Armon Dadgar
|
a8d4319ad5
|
vault: Update LRU on GetPolicy
|
2015-04-06 16:43:05 -07:00 |
|
Armon Dadgar
|
f022ec97c4
|
vault: Adding policy LRU cache
|
2015-04-06 16:41:48 -07:00 |
|
Armon Dadgar
|
493ee49e4d
|
vault: unify the token renew response
|
2015-04-06 16:35:39 -07:00 |
|
Mitchell Hashimoto
|
7aee6269f7
|
vault: pass a logger around to logical backends
|
2015-04-04 11:39:58 -07:00 |
|
Mitchell Hashimoto
|
246c2839b0
|
logical/framework: make help look nicer
|
2015-04-03 21:00:23 -07:00 |
|
Mitchell Hashimoto
|
8ff435ba1a
|
vault: fix issue with wrong path getting passed through
|
2015-04-03 20:48:04 -07:00 |
|
Mitchell Hashimoto
|
df8dbe9677
|
vault: allow mount point queries without trailing /
|
2015-04-03 20:45:00 -07:00 |
|
Armon Dadgar
|
148fe3d864
|
vault: Adding Hash function to MountTable
|
2015-04-03 17:46:57 -07:00 |
|
Armon Dadgar
|
d74c4c1c33
|
vault: Remove log about rollback
|
2015-04-03 17:11:24 -07:00 |
|
Armon Dadgar
|
3250bfad0a
|
vault: test credential unmount does cleanup
|
2015-04-03 16:15:34 -07:00 |
|
Armon Dadgar
|
82eda2b169
|
vault: Do early check for missing backend
|
2015-04-03 16:09:06 -07:00 |
|
Armon Dadgar
|
0dee7d29ec
|
vault: disable credential backend revokes tokens
|
2015-04-03 16:07:45 -07:00 |
|
Armon Dadgar
|
56d0b51be0
|
vault: Reuse mount table methods
|
2015-04-03 16:00:46 -07:00 |
|
Armon Dadgar
|
683d01e984
|
vault: Refactor common methods
|
2015-04-03 15:59:30 -07:00 |
|
Armon Dadgar
|
eaa483ff87
|
vault: Enforce default and max length leasing
|
2015-04-03 15:42:34 -07:00 |
|
Armon Dadgar
|
0ba7c64c0f
|
vault: Verify client token is not passed through in the plain
|
2015-04-03 15:39:56 -07:00 |
|
Armon Dadgar
|
002b2ad589
|
vault: Provide salted client token to logical backends
|
2015-04-03 14:42:39 -07:00 |
|
Armon Dadgar
|
e4854ca59b
|
vault: Allow deep paths for audit backends
|
2015-04-03 14:27:33 -07:00 |
|
Armon Dadgar
|
2f3e511507
|
vault: Allow deep paths for auth mounting
|
2015-04-03 14:24:00 -07:00 |
|
Armon Dadgar
|
b8d69a357c
|
vault: Use Auth for lease and renewable
|
2015-04-03 14:04:50 -07:00 |
|
Armon Dadgar
|
2feba52f40
|
vault: Adding auth/token/renew endpoint
|
2015-04-03 12:11:49 -07:00 |
|
Armon Dadgar
|
adaa83b48c
|
vault: Adding RenewToken to expiration manager
|
2015-04-03 11:58:10 -07:00 |
|
Armon Dadgar
|
c82fbbb8c3
|
vault: Support prefix based token revocation
|
2015-04-03 11:40:08 -07:00 |
|
Armon Dadgar
|
eec6c27fae
|
vault: Special case auth/token/create
|
2015-04-02 18:05:23 -07:00 |
|
Armon Dadgar
|
c6479642e9
|
vault: integrate login with expiration manager
|
2015-04-02 17:52:11 -07:00 |
|
Armon Dadgar
|
1b19a8ee1b
|
vault: Rename RegisterLogin to RegisterAuth
|
2015-04-02 17:45:42 -07:00 |
|
Armon Dadgar
|
d0ac9e5711
|
vault: Expose SaltID from token store
|
2015-04-02 17:39:38 -07:00 |
|
Armon Dadgar
|
c54534875a
|
vault: testing remount cleanup
|
2015-04-02 12:04:37 -07:00 |
|
Armon Dadgar
|
f397cd3fb1
|
vault: remount does appropriate cleanup
|
2015-04-02 12:03:00 -07:00 |
|
Armon Dadgar
|
3a8dc4dff9
|
vault: Adding Untaint to router
|
2015-04-02 12:01:53 -07:00 |
|
Armon Dadgar
|
bfe7a1e901
|
vault: testing unmount cleanup
|
2015-04-02 11:47:44 -07:00 |
|
Armon Dadgar
|
0b5572a2f7
|
vault: ensure unmount properly cleans up state
|
2015-04-02 11:18:06 -07:00 |
|
Armon Dadgar
|
3e427910fb
|
vault: Support tainting router paths
|
2015-04-02 11:18:06 -07:00 |
|
Armon Dadgar
|
c718408055
|
