luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
7191 commits 1 branch 0 tags 214 MiB
Commit graph

7191 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vishal Nayak 7be7bc1754
Redirect server output warnings to stdout (#3831) 2018-01-22 20:58:27 -05:00
Brian Kassouf b597e14f01
Update data values from byte arrays to strings in proto definition (#3829) 
* Update data values from byte arrays to strings in proto definition

* Update comments
 2018-01-22 17:56:34 -08:00
Jeff Mitchell 524ec14f9d
Update Dockerfile 2018-01-22 19:47:44 -05:00
Brian Shumate dec64ecfd7 Update API endpoint references for revoke-prefix (#3828) 2018-01-22 18:04:43 -05:00
Brian Kassouf aa387bb4c2
Add compile tests to verify physical stores satisfy the correct interfaces (#3820) 2018-01-19 17:44:24 -08:00
Jeff Mitchell eb968c3617 Log sys/health errors 2018-01-19 19:59:58 -05:00
Chris Hoffman b22b065206 adding back -dr-token flag to generate-root command (#3818) 2018-01-19 19:25:45 -05:00
Jeff Mitchell 7d6fed2e86
Use a separate var for active node replication state (#3819) 2018-01-19 19:24:04 -05:00
Jeff Mitchell 395befc062 Update cache to satisfy Purge interface after context plumbing 2018-01-19 17:00:13 -05:00
Jeff Mitchell 43617619ad Embed derived contexts into replication clients 2018-01-19 07:22:31 -05:00
Jeff Mitchell e5e4307713 Add centrify plugin as builtin 2018-01-19 06:03:33 -05:00
Jeff Mitchell ffe3ae9118 Add gcp and kubernetes back now that they're updated 2018-01-19 05:56:34 -05:00
Jeff Mitchell 123e22cd7e Fix compile 2018-01-19 05:31:55 -05:00
Jeff Mitchell b4be030d07
Add context to barrier encryptor interface 2018-01-19 05:28:47 -05:00
Jeff Mitchell 31a7eb1168
Add context to barrier encryptor access 2018-01-19 05:24:40 -05:00
Jeff Mitchell 69aead14f0 A bit more context plumbing 2018-01-19 04:11:59 -05:00
Jeff Mitchell 33b68ebf3d Remove context from a few extraneous places 2018-01-19 03:44:06 -05:00
Jeff Mitchell 6be5b8e8a1 Don't use context in barrier type/recovery type 2018-01-19 03:17:36 -05:00
Brian Kassouf f8b03795f9
changelog++ 2018-01-18 23:49:51 -08:00
Jeff Mitchell 0f7e3bb79b Add context to performPolicyChecks 2018-01-19 02:43:39 -05:00
Brian Kassouf 13fddcb193
changelog++ 2018-01-18 23:40:36 -08:00
Jeff Mitchell c97e73ce70
Don't check recovery seal in Initialized() 
It doesn't actually matter and can give false positives.
 2018-01-19 01:55:33 -05:00
Brian Kassouf 2f19de0305 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Jeff Mitchell 85ceb198b8 bump go-plugin 2018-01-18 16:58:03 -05:00
Brian Kassouf 7050c1ca41
gRPC Backend Plugins (#3808) 
* Add grpc plugins

