Jeff Mitchell
b90c84a2c6
Add unsalted test to app-id
2017-06-05 11:37:16 -04:00
Jeff Mitchell
f7df60b131
Allow accessing Warnings directly in Response. ( #2806 )
...
A change in copystructure has caused some panics due to the custom copy
function. I'm more nervous about production panics than I am about
keeping some bad code wiping out some existing warnings, so remove the
custom copy function and just allow direct setting of Warnings.
2017-06-05 10:52:43 -04:00
Jeff Mitchell
8f2ba268a0
Fix instantiation of salt funcs in app-id structs
2017-06-05 10:04:54 -04:00
Dan Stark
9f6b77598e
Fixes typos in error message and comment for AWS auth CLI ( #2798 )
2017-06-02 17:35:25 -07:00
Andrew
e33e489eee
Improve EC2 describe instances performance ( #2766 )
...
Query the EC2 API for the instance ID rather than filter the results of
all instances.
2017-05-26 08:38:01 -04:00
Vishal Nayak
3c968260a8
Cert verification for non-CA certs ( #2761 )
...
* Cert verification for non-CA certs
* Added test case to ensure login fails with expired non-CA cert
* Address review feedback
2017-05-25 10:49:09 -04:00
Jeff Mitchell
9f681ea4cf
Use auth-saved cert name during renewals to avoid a panic. ( #2755 )
2017-05-23 20:41:01 -04:00
emily
aa40d2cff6
add gofmt checks to Vault and format existing code ( #2745 )
2017-05-19 08:34:17 -04:00
Jeff Mitchell
d25aa9fc21
Don't write salts in initialization, look up on demand ( #2702 )
2017-05-09 17:51:09 -04:00
Jeff Mitchell
490b01d6d8
Add salt mutex to app-id ( #2690 )
2017-05-08 16:15:24 -04:00
Jeff Mitchell
6f6f242061
Add logic to skip initialization in some cases and some invalidation logic
2017-05-05 15:01:52 -04:00
Ben Gadbois
537342f038
Fixing printf (and similar) issues ( #2666 )
2017-05-01 23:34:10 -04:00
Michael Ansel
30b71cbbac
Add constraints on the Common Name for certificate-based authentication ( #2595 )
...
* Refactor to consolidate constraints on the matching chain
* Add CN prefix/suffix constraint
* Maintain backwards compatibility (pick a random cert if multiple match)
* Vendor go-glob
* Replace cn_prefix/suffix with required_name/globbing
Move all the new tests to acceptance-capable tests instead of embedding in the CRL test
* Allow authenticating against a single cert
* Add new params to documentation
* Add CLI support for new param
* Refactor for style
* Support multiple (ORed) name patterns
* Rename required_names to allowed_names
* Update docs for parameter rename
* Use the new TypeCommaStringSlice
2017-04-30 11:37:10 -04:00
Jeff Mitchell
9a72b3162f
Flip back to sstarcher go-okta post-merge
2017-04-28 17:21:49 -04:00
Jeff Mitchell
0f214cc502
Switch to jefferai/go-okta for now to work around Fatal lines in upstream ( #2658 )
...
Switch to jefferai/go-okta for now to work around Fatal lines in upstream
2017-04-28 08:39:51 -04:00
Joel Thompson
e06a78a474
Create unified aws auth backend ( #2441 )
...
* Rename builtin/credential/aws-ec2 to aws
The aws-ec2 authentication backend is being expanded and will become the
generic aws backend. This is a small rename commit to keep the commit
history clean.
* Expand aws-ec2 backend to more generic aws
This adds the ability to authenticate arbitrary AWS IAM principals using
AWS's sts:GetCallerIdentity method. The AWS-EC2 auth backend is being to
just AWS with the expansion.
* Add missing aws auth handler to CLI
This was omitted from the previous commit
* aws auth backend general variable name cleanup
Also fixed a bug where allowed auth types weren't being checked upon
login, and added tests for it.
* Update docs for the aws auth backend
* Refactor aws bind validation
* Fix env var override in aws backend test
Intent is to override the AWS environment variables with the TEST_*
versions if they are set, but the reverse was happening.
* Update docs on use of IAM authentication profile
AWS now allows you to change the instance profile of a running instance,
so the use case of "a long-lived instance that's not in an instance
profile" no longer means you have to use the the EC2 auth method. You
can now just change the instance profile on the fly.