vault: Added MatchingView method
|
2015-04-02 11:18:06 -07:00 |
|
Armon Dadgar
|
d5e5499ddd
|
vault: Adding ClearView method
|
2015-04-02 11:18:05 -07:00 |
|
Armon Dadgar
|
d5403d6673
|
vault: TODO cleanups
|
2015-04-01 22:13:08 -07:00 |
|
Armon Dadgar
|
f231a6c67d
|
vault: rollback supports joining an inflight operation
|
2015-04-01 22:12:03 -07:00 |
|
Armon Dadgar
|
c3aed5589e
|
vault: Adding intermediate taint step to unmount
|
2015-04-01 22:12:03 -07:00 |
|
Mitchell Hashimoto
|
6218c2729d
|
http: audit endpoints
|
2015-04-01 18:36:13 -07:00 |
|
Armon Dadgar
|
114c1e1dea
|
vault: Adding the raw/ endpoints to sys
|
2015-04-01 17:45:00 -07:00 |
|
Armon Dadgar
|
28bc849fd9
|
vault: Attach policy name if missing
|
2015-04-01 17:45:00 -07:00 |
|
Armon Dadgar
|
6933f94acd
|
vault: Prevent UUID injection on sys mount path
|
2015-04-01 17:45:00 -07:00 |
|
Mitchell Hashimoto
|
a8912e82d8
|
enable github
|
2015-04-01 15:48:56 -07:00 |
|
Armon Dadgar
|
4138e43f00
|
vault: Adding audit trail for login
|
2015-04-01 14:48:37 -07:00 |
|
Armon Dadgar
|
3d3e18793b
|
vault: Integrate audit logging with core
|
2015-04-01 14:33:48 -07:00 |
|
Armon Dadgar
|
b657b74a97
|
vault: Minor rework for clarity
|
2015-04-01 14:11:26 -07:00 |
|
Armon Dadgar
|
c83f46606b
|
vault: Simpify token checking logic
|
2015-04-01 14:03:17 -07:00 |
|
Armon Dadgar
|
cd681d7226
|
vault: Extending AuditBroker to support new audit methods
|
2015-04-01 13:55:07 -07:00 |
|
Mitchell Hashimoto
|
08a9216aa7
|
vault: register vault ID even fi no lease
|
2015-03-31 21:04:10 -07:00 |
|
Mitchell Hashimoto
|
2c9ebecda7
|
vault: register zero lease entries with the expiration manager
/cc @armon - would appreciate a review on this one
|
2015-03-31 21:01:12 -07:00 |
|
Mitchell Hashimoto
|
aba7fc1910
|
http: auth handlers
|
2015-03-31 20:24:51 -07:00 |
|
Armon Dadgar
|
dda8dec5bf
|
vault: Adding sys/ paths to enable/disable audit backends
|
2015-03-31 16:45:08 -07:00 |
|
Armon Dadgar
|
7ca462c028
|
vault: Adding enable/disable audit methods
|
2015-03-31 15:26:07 -07:00 |
|
Armon Dadgar
|
d817e31d67
|
vault: Sanity check keys in the barrier view
|
2015-03-31 13:32:24 -07:00 |
|
Armon Dadgar
|
a6bc60c7d6
|
vault: Adding AuditBroker and basic tests
|
2015-03-31 13:22:40 -07:00 |
|
Armon Dadgar
|
0a7df0b3d4
|
vault: Adding options to mount table
|
2015-03-31 13:14:08 -07:00 |
|
Mitchell Hashimoto
|
1dcb37c6b6
|
vault: lookup-self for TokenStore to look up your own store
|
2015-03-31 12:51:00 -07:00 |
|
Mitchell Hashimoto
|
63f259cc8d
|
vault: lookup without a token looks up self
|
2015-03-31 12:50:07 -07:00 |
|
Mitchell Hashimoto
|
6a72ea61d5
|
vault: convert TokenStore to logical/framework
|
2015-03-31 12:48:19 -07:00 |
|
Mitchell Hashimoto
|
c8294170cc
|
vault: test bad key to seal
|
2015-03-31 10:00:04 -07:00 |
|
Mitchell Hashimoto
|
0666bda865
|
vault: require root token for seal
|
2015-03-31 09:59:02 -07:00 |
|
Mitchell Hashimoto
|
04c80a81bc
|
vault: add seal to the sys backend
|
2015-03-31 09:36:13 -07:00 |
|
Mitchell Hashimoto
|
d4509b0ee3
|
vault: keep the connection info around for auth
|
2015-03-30 20:55:01 -07:00 |
|
Mitchell Hashimoto
|
c9acfa17cb
|
vault: get rid of HangleLogin
|
2015-03-30 20:26:39 -07:00 |
|
Mitchell Hashimoto
|
69593cde56
|
remove credential/ lots of tests faililng
|
2015-03-30 18:07:05 -07:00 |
|
Mitchell Hashimoto
|
62ee621ea3
|
logical: move cred stuff over here
|
2015-03-30 17:46:18 -07:00 |
|
Mitchell Hashimoto
