luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
2,392 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

142 Commits

Author SHA1 Message Date
Jeff Mitchell d6b6cbe9aa changelog++ 2016-01-07 09:22:45 -05:00
Jeff Mitchell 06d19e4269 changelog++ 2016-01-05 11:27:08 -05:00
Jeff Mitchell a99c29dad4 changelog++ 2016-01-04 17:01:32 -05:00
Jeff Mitchell dbd7c9aaab changelog++ 2016-01-04 14:14:51 -05:00
Jeff Mitchell 80d92903f4 changelog++ 2015-12-31 18:11:32 -05:00
Jeff Mitchell a7a02b3043 Cert documentation fix. 
Fixes #899
 2015-12-30 16:44:24 -05:00
Jeff Mitchell 7e93071404 Move the information about the new behavior of token-renew to the breaking changes section 2015-12-30 15:29:24 -05:00
Jeff Mitchell be4277199f changelog++ 2015-12-30 15:20:02 -05:00
Jeff Mitchell e0d0ff6884 changelog++ 2015-12-30 14:43:51 -05:00
Jeff Mitchell 0ef4fadb25 changelog++ 2015-12-30 13:28:49 -05:00
Jeff Mitchell 0c338f01ea changelog++ 2015-12-29 13:18:36 -05:00
Jeff Mitchell e43656c045 changelog++ 2015-12-29 13:03:22 -05:00
Jeff Mitchell 822144b321 changelog++ 2015-12-29 13:00:57 -05:00
Jeff Mitchell b206775301 changelog++ 2015-12-29 12:39:56 -05:00
Jeff Mitchell 52545ce020 changelog++ 2015-12-23 13:34:39 -05:00
Jeff Mitchell 49d2793acc changelog++ 2015-12-22 10:22:57 -05:00
Jeff Mitchell 56bc82f7cd changelog++ 2015-12-18 10:08:14 -05:00
Jeff Mitchell 68773ec5a3 changelog++ 2015-12-17 15:09:53 -05:00
Jeff Mitchell f8a824c476 changelog++ 2015-12-17 13:50:56 -05:00
Jeff Mitchell 8f78998e89 changelog++ 2015-12-17 10:24:12 -05:00
Jeff Mitchell 113393d988 changelog++ 2015-12-17 10:12:53 -05:00
Jeff Mitchell 048f1284e4 CL++ 2015-12-15 20:02:43 -05:00
Jeff Mitchell af64f3401c CL++ 2015-12-14 21:27:12 -05:00
Jeff Mitchell 8816359bf5 CL++ 2015-12-14 21:24:29 -05:00
Jeff Mitchell ff9745bb00 Update Changelog and documentation with separate-HA-backend info. 2015-12-14 21:04:58 -05:00
Jeff Mitchell d149294e48 CL++ 2015-12-14 20:55:45 -05:00
Jeff Mitchell 468d1553af CL++ 2015-12-14 14:47:32 -05:00
Jeff Mitchell 39b87960f3 CL++ 2015-12-14 14:45:55 -05:00
Jeff Mitchell a9a8700f29 CL++ 2015-12-14 11:21:06 -05:00
Jeff Mitchell 546b3add9c Changelogify 2015-12-11 12:05:22 -05:00
Jeff Mitchell 0a568761ea Changelogify 2015-12-11 12:02:43 -05:00
Jeff Mitchell 944862bb33 Update changelog and in-progress dev version number 2015-12-10 16:34:10 -05:00
Jeff Mitchell e02acf9943 Fill in release date in Changelog 2015-12-10 13:21:44 -05:00
Jeff Mitchell e25b3ad344 Update documentation to be consistent with return codes 
Fixes #831
 2015-12-10 10:26:40 -05:00
Jeff Mitchell d332200495 Merge branch 'master' into pki-csrs 2015-12-09 16:48:07 -05:00
Jeff Mitchell 900b3d8882 Return 400 instead of 500 if generic backend is written to without data. 
Fixes #825
 2015-12-09 10:39:22 -05:00
Jeff Mitchell 448efd56fa Merge branch 'master' into pki-csrs 2015-12-08 10:57:53 -05:00
Jeff Mitchell dab0049d0e Changelogify 2015-12-07 13:22:24 -05:00
Jeff Mitchell 1dbfcc3b45 Merge branch 'master' into pki-csrs 2015-12-03 15:23:08 -05:00
Jeff Mitchell 3bdbd66f7d Remove datacenter from Consul configuration, as it cannot actually do 
anything

Fixes #816
 2015-12-03 15:16:37 -05:00
Jeff Mitchell 4eec9d69e8 Change allowed_base_domain to allowed_domains and allow_base_domain to 
allow_bare_domains, for comma-separated multi-domain support.
 2015-11-30 23:49:11 -05:00
Jeff Mitchell b6c49ddf01 Remove token display names from input options as there isn't a viable 
use-case for it at the moment
 2015-11-30 18:07:42 -05:00
Jeff Mitchell ee8e143555 Add PKI enhancements to Changelog 2015-11-20 13:18:07 -05:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log 
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
 2015-11-18 20:26:03 -05:00
Jeff Mitchell 29135b65ca Changelogify 2015-11-18 10:34:50 -05:00
Jeff Mitchell bc4c18a1cf Rearchitect MountTable locking and fix rollback. 
The rollback manager was using a saved MountTable rather than the
current table, causing it to attempt to rollback unmounted mounts, and
never rollback new mounts.

In fixing this, it became clear that bad things could happen to the
mount table...the table itself could be locked, but the table pointer
(which is what the rollback manager needs) could be modified at any time
without locking. This commit therefore also returns locking to a mutex
outside the table instead of inside, and plumbs RLock/RUnlock through to
the various places that are reading the table but not holding a write
lock.

Both unit tests and race detection pass.

Fixes #771
 2015-11-11 11:54:52 -05:00
Jeff Mitchell 1a45696208 Add no-default-policy flag and API parameter to allow exclusion of the 
default policy from a token create command.
 2015-11-09 17:30:50 -05:00
Jeff Mitchell d6693129de Create a "default" policy with sensible rules. 
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
 2015-11-09 15:44:09 -05:00
Jeff Mitchell 8673f36b34 Don't require root tokens for mount and policy endpoints. 2015-11-09 15:29:21 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup. 
Fixes #765
 2015-11-09 13:52:55 -05:00