Armon Dadgar
8293457633
secret/transit: use base64 for context to allow binary
2015-07-05 14:37:51 -07:00
Armon Dadgar
f0eec18cc7
secret/transit: testing key derivation
2015-07-05 14:30:45 -07:00
Armon Dadgar
143cd0875e
secret/transit: support key derivation in encrypt/decrypt
2015-07-05 14:19:24 -07:00
Armon Dadgar
ae9591004b
secret/transit: check for context for derived keys
2015-07-05 14:12:07 -07:00
Armon Dadgar
b30dbce404
secret/transit: support derived keys
2015-07-05 14:11:02 -07:00
Armon Dadgar
81f39fbc16
helper/kdf: changing argument name for clarity
2015-07-05 14:01:56 -07:00
Armon Dadgar
bd347e0430
helper/kdf: adding lib for key derivation from NIST800-108
2015-07-05 14:01:21 -07:00
Armon Dadgar
0521c6df6c
http: support ?standbyok for 200 status on standby. Fixes #389
2015-07-02 17:49:35 -07:00
Armon Dadgar
8659f0cd9d
Merge pull request #391 from bgirardeau/master
...
LDAP Auth - Add StartTLS and server CA certificate options
2015-07-02 17:19:42 -07:00
Bradley Girardeau
42050fe77b
ldap: add starttls support and option to specificy ca certificate
2015-07-02 15:49:51 -07:00
Armon Dadgar
f6f95d5f2b
Merge pull request #386 from jefferai/f-align-pki-documentation
...
Fix regexes to allow hyphens in PKI role names, as the documentation shows
2015-07-01 18:42:11 -07:00
Jeff Mitchell
13c5fe0a16
Fix regexes to allow hyphens in role names, as the documentation shows
2015-07-01 20:39:18 -05:00
Armon Dadgar
3f189f2c57
CHANGELOG updates
2015-07-01 16:53:00 -07:00
Armon Dadgar
b52d3e6506
cred/app-id: testing upgrade to salted keys
2015-06-30 18:37:10 -07:00
Armon Dadgar
eeb717c901
cred/app-id: first pass at automatic upgrading to salting
2015-06-30 18:09:08 -07:00
Armon Dadgar
cf82f4d6d6
logical/testing: Allow factory to be provided instead of Backend
2015-06-30 18:08:43 -07:00
Armon Dadgar
4b27e4d8c5
Remove SetLogger, and unify on framework.Setup
2015-06-30 17:45:20 -07:00
Armon Dadgar
541014e315
logical: remove SetLogger method
2015-06-30 17:39:39 -07:00
Armon Dadgar
5d69e7da90
Updating for backend API change
2015-06-30 17:36:12 -07:00
Armon Dadgar
41b72a4d39
vault: provide view to backend initializer for setup
2015-06-30 17:30:43 -07:00
Armon Dadgar
3084f64e5c
helper/salt: track if salt was generated
2015-06-30 16:47:49 -07:00
Armon Dadgar
e892d728a2
logical/framework: support Salt in PathMap
2015-06-30 14:28:45 -07:00
Armon Dadgar
579c1433a2
vault: use helper/salt library to share code
2015-06-30 14:08:21 -07:00
Armon Dadgar
a2eb1210a7
helper/salt: adding little helper for salting
2015-06-30 14:04:18 -07:00
Armon Dadgar
8bc99f8c23
helper/uuid: single generateUUID definition
2015-06-30 12:38:32 -07:00
Armon Dadgar
19b127f9f2
Godep updating dependencies
2015-06-30 12:07:00 -07:00
Armon Dadgar
e025c33ab9
command: source general options docs from common source
2015-06-30 12:01:23 -07:00
Armon Dadgar
3c58773598
Merge pull request #380 from kgutwin/cert-cli
...
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Armon Dadgar
b8f2e8d498
website: document insecure_tls for LDAP backend
2015-06-30 09:42:18 -07:00
Armon Dadgar
d8a74f3307
Merge branch 'esell-master'
2015-06-30 09:41:01 -07:00
Armon Dadgar
b1f7e2f0ea
ldap: fixing merge conflict
2015-06-30 09:40:43 -07:00
Armon Dadgar
5aa4537389
Merge pull request #363 from jefferai/f-logical-cassandra
...
Cassandra logical backend
2015-06-30 09:38:22 -07:00
Jeff Mitchell
762108d9eb
Put timestamp back into the username. Since Cassandra doesn't support expiration, this can be used by scripts to manually clean up old users if revocation fails for some reason.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 11:15:46 -04:00
Jeff Mitchell
42b90fa9b9
Address some issues from code review.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:27:23 -04:00
Karl Gutwin
70fc49be84
Website docs.
2015-06-30 09:18:39 -04:00
Karl Gutwin
c12734b27c
CLI docs
2015-06-30 09:04:57 -04:00
Jeff Mitchell
fccbc587c6
A Cassandra secrets backend.
...
Supports creation and deletion of users in Cassandra using flexible CQL queries.
TLS, including client authentication, is supported.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin
0062d923cc
Better error messages.
2015-06-30 08:59:38 -04:00
Karl Gutwin
a54ba31635
Merge remote-tracking branch 'upstream/master' into cert-cli
2015-06-30 08:31:00 -04:00
Karl Gutwin
dafcc5b2ce
enable CLI cert login
2015-06-29 23:29:41 -04:00
esell
c0e1843263
change skipsslverify to insecure_tls
2015-06-29 19:23:31 -06:00
Armon Dadgar
12d3aee58e
audit: fixing panic caused by tls connection state. Fixes #322
2015-06-29 17:16:17 -07:00
Armon Dadgar
b6e422a0a5
Updating godep
2015-06-29 16:44:02 -07:00
Armon Dadgar
c27d214280
Merge pull request #379 from hashicorp/sethvargo/authorship
...
Restore authorship on commits
2015-06-29 16:42:36 -07:00
Christian Svensson
3c000f5129
Update Godeps for go-ldap/ldap
2015-06-29 19:03:51 -04:00
Christian Svensson
862a04f7ad
Pass ServerName for LDAPS TLS connection validation
2015-06-29 19:01:11 -04:00
Christian Svensson
f862083dc1
Use go-ldap/ldap's ParseDN to extract group name from DN
2015-06-29 19:01:02 -04:00
Christian Svensson
1d177ea6d9
Allow almost all leagal LDAP names to be used
...
Implement LDAP escaping according to RFC 4514 to allow
complex LDAP usernames to be used.
Leaving ASN BER encoded values unsupported for now.
2015-06-29 19:00:53 -04:00
Armon Dadgar
3bc388f30d
Merge pull request #366 from nbrownus/http_responses
...
Better http responses
2015-06-29 15:31:45 -07:00
Armon Dadgar
496ebe561c
vault: cleanups for the audit log changes
2015-06-29 15:27:28 -07:00