|
e9a3a34c27
|
vault: tests passing
|
2015-03-29 16:18:08 -07:00 |
|
Mitchell Hashimoto
|
4cacaf62f0
|
http: support auth
|
2015-03-29 16:14:54 -07:00 |
|
Armon Dadgar
|
5517910829
|
vault: Make audit/ a protected path
|
2015-03-27 14:00:57 -07:00 |
|
Armon Dadgar
|
042db7798e
|
vault: Adding basic audit table load/unload
|
2015-03-27 14:00:38 -07:00 |
|
Armon Dadgar
|
609ac4c562
|
vault: Allow passing in audit factory methods
|
2015-03-27 13:45:13 -07:00 |
|
Armon Dadgar
|
9a4946f115
|
vault: Testing core ACL enforcement
|
2015-03-24 15:55:27 -07:00 |
|
Armon Dadgar
|
23864839bb
|
vault: testing root privilege restrictions
|
2015-03-24 15:52:07 -07:00 |
|
Armon Dadgar
|
fe402cdd87
|
vault: ignore a nil policy object, as it has no permissions
|
2015-03-24 15:49:17 -07:00 |
|
Armon Dadgar
|
b354f03cb2
|
vault: adding auth/token/lookup/ support
|
2015-03-24 15:39:33 -07:00 |
|
Armon Dadgar
|
4a4d1d3e45
|
vault: adding auth/token/revoke/ and auth/token/revoke-orphan/
|
2015-03-24 15:30:09 -07:00 |
|
Armon Dadgar
|
26f05f7a20
|
vault: Passthrough of client token to token store
|
2015-03-24 15:12:52 -07:00 |
|
Armon Dadgar
|
6fd3cae2c2
|
vault: Adding auth/token/create endpoint
|
2015-03-24 15:10:46 -07:00 |
|
Armon Dadgar
|
b5332404d1
|
vault: Allow providing token ID during creation
|
2015-03-24 14:22:50 -07:00 |
|
Armon Dadgar
|
b41d2e6368
|
vault: utility string set methods
|
2015-03-24 13:56:07 -07:00 |
|
Armon Dadgar
|
493fbc12fc
|
vault: utility string search methods
|
2015-03-24 13:44:47 -07:00 |
|
Armon Dadgar
|
49df1570d6
|
vault: test missing and invalid tokens
|
2015-03-24 11:57:08 -07:00 |
|
Armon Dadgar
|
20c2375352
|
vault: Adding ACL enforcement
|
2015-03-24 11:37:07 -07:00 |
|
Armon Dadgar
|
43a99aec93
|
vault: Special case root policy
|
2015-03-24 11:27:21 -07:00 |
|
Armon Dadgar
|
4598e43140
|
vault: Adding ClientToken
|
2015-03-24 11:09:25 -07:00 |
|
Armon Dadgar
|
65ef4f1032
|
vault: wire tokens into expiration manager
|
2015-03-23 18:11:15 -07:00 |
|
Armon Dadgar
|
86c9bd9083
|
vault: Give expiration manager a token store reference
|
2015-03-23 18:00:14 -07:00 |
|
Armon Dadgar
|
6481ff9e34
|
vault: Generate a root token when initializing
|
2015-03-23 17:31:30 -07:00 |
|
Armon Dadgar
|
cd3ee5cc03
|
vault: Remove core reference
|
2015-03-23 17:29:36 -07:00 |
|
Armon Dadgar
|
539554fc0b
|
vault: only log expiration notice if useful
|
2015-03-23 17:27:46 -07:00 |
|
Armon Dadgar
|
3607eae208
|
vault: Adding method to generate root token
|
2015-03-23 17:16:37 -07:00 |
|
Armon Dadgar
|
f40ed182c4
|
vault: Support policy CRUD
|
2015-03-23 14:43:31 -07:00 |
|
Armon Dadgar
|
192dcf7d39
|
vault: first pass at HandleLogin
|
2015-03-23 13:56:43 -07:00 |
|
Armon Dadgar
|
879a0501f8
|
vault: Track the token store in core
|
2015-03-23 13:41:05 -07:00 |
|
Armon Dadgar
|
56d99fe580
|
vault: token tracks generation path and meta data
|
2015-03-23 13:39:43 -07:00 |
|
Armon Dadgar
|
10e64d1e90
|
vault: extend router to handle login routing
|
2015-03-23 11:47:55 -07:00 |
|
Armon Dadgar
|
a78b7207b9
|
vault: playing with credential store interface
|
2015-03-20 13:54:57 -07:00 |
|
Armon Dadgar
|
82e13e3c41
|
vault: implement the sys/auth* endpoints
|
2015-03-20 12:48:19 -07:00 |
|
Mitchell Hashimoto
|
a0f59f682b
|
logical/framework: can specify InternalData for secret
|
2015-03-20 17:59:48 +01:00 |
|
Mitchell Hashimoto
|
1ff229ca68
|
http: passing tests
|
2015-03-19 23:28:49 +01:00 |
|