #1168 from hashicorp/revoke-force
Add forced revocation.
2016-03-09 16:59:52 -05:00
Jeff Mitchell 0d46fb4696 Create a unified function to sanitize mount paths.
This allows mount paths to start with '/' in addition to ensuring they
end in '/' before leaving the system backend.
2016-03-03 13:13:47 -05:00
Jeff Mitchell cd86226845 Add forced revocation.
In some situations, it can be impossible to revoke leases (for instance,
if someone has gone and manually removed users created by Vault). This
can not only cause Vault to cycle trying to revoke them, but it also
prevents mounts from being unmounted, leaving them in a tainted state
where the only operations allowed are to revoke (or rollback), which
will never successfully complete.

This adds a new endpoint that works similarly to `revoke-prefix` but
ignores errors coming from a backend upon revocation (it does not ignore
errors coming from within the expiration manager, such as errors
accessing the data store). This can be used to force Vault to abandon
leases.

Like `revoke-prefix`, this is a very sensitive operation and requires
`sudo`. It is implemented as a separate endpoint, rather than an
argument to `revoke-prefix`, to ensure that control can be delegated
appropriately, as even most administrators should not normally have
this privilege.

Fixes #1135
2016-03-03 10:13:59 -05:00
Jeff Mitchell 9c47b8c0a7 Remove sys_policy from special handling as it's implemented in
logical_system too. Clean up the mux handlers.
2016-03-02 14:16:54 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities.
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell bece637eb7 Address feedback from review 2015-11-15 17:32:57 -05:00
Jeff Mitchell bc4c18a1cf Rearchitect MountTable locking and fix rollback.
The rollback manager was using a saved MountTable rather than the
current table, causing it to attempt to rollback unmounted mounts, and
never rollback new mounts.

In fixing this, it became clear that bad things could happen to the
mount table...the table itself could be locked, but the table pointer
(which is what the rollback manager needs) could be modified at any time
without locking. This commit therefore also returns locking to a mutex
outside the table instead of inside, and plumbs RLock/RUnlock through to
the various places that are reading the table but not holding a write
lock.

Both unit tests and race detection pass.

Fixes #771
2015-11-11 11:54:52 -05:00
Jeff Mitchell 8673f36b34 Don't require root tokens for mount and policy endpoints. 2015-11-09 15:29:21 -05:00
Jeff Mitchell 7aa3faa626 Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 12:07:42 -05:00
Jeff Mitchell e02517ae42 Rename tune functions 2015-10-09 20:00:17 -04:00
Jeff Mitchell 50b9129e65 Normalize policy names to lowercase on write. They are not currently
normalized when reading or deleting, for backwards compatibility.

Ping #676.
2015-10-07 13:52:21 -04:00
Jeff Mitchell 8f27c250d6 Fix problematic logging statements.
Fixes #665.
2015-10-02 18:31:46 -07:00
Jeff Mitchell 62ac518ae7 Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend. 2015-09-25 10:41:21 -04:00
Jeff Mitchell ab7d35b95e Fix up per-backend timing logic; also fix error in TypeDurationSecond in
GetOkErr.
2015-09-21 09:55:03 -04:00
Jeff Mitchell 68c268a6f0 Allow tuning of auth mounts, to set per-mount default/max lease times 2015-09-19 11:50:50 -04:00
Jeff Mitchell 39cfcccdac Remove error returns from sysview TTL calls 2015-09-10 15:09:54 -04:00
Jeff Mitchell ace611d56d Address items from feedback. Make MountConfig use values rather than
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
Jeff Mitchell c460ff10ca Push a lot of logic into Router to make a bunch of it nicer and enable a
lot of cleanup. Plumb config and calls to framework.Backend.Setup() into
logical_system and elsewhere, including tests.
2015-09-10 15:09:54 -04:00
Jeff Mitchell 86ccae7bd5 Fix mount config test by proxying mounts/ in addition to mounts 2015-09-10 15:09:54 -04:00
Jeff Mitchell 488d33c70a Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
Jeff Mitchell 4239f9d243 Add DynamicSystemView. This uses a pointer to a pointer to always have
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.

Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
Jeff Mitchell 696d0c7b1d Plumb per-mount config options through API 2015-09-10 15:09:53 -04:00
Jeff Mitchell 992e357d07 Add some plumbing to allow specified system configuration information to
be retrieved by logical backends. First implemented is default/max TTL.
2015-08-27 08:51:35 -07:00
Jeff Mitchell 15f57082e0 Begin factoring out sys paths into logical routes. Also, standardize on 307 as redirect code. 2015-08-20 13:20:35 -07:00
Caleb Tennis 4da080e769 This adds a new error class which can be used by logical backends to
specify more concrete error cases to make their way back up the stack.

Over time there is probably a cleaner way of doing this, but that's
looking like a more massive rewrite and this solves some issues in
the meantime.