* Fix typo in aws auth cli help
* Respond to PR feedback
* More PR feedback
* Respond to additional PR feedback
* Address more feedback on aws auth PR
* Make aws auth_type immutable per role
* Address more aws auth PR feedback
* Address more iam auth PR feedback
* Rename aws-ec2.html.md to aws.html.md
Per PR feedback, to go along with new backend name.
* Add MountType to logical.Request
* Make default aws auth_type dependent upon MountType
When MountType is aws-ec2, default to ec2 auth_type for backwards
compatibility with legacy roles. Otherwise, default to iam.
* Pass MountPoint and MountType back up to the core
Previously the request router reset the MountPoint and MountType back to
the empty string before returning to the core. This ensures they get set
back to the correct values.
2017-04-24 15:15:50 -04:00
Chris Hoffman
847c86f788
Rename ParseDedupAndSortStrings to ParseDedupLowercaseAndSortStrings ( #2614 )
2017-04-19 10:39:07 -04:00
Chris Hoffman
938eab37b6
Do not lowercase groups attached to users in ldap ( #2613 )
2017-04-19 10:36:45 -04:00
Mitch Davis
a051ec1b59
Use service bind for searching LDAP groups ( #2534 )
...
Fixes #2387
2017-04-18 15:52:05 -04:00
Vishal Nayak
09cd069435
Consider new bounds as a criteria to allow role creation ( #2600 )
...
* Consider new bounds as a criteria to allow role creation
* Added a test
2017-04-17 10:36:11 -04:00
vishalnayak
049e086b07
Fix typo. Closes GH-2528
2017-04-04 12:29:18 -04:00
Jeff Mitchell
709389dd36
Use ParseStringSlice on PKI organization/organizational unit. ( #2561 )
...
After, separately dedup and use new flag to not lowercase value.
Fixes #2555
2017-04-04 08:54:18 -07:00
Jeff Mitchell
3d162b63cc
Use locks in a slice rather than a map, which is faster and makes things cleaner ( #2446 )
2017-03-07 11:21:32 -05:00
Vishal Nayak
491a56fe9f
AppRole: Support restricted use tokens ( #2435 )
...
* approle: added token_num_uses to the role
* approle: added RUD tests for token_num_uses on role
* approle: doc: added token_num_uses
2017-03-03 09:31:20 -05:00
Jeff Mitchell
47f8478a97
Fix github compile breakage after dep upgrade
2017-02-24 15:32:05 -05:00
Vishal Nayak
b762c43fe2
Aws Ec2 additional binds for SubnetID, VpcID and Region ( #2407 )
...
* awsec2: Added bound_region
* awsec2: Added bound_subnet_id and bound_vpc_id
* Add bound_subnet_id and bound_vpc_id to docs
* Remove fmt.Printf
* Added crud test for aws ec2 role
* Address review feedback
2017-02-24 14:19:10 -05:00
Jeff Mitchell
c81582fea0
More porting from rep ( #2388 )
...
* More porting from rep
* Address review feedback
2017-02-16 16:29:30 -05:00
Vishal Nayak
eb4ef0f6e0
cidrutil: added test data points ( #2378 )
2017-02-16 00:51:02 -05:00
Vishal Nayak
81c95b36eb
aws-ec2 auth: Return the role period in seconds ( #2374 )
...
* aws-ec2 auth: Return the role period in seconds
* cast return values to int64 for comparison with expected values
2017-02-15 10:57:57 -05:00
Jeff Mitchell
04b4a6aa50
Fix Okta auth issue when a user has no policies and/or groups set. ( #2371 )
...
Fixes #2367
2017-02-14 16:28:16 -05:00
vishalnayak
2bbc247ab4
use net.JoinHostPort
2017-02-08 18:39:09 -05:00
Jeff Mitchell
72db329d67
Add support for backup/multiple LDAP URLs. ( #2350 )
2017-02-08 14:59:24 -08:00
Jeff Mitchell
a217be589c
Merge pull request #2154 from fcantournet/default-ldap-username
...
ldap auth via cli defaults username to env (#2137 )
2017-02-07 21:47:59 -08:00
Jeff Mitchell
a2f07acbc4
Use Getenv instead of LookupEnv
...
This prevents returning empty username if LOGNAME is set but empty and USER is set but not empty.