* Add grpc plugins

* Translate wrap info to/from proto

* Add nil checks

* Fix nil marshaling errors

* Provide logging through the go-plugin logger

* handle errors in the messages

* Update the TLS config so bidirectional connections work

* Add connectivity checks

* Restart plugin and add timeouts where context is not availible

* Add the response wrap data into the grpc system implementation

* Add leaseoptions to pb.Auth

* Add an error translator

* Add tests for translating the proto objects

* Fix rename of function

* Add tracing to plugins for easier debugging

* Handle plugin crashes with the go-plugin context

* Add test for grpcStorage

* Add tests for backend and system

* Bump go-plugin for GRPCBroker

* Remove RegisterLicense

* Add casing translations for new proto messages

* Use doneCtx in grpcClient

* Use doneCtx in grpcClient

* s/shutdown/shut down/
 2018-01-18 13:49:20 -08:00
Matthew Irish b701c418bf
changelog++ 2018-01-18 14:37:48 -06:00
Jeff Mitchell 842a3a4a05 Remove RegisterLicense from logical.Backend 
It's almost certainly the wrong signature and nothing uses it currently
anyways.
 2018-01-18 13:44:29 -05:00
Calvin Leung Huang 5cf07f9e63 changelog++ 2018-01-18 12:28:09 -05:00
Calvin Leung Huang f59069c22f
Don't call LeaseExtend on login renewal paths when period is provided (#3803) 
* Don't call LeaseExtend on login renewal paths when period is provided

* WIP tests

* NoopBackend accept backend ttl values

* Test period value on credentials backend

* Use t.Fatalf instead

* Remove mockCoreExpiration

* Add login renewal test for approle backend

* Add resp.Auth.Period check on aws and cert backend tests

* Pass in approle's period via role's period

* Correctly set period in valid-role's role

* Add period renewal test using TestCluster and approle backend

* Check for ttl values after renewals on test
 2018-01-18 12:19:18 -05:00
Jeff Mitchell b5c46a9419 changelog++ 2018-01-18 12:15:11 -05:00
samiam c59b5a1a88 Write password prompts to stderr to avoid co-mingling stdout (#3781) (#3782) 2018-01-18 12:14:19 -05:00
Jeff Mitchell dc4a95bf2d Enhance TLS client forwarding test to ensure each client is distinct 2018-01-18 12:01:07 -05:00
Jeff Mitchell b281e76089 Move around some logic to be neater 2018-01-18 11:47:24 -05:00
Jeff Mitchell cf895fc19a Actually print out forwarded stacktrace 2018-01-18 11:40:59 -05:00
Calvin Leung Huang 7752ebe45e Fix sys/health tests 2018-01-18 10:00:28 -05:00
Jeff Mitchell 8ec1c91408 changelog++ 2018-01-18 01:45:10 -05:00
Jeff Mitchell c231479a18
Fix max_ttl not being honored in database backend when default_ttl is zero (#3814) 
Fixes #3812
 2018-01-18 01:43:38 -05:00
Calvin Leung Huang bffaf9b0c3 Remove vlogger, add log.Logger to PolicyStore struct (#3813) 2018-01-18 01:01:51 -05:00
Jeff Mitchell ffc15201dd Allow API to return health response when in a custom state 2018-01-17 23:50:37 -05:00
Jeff Mitchell 5371b0489f Rename var from last commit 2018-01-17 23:08:35 -05:00
Jeff Mitchell 307a177540 Make heartbeatInterval a package var to allow tests to modify it 2018-01-17 23:05:11 -05:00
Jeff Mitchell 842e3cb5dd Add replication mode sys health information to Go API 2018-01-17 22:50:37 -05:00
Jeff Mitchell d1631346ce replication state -> replication mode in sys/health 2018-01-17 22:38:03 -05:00
Jeff Mitchell 6598182249 changelog++ 2018-01-17 22:19:23 -05:00
Jeff Mitchell a71c74aa3f
Add replication state to EchoReply (#3810) 2018-01-17 22:17:47 -05:00
Jeff Mitchell e3e89ecb40 changelog++ 2018-01-17 20:55:38 -05:00
Vishal Nayak b826c56686
SHA2-256 salting for AppID (#3806) 
* Use SHA2-256 hash with prefix to upgrade the paths

* test the SHA1 upgrade to SHA256

* Remove hash identifier and the delimiter; use 's' instead

* Added API test to verify the correctness of the fix

* Fix broken test

* remove unneeded test
 2018-01-17 19:48:32 -05:00
Jeff Mitchell 5a6a7900ae Change next major release of Vault to 0.11 or later to make it less scary 2018-01-17 19:31:52 -05:00
Jeff Mitchell cb0aee8229 changelog++ 2018-01-17 19:25:08 -05:00
Jeff Mitchell 2cbac864f0 changelog++ 2018-01-17 19:22:45 -05:00