Commit graph

161 commits

Author SHA1 Message Date
vishalnayak e3a1ee92b5 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell afae46feb7 SealInterface 2016-04-04 10:44:22 -04:00
Jeff Mitchell ddce1efd0d Two items:
1: Fix path check in core to handle renew paths from the token store
that aren't simply renew/
2: Use token policy logic if token store role policies are empty
2016-03-31 14:52:49 -04:00
Jeff Mitchell 8a5fc6b017 Sort and filter policies going into the create token entry, then use
that as the definitive source for the response Auth object.
2016-03-15 14:05:25 -04:00
Jeff Mitchell 90dd55b1e6 Sort policies before returning/storing, like we do in handleCreateCommon 2016-03-10 22:31:26 -05:00
vishalnayak 378db2bc3c Add default policy to response auth object 2016-03-10 19:55:38 -05:00
Jeff Mitchell fa2ba47a5c Merge branch 'master' into token-roles 2016-03-09 17:23:34 -05:00
Jeff Mitchell d4371d1393 Add accessor to returned auth 2016-03-09 17:15:42 -05:00
Jeff Mitchell cc1f5207b3 Merge branch 'master' into token-roles 2016-03-07 10:03:54 -05:00
Jeff Mitchell 9bf6c40974 Add default case for if the step down channel is blocked 2016-03-03 12:29:30 -05:00
Jeff Mitchell ef990a3681 Initial work on token roles 2016-03-01 12:41:40 -05:00
Jeff Mitchell 6a980b88fd Address review feedback 2016-02-28 21:51:50 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down'
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
2016-02-26 19:43:55 -05:00
vishalnayak a10888f1f1 Added comments to changes the error message 2016-02-03 11:35:47 -05:00
vishalnayak f1facb0f9f Throw error on sealing vault in standby mode 2016-02-03 10:58:33 -05:00
Jeff Mitchell 8b9fa042fe If the path is not correct, don't fail due to existence check, fail due to unsupported path 2016-01-23 14:05:09 -05:00
Jeff Mitchell 9cac7ccd0f Add some commenting 2016-01-22 10:13:49 -05:00
Jeff Mitchell 3955604d3e Address more list feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell b2bde47b01 Pull out setting the root token ID; use the new ParseUUID method in
go-uuid instead, and revoke if there is an error.
2016-01-19 19:44:33 -05:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell 9857da207c Move rekey to its own files for cleanliness 2016-01-14 17:01:04 -05:00
Jeff Mitchell 9c5ad28632 Update deps, and adjust usage of go-uuid to match new return values 2016-01-13 13:40:08 -05:00
Jeff Mitchell d949043cac Merge pull request #914 from hashicorp/acl-rework
More granular ACL capabilities
2016-01-12 21:11:52 -05:00
Jeff Mitchell da87d490eb Add some commenting around create/update 2016-01-12 15:13:54 -05:00
Jeff Mitchell 9db22dcfad Address some more review feedback 2016-01-12 15:09:16 -05:00
Jeff Mitchell f6d2271a3c Use an array of keys so that if the same fingerprint is used none are lost when using PGP key backup 2016-01-08 14:29:23 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities.
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 85509e7ba5 Simplify some logic and ensure that if key share backup fails, we fail
the operation as well.

Ping #907
2016-01-06 13:14:23 -05:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell 96cb7d0051 Commenting/format update 2015-12-18 10:34:54 -05:00
Jeff Mitchell 4482fdacfd If we have not yet completed post-unseal when running in single-node
mode, don't advertise that we are active.

Ping #872
2015-12-17 13:48:08 -05:00
Jeff Mitchell f2da5b639f Migrate 'uuid' to 'go-uuid' to better fit HC naming convention 2015-12-16 12:56:20 -05:00
Jeff Mitchell 7ce8aff906 Address review feedback 2015-12-14 17:58:30 -05:00
Jeff Mitchell ced0835574 Allow separate HA physical backend.
With no separate backend specified, HA will be attempted on the normal
physical backend.

Fixes #395.
2015-12-14 07:59:58 -05:00
Jeff Mitchell bc4c18a1cf Rearchitect MountTable locking and fix rollback.
The rollback manager was using a saved MountTable rather than the
current table, causing it to attempt to rollback unmounted mounts, and
never rollback new mounts.

In fixing this, it became clear that bad things could happen to the
mount table...the table itself could be locked, but the table pointer
(which is what the rollback manager needs) could be modified at any time
without locking. This commit therefore also returns locking to a mutex
outside the table instead of inside, and plumbs RLock/RUnlock through to
the various places that are reading the table but not holding a write
lock.

Both unit tests and race detection pass.

Fixes #771
2015-11-11 11:54:52 -05:00
Jeff Mitchell d6693129de Create a "default" policy with sensible rules.
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
2015-11-09 15:44:09 -05:00
Jeff Mitchell 7aa3faa626 Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 12:07:42 -05:00
Jeff Mitchell a9db12670a errwrap -> go-multierror + errwrap 2015-11-02 13:29:33 -05:00
Jeff Mitchell 7e9918ec8e Run preSeal if postUnseal fails.
This also ensures that every error path out of postUnseal returns an
error.

Fixes #733
2015-11-02 13:29:33 -05:00
Jeff Mitchell 94b7be702b Return data on a token with one use left if there is no Lease ID
Fixes #615
2015-10-30 12:35:42 -04:00
Jeff Mitchell 636d57a026 Make the token store's Create and RootToken functions non-exported.
Nothing requires them to be exported, and I don't want anything in the
future to think it's okay to simply create a root token when it likes.
2015-10-30 10:59:26 -04:00
Jeff Mitchell c1d8b97342 Add reset support to the unseal command.
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell 78b5fcdf51 Serialize changing the state of the expiration manager pointer and
calling emitMetrics from its own goroutine.

Fixes #694
2015-10-12 16:33:54 -04:00
Jeff Mitchell a9155ef85e Use split-out hashicorp/uuid 2015-10-12 14:07:12 -04:00
Jeff Mitchell 5fbaa0e64d Apply mount-tune properties to the token authentication backend.
Fixes #688.
2015-10-09 20:26:39 -04:00
Jeff Mitchell bd1dce7f95 Address review feedback for #684 2015-10-08 14:34:10 -04:00
Jeff Mitchell d58a3b601c Add a cleanLeaderPrefix function to clean up stale leader entries in core/leader
Fixes #679.
2015-10-08 14:04:58 -04:00
Jeff Mitchell 21644751ed Fix the key rotation upgrade check error message 2015-10-05 18:23:32 -04:00