2017-02-07 21:47:06 -08:00
Jeff Mitchell
f05b482e46
Update error text
2017-02-07 21:44:23 -08:00
Jeff Mitchell
8f957579d8
Update some help text for RADIUS
2017-02-07 16:06:27 -05:00
Matteo Sessa
29d9d5676e
RADIUS Authentication Backend ( #2268 )
2017-02-07 16:04:27 -05:00
Jeff Mitchell
5de633fd27
Make userpass help text mention radius too
2017-02-04 07:48:30 -05:00
Jeff Mitchell
a8ea05f365
Add default mount param to userpass cli handler
2017-02-04 07:47:09 -05:00
Vishal Nayak
3457a11afd
awsec2: support periodic tokens ( #2324 )
...
* awsec2: support periodic tokens
* awsec2: add api docs for 'period'
2017-02-02 13:28:01 -05:00
Vishal Nayak
14fcc4b6eb
approle: secret-id listing lock sanity check ( #2315 )
...
* approle: secret-id listing lock sanity
* Skip processing an empty secretIDHMAC item during the iteration
* approle: use dedicated lock for listing of secret-id-accessors
2017-02-01 18:13:49 -05:00
louism517
0548555219
Support for Cross-Account AWS Auth ( #2148 )
2017-02-01 14:16:03 -05:00
Shane Starcher
6033ea884c
Okta implementation ( #1966 )
2017-01-26 19:08:52 -05:00
Vishal Nayak
5aba2d47b6
ldap: Minor enhancements, tests and doc update ( #2272 )
2017-01-23 10:56:43 -05:00
Vishal Nayak
fa7d61baa3
Merge pull request #2202 from fcantournet/fix_govet_fatalf
...
all: test: Fix govet warnings
2017-01-17 16:45:35 -05:00
Vishal Nayak
1d7ded02b4
Merge pull request #2152 from mr-tron/master
...
Thanks for submitting this. I am going to merge this in and write tests.
2017-01-13 14:29:46 -05:00
Brian Rodgers
f33d35f3de
Added a nil check for config and renamed org field internally.
2017-01-11 11:04:15 -06:00
Brian Rodgers
a8f12dff01
Added a 'read' for github config
2017-01-10 18:21:31 -06:00
Félix Cantournet
103b7ceab2
all: test: Fix govet warnings
...
Fix calls to t.Fatal() with formatting.
Fixed some calls to Fatalf() with wrong formatting
2016-12-21 19:44:07 +01:00
Jeff Mitchell
8fff7daf51
Don't panic when TLS is enabled but the initial dial doesn't return a connection ( #2188 )
...
Related to #2186
2016-12-15 15:49:30 -05:00
Félix Cantournet
e818efde7c
ldap auth via cli defaults username to env ( #2137 )
...
try to guess the username from 'LOGNAME' or if it isn't set 'USER'
2016-12-02 19:08:32 +01:00
Brian Nuszkowski
3d66907966
Disallow passwords LDAP binds by default ( #2103 )
2016-12-01 10:11:40 -08:00
Denis Subbotin
2797c609b0
fix checking that users policies is not nil
2016-11-29 16:35:49 +03:00
Denis Subbotin
cc374b3e2c
add support per user acl for ldap users
2016-11-29 13:32:59 +03:00
Thomas Soëte
5eaef287a8
Close ldap connection to avoid leak ( #2130 )
2016-11-28 09:31:36 -08:00
Jeff Mitchell
890c19312f
Update path help for approle secret id TTL
2016-11-15 11:50:51 -05:00
Daniel Somerfield
637414a623
Added support for individual user policy mapping in github auth backend. ( #2079 )
2016-11-10 16:21:14 -05:00
Jeff Mitchell
aa68041231
Fix GitHub tests
2016-11-08 07:13:42 -05:00
Glenn McAllister
50c8af0515
Add ldap tls_max_version config ( #2060 )
2016-11-07 13:43:39 -05:00
vishalnayak
65f0ce8ca3
Remove the sanity check which is not proving to be useful
2016-10-27 19:11:26 -04:00
Vishal Nayak
79d45355c8
Merge pull request #2004 from hashicorp/role-id-update
...
Fix regression caused by not creating a role_id secondary index
2016-10-26 16:29:46 -04:00
vishalnayak
2ce8bc95eb
Deduplicate the policies in ldap backend
2016-10-14 17:20:50 -04:00
vishalnayak
1487dce475
Fix regression caused by not creating a role_id secondary index
2016-10-14 12:56:29 -04:00
Michael S. Fischer
c45ab41b39
Update aws-ec2 configuration help
...