Use a CodedError to return a more concrete HTTP return code for
operations you want to do so.  Returning a regular error leaves
the existing behavior in place.
2015-08-10 13:27:25 -04:00
Nate Brown a0be7af858 Fixing key-status if audit logging is on 2015-06-24 10:57:05 -07:00
Armon Dadgar ffeb6ea76c vault: allow increment to be duration string. Fixes #340 2015-06-17 15:58:20 -07:00
Armon Dadgar 4eb5c63a5d vault: create upgrade path in HA mode 2015-05-28 16:43:15 -07:00
Armon Dadgar 9f399eb9ff vault: prevent raw access to protected paths 2015-05-28 10:24:41 -07:00
Armon Dadgar 1a4256c20c vault: more logging around rotate 2015-05-27 17:56:55 -07:00
Armon Dadgar d0b93a6164 vault: adding sys/key-status and sys/rotate 2015-05-27 17:53:42 -07:00
Armon Dadgar 0b84e86483 vault: Adding more logging 2015-05-15 17:19:32 -07:00
Armon Dadgar 466c7575d3 Replace VaultID with LeaseID for terminology simplification 2015-04-08 13:35:32 -07:00
Mitchell Hashimoto 246c2839b0 logical/framework: make help look nicer 2015-04-03 21:00:23 -07:00
Armon Dadgar d5403d6673 vault: TODO cleanups 2015-04-01 22:13:08 -07:00
Armon Dadgar 114c1e1dea vault: Adding the raw/ endpoints to sys 2015-04-01 17:45:00 -07:00
Armon Dadgar c83f46606b vault: Simpify token checking logic 2015-04-01 14:03:17 -07:00
Armon Dadgar dda8dec5bf vault: Adding sys/ paths to enable/disable audit backends 2015-03-31 16:45:08 -07:00
Mitchell Hashimoto 0666bda865 vault: require root token for seal 2015-03-31 09:59:02 -07:00
Mitchell Hashimoto 04c80a81bc vault: add seal to the sys backend 2015-03-31 09:36:13 -07:00
Mitchell Hashimoto 62ee621ea3 logical: move cred stuff over here 2015-03-30 17:46:18 -07:00
Armon Dadgar f40ed182c4 vault: Support policy CRUD 2015-03-23 14:43:31 -07:00
Armon Dadgar 82e13e3c41 vault: implement the sys/auth* endpoints 2015-03-20 12:48:19 -07:00
Mitchell Hashimoto c349e97168 vault: clean up VaultID duplications, make secret responses clearer
/cc @armon - This is a reasonably major refactor that I think cleans up
a lot of the logic with secrets in responses. The reason for the
refactor is that while implementing Renew/Revoke in logical/framework I
found the existing API to be really awkward to work with.

Primarily, we needed a way to send down internal data for Vault core to
store since not all the data you need to revoke a key is always sent
down to the user (for example the user than AWS key belongs to).

At first, I was doing this manually in logical/framework with
req.Storage, but this is going to be such a common event that I think
its something core should assist with. Additionally, I think the added
context for secrets will be useful in the future when we have a Vault
API for returning orphaned out keys: we can also return the internal
data that might help an operator.

So this leads me to this refactor. I've removed most of the fields in
`logical.Response` and replaced it with a single `*Secret` pointer. If
this is non-nil, then the response represents a secret. The Secret
struct encapsulates all the lease info and such.

It also has some fields on it that are only populated at _request_ time
for Revoke/Renew operations. There is precedent for this sort of
behavior in the Go stdlib where http.Request/http.Response have fields
that differ based on client/server. I copied this style.

All core unit tests pass. The APIs fail for obvious reasons but I'll fix
that up in the next commit.
2015-03-19 23:11:42 +01:00
Mitchell Hashimoto 2a1ae18877 vault: convert to new callback style 2015-03-19 15:05:22 +01:00
Mitchell Hashimoto d9bff7b674 vault: TODOs 2015-03-17 20:54:38 -05:00
Mitchell Hashimoto abe0859aa5 vault: use RWMutex on MountTable itself 2015-03-17 20:39:45 -05:00
Armon Dadgar a24192b728 vault: Support sys/revoke-prefix/ 2015-03-16 16:33:48 -07:00
Armon Dadgar f08659aaaa vault: Adding sys/revoke 2015-03-16 16:26:34 -07:00
Armon Dadgar 57b4f970d2 vault: Test renew of bad ID 2015-03-16 16:14:53 -07:00
Armon Dadgar e52f1ee960 vault: Testing sys/renew 2015-03-16 16:11:55 -07:00
Mitchell Hashimoto de1e28a77c vault: change to /sys/mounts 2015-03-16 10:52:35 -07:00
Mitchell Hashimoto e3a796028e http: /v1/sys/mount endpoint 2015-03-16 10:36:43 -07:00
Mitchell Hashimoto 9f0d59d03f vault: system using the framework 2015-03-15 17:35:59 -07:00
Mitchell Hashimoto ece0be434e vault: rename SystemBackend2 to SystemBackend 2015-03-15 14:54:49 -07:00
Mitchell Hashimoto d1d1929192 vault: convert to logical.Request and friends 2015-03-15 14:53:41 -07:00
Mitchell Hashimoto 5ffcd02b7a vault: convert system to logical.Backend 2015-03-15 14:42:05 -07:00