Updated to reflect enhanced functionality and clarify necessary
permissions.
2016-10-05 12:40:58 -07:00
vishalnayak
0f8c132ede
Minor doc updates
2016-10-04 15:46:09 -04:00
vishalnayak
2e1aa80f31
Address review feedback 2
2016-10-04 15:30:42 -04:00
vishalnayak
59475d7f14
Address review feedback
2016-10-04 15:05:44 -04:00
vishalnayak
348a09e05f
Add only relevant certificates
2016-10-03 20:34:28 -04:00
vishalnayak
dbd364453e
aws-ec2 config endpoints support type option to distinguish certs
2016-10-03 20:25:07 -04:00
vishalnayak
b105f8ccf3
Authenticate aws-ec2 instances using identity document and its RSA signature
2016-10-03 18:57:41 -04:00
Vishal Nayak
4c74b646fe
Merge pull request #1947 from hashicorp/secret-id-lookup-delete
...
Introduce lookup and destroy endpoints for secret IDs and its accessors
2016-09-29 10:19:54 -04:00
vishalnayak
34e76f8b41
Added website docs for lookup and destroy APIs
2016-09-28 22:11:48 -04:00
vishalnayak
d20819949c
Make secret-id reading and deleting, a POST op instead of GET
2016-09-28 20:22:37 -04:00
Michael S. Fischer
2dd1f584e6
Update documentation for required AWS API permissions
...
In order for Vault to map IAM instance profiles to roles, Vault
must query the 'iam:GetInstanceProfile' API, so update the documentation
and help to include the additional permissions needed.
2016-09-28 16:50:20 -07:00
Jeff Mitchell
f0203741ff
Change default TTL from 30 to 32 to accommodate monthly operations ( #1942 )
2016-09-28 18:32:49 -04:00
Vishal Nayak
5adfaa0d7d
Merge pull request #1939 from hashicorp/secret-id-upgrade
...
Respond secret_id_num_uses and deprecate SecretIDNumUses
2016-09-28 18:16:07 -04:00
vishalnayak
e9142f418a
Added todo to remind removal of upgrade code
2016-09-28 18:17:13 -04:00
vishalnayak
e01f99f042
Check for prefix match instead of exact match for IAM bound parameters
2016-09-28 18:08:28 -04:00
vishalnayak
21d9731286
Don't reset the deprecated value yet
2016-09-28 15:48:50 -04:00
Vishal Nayak
4a30a6b4f8
Merge pull request #1913 from hashicorp/bound-iam-instance-profile-arn
...
Proper naming for bound_iam_instance_profile_arn
2016-09-28 15:34:56 -04:00
vishalnayak
31e450a175
Add some validation checks
2016-09-28 15:36:02 -04:00
vishalnayak
9eabf75f5f
Fix the misplaced response warning
2016-09-28 14:20:03 -04:00
vishalnayak
a2338f5970
Added testcase to check secret_id_num_uses
2016-09-28 13:58:53 -04:00
vishalnayak
ba1d238f9b
Pull out reading and storing of secret ID into separate functions and handle upgrade properly
2016-09-28 12:42:26 -04:00
Mikhail Zholobov
5eff59c410
Fix "SecretIDNumUses" in AppRole auth backend
...
There was a typo.
2016-09-27 17:26:52 +03:00
Vishal Nayak
b1ee56a15b
Merge pull request #1910 from hashicorp/secret-id-cidr-list
...
CIDR restrictions on Secret ID
2016-09-26 10:22:48 -04:00
Vishal Nayak
a4b119dc25
Merge pull request #1920 from legal90/fix-approle-delete
...
Fix panic on deleting the AppRole which doesn't exist
2016-09-26 10:05:33 -04:00
Mikhail Zholobov
3f77013004
Fix panic on deleting the AppRole which doesn't exist
...
#pathRoleDelete should return silently if the specified AppRole doesn't exist
Fixes GH-1919
2016-09-26 16:55:08 +03:00
vishalnayak
da5b5d3a8e
Address review feedback from @jefferai
2016-09-26 09:53:24 -04:00
vishalnayak
d080107a87
Update docs to contain bound_iam_role_arn
2016-09-26 09:37:38 -04:00
vishalnayak
bf0b7f218e
Implemented bound_iam_role_arn constraint
2016-09-23 21:35:36 -04:00
Jeff Mitchell
6bf871995b
Don't use time.Time in responses. ( #1912 )
...
This fixes #1911 but not directly; it doesn't address the cause of the
panic. However, it turns out that this is the correct fix anyways,
because it ensures that the value being logged is RFC3339 format, which
is what the time turns into in JSON but not the normal time string
value, so what we audit log (and HMAC) matches what we are returning.
2016-09-23 12:32:07 -04:00
vishalnayak
e0c41f02c8
Fix incorrect naming of bound_iam_instance_profile_arn
2016-09-23 11:22:23 -04:00
vishalnayak
aaadd4ad97
Store the CIDR list in the secret ID storage entry.
...
Use the stored information to validate the source address and credential issue time.
Correct the logic used to verify BoundCIDRList on the role.
Reverify the subset requirements between secret ID and role during credential issue time.
2016-09-21 20:19:26 -04:00
vishalnayak
578b82acf5
Pass only valid inputs to validation methods
2016-09-21 15:44:54 -04:00
vishalnayak
93604e1e2e
Added cidrutil helper
2016-09-21 13:58:32 -04:00
Vishal Nayak
97dc0e9f64
Merge pull request #1897 from hashicorp/secret-id-accessor-locks
...
Safely manipulate secret id accessors
2016-09-19 11:37:38 -04:00
vishalnayak
fefd3a6c0b
s/GetOctalFormatted/GetHexFormatted
2016-09-16 17:47:15 -04:00
vishalnayak
ba72e7887a
Safely manipulate secret id accessors
2016-09-15 18:13:50 -04:00
Vishal Nayak
61664bc653
Merge pull request #1886 from hashicorp/approle-upgrade-notes
...
upgrade notes entry for approle constraint and warning on role read
2016-09-15 12:14:01 -04:00
vishalnayak
5597156886
check for nil role
2016-09-15 12:10:40 -04:00
vishalnayak
92986bb2a0
Address review feedback
2016-09-15 11:41:52 -04:00
vishalnayak
a1de742dce
s/disableReauthenticationNonce/reauthentication-disabled-nonce
2016-09-15 11:29:02 -04:00
vishalnayak
9bca127631
Updated docs with nonce usage
2016-09-14 19:31:09 -04:00
vishalnayak
857f921d76
Added comment
2016-09-14 18:27:35 -04:00
vishalnayak
39796e8801
Disable reauthentication if nonce is explicitly set to empty
2016-09-14 17:58:00 -04:00
vishalnayak
d0e4d77fce
address review feedback
2016-09-14 14:28:02 -04:00
vishalnayak
d7ce69c5eb
Remove the client nonce being empty check
2016-09-14 14:28:02 -04:00
vishalnayak
53c919b1d0
Generate the nonce by default
2016-09-14 14:28:02 -04:00
vishalnayak
455a4ae055
address review feedback
2016-09-14 12:08:35 -04:00
vishalnayak
b1392567d1
Use constant time comparisons for client nonce
2016-09-13 20:12:43 -04:00
vishalnayak
d2e66014ba
Address review feedback
2016-09-13 18:30:04 -04:00
Jeff Mitchell
29b67141eb
Only use running state for checking if instance is alive. ( #1885 )
...
Fixes #1884
2016-09-13 18:08:05 -04:00
vishalnayak
99a2655d8e
upgrade notes entry for approle constraint and warning on role read
2016-09-13 17:44:07 -04:00
vishalnayak
bef9c2ee61
Ensure at least one constraint on the role
2016-09-13 16:03:15 -04:00
vishalnayak
cdcfa4572f
Address review feedback
2016-08-30 16:36:58 -04:00
vishalnayak
29b9295673
approle: fix racy updates problem for roles
2016-08-30 16:11:14 -04:00
Jeff Mitchell
d1284944c3
Merge pull request #1755 from hashicorp/logxi
...
Convert to logxi
2016-08-21 19:28:18 -04:00
Jeff Mitchell
58b32e5432
Convert to logxi
2016-08-21 18:13:37 -04:00
vishalnayak
524ed6db37
Extract out common code
2016-08-21 15:46:11 -04:00
vishalnayak
dfe73733d5
Seperate endpoints for read/delete using secret-id and accessor
2016-08-21 14:42:49 -04:00
Jeff Mitchell
2860dcc60f
gofmt
2016-08-19 16:48:32 -04:00
vishalnayak
7ce631f1dc
Pretty print the warning
2016-08-18 16:09:10 -04:00
vishalnayak
870ffd6fd8
Use shortestTTL value during renewals too
2016-08-18 15:43:58 -04:00
vishalnayak
4f1c47478e
When TTL is not set, consider the system default TTL as well
2016-08-18 15:37:59 -04:00
vishalnayak
56b8c33c95
aws-ec2: se max_ttl when ttl is not set, during login
2016-08-18 15:16:32 -04:00
vishalnayak
b150c14caa
Address review feedback by @jefferai
2016-08-09 17:45:42 -04:00
vishalnayak
8d261b1a78
Added ttl field to aws-ec2 auth backend role
2016-08-09 17:29:45 -04:00
Jeff Mitchell
1f198e9256
Return warning about ACLing the LDAP configuration endpoint.
...
Fixes #1263
2016-08-08 10:18:36 -04:00
Jeff Mitchell
9e204bd88c
Add arbitrary string slice parsing.
...
Like the KV function, this supports either separated strings or JSON
strings, base64-encoded or not.
Fixes #1619 in theory.
2016-08-03 14:24:16 -04:00
Jeff Mitchell
c025b292b5
Cleanup
2016-08-03 13:09:12 -04:00
vishalnayak
a6907769b0
AppRole authentication backend
2016-07-26 09:32:41 -04:00
Jeff Mitchell
0cfb112e87
Explicitly set invalid request status when a password isn't included
2016-07-25 11:14:15 -04:00
Jeff Mitchell
dc4b85b55e
Don't return 500 for user error in userpass when setting password
2016-07-25 11:09:46 -04:00
Jeff Mitchell
d4c3e27c4e
Fix re-specification of filter
2016-07-25 09:08:29 -04:00
Oren Shomron
cd6d114e42
LDAP Auth Backend Overhaul
...
--------------------------
Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.
Simplified group membership lookup significantly to support multiple use-cases:
* Enumerating groups via memberOf attribute on user object
* Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
* Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule
There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.
Additional changes:
* Clarify documentation for LDAP auth backend.
* Reworked how default values are set, added tests
* Removed Dial from LDAP config read. Network should not affect configuration.
2016-07-22 21:20:05 -04:00
Jeff Mitchell
68dcf677fa
Fix panic if no certificates are supplied by client
...
Fixes #1637
2016-07-21 10:20:41 -04:00
Jeff Mitchell
b353e44209
Fix build
2016-07-21 09:53:41 -04:00
Jeff Mitchell
d335038b40
Ensure we never return a nil set of trusted CA certs
...
Fixes #1637
2016-07-21 09:50:31 -04:00
vishalnayak
c14235b206
Merge branch 'master-oss' into json-use-number
...
Conflicts:
http/handler.go
logical/framework/field_data.go
logical/framework/wal.go
vault/logical_passthrough.go
2016-07-15 19:21:55 -04:00
Vishal Nayak
cdf58da43b
Merge pull request #1610 from hashicorp/min-tls-ver-12
...
Set minimum TLS version in all tls.Config objects
2016-07-13 10:53:14 -06:00
vishalnayak
09a4142fd3
Handled upgrade path for TLSMinVersion
2016-07-13 12:42:51 -04:00
vishalnayak
de19314f18
Address review feedback
2016-07-13 11:52:26 -04:00
vishalnayak
407722a9b4
Added tls_min_version to consul storage backend
2016-07-12 20:10:54 -04:00
vishalnayak
f34f0ef503
Make 'tls_min_version' configurable
2016-07-12 19:32:47 -04:00
vishalnayak
46d34130ac
Set minimum TLS version in all tls.Config objects
2016-07-12 17:06:28 -04:00
vishalnayak
e09b40e155
Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC
2016-07-08 18:30:18 -04:00
vishalnayak
ad7cb2c8f1
Added JSON Decode and Encode helpers.
...
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
2016-07-06 12:25:40 -04:00
Jeff Mitchell
51cd67115c
Run appid/cert auth tests always
2016-07-01 14:06:33 -04:00
Jeff Mitchell
5d707c41ff
Always run userpass acceptance tests
2016-07-01 11:37:38 -04:00