open-vault

Author	SHA1	Message	Date
Bernhard K. Weisshuhn	86cde438a5	avoid dashes in generated usernames for cassandra to avoid quoting issues	2015-08-20 11:15:28 +02:00
Armon Dadgar	aefb92b74c	Merge pull request #534 from ctennis/lease_reader Fix #533, add a reader for lease values (#529) and an acceptance test for mysql to prove it works	2015-08-18 19:00:18 -07:00
Jeff Mitchell	3cc4bd0b96	Fix AWS, again, and update Godeps.	2015-08-18 18:12:51 -07:00
Caleb Tennis	a36910799e	Fix #533 , add a reader for lease values (#529 ) and an acceptance test for mysql to prove it works	2015-08-13 15:33:06 -04:00
Armon Dadgar	d1a09e295a	Merge pull request #509 from ekristen/github-fix Reimplements #459	2015-08-11 10:06:10 -07:00
Armon Dadgar	3b9a6d5e33	Fixing merge conflict	2015-08-11 10:04:47 -07:00
Erik Kristensen	611965844b	reimplements #459	2015-08-09 11:25:45 -06:00
Michael S. Fischer	21ab4d526c	Provide working example of TLS certificate authentication Fixes #474	2015-08-07 15:15:53 -07:00
Erik Kristensen	ae34ec2bff	adding basic tests	2015-08-06 17:50:34 -06:00
Erik Kristensen	2233f993ae	initial pass at JWT secret backend	2015-08-06 17:49:44 -06:00
Paul Hinze	fc9de56736	Update vault code to match latest aws-sdk-go APIs	2015-08-06 11:37:08 -05:00
Seth Vargo	bfd4b818b8	Update to latest aws and move off of hashicorp/aws-sdk-go	2015-08-06 12:26:41 -04:00
Erik Kristensen	26387f6535	remove newline	2015-08-03 16:34:24 -06:00
Erik Kristensen	f9c49f4a57	fix bug #488	2015-08-03 15:47:30 -06:00
Rusty Ross	719ac6e714	update doc for app-id make clearer in doc that user-id can accept multiple app-id mappngs as comma-separated values	2015-08-03 09:44:26 -07:00
Armon Dadgar	03728af495	Merge pull request #464 from bgirardeau/master Add Multi-factor authentication with Duo	2015-07-30 17:51:31 -07:00
Bradley Girardeau	aa55d36f03	Clean up naming and add documentation	2015-07-30 17:36:40 -07:00
Bradley Girardeau	d26b77b4f4	mfa: code cleanup	2015-07-28 11:55:46 -07:00
Bradley Girardeau	6697012dd3	mfa: improve edge cases and documentation	2015-07-27 21:14:00 -07:00
Bradley Girardeau	06863d08f0	mfa: add to userpass backend	2015-07-27 21:14:00 -07:00
Bradley Girardeau	4eb1beb31c	ldap: add mfa support to CLI	2015-07-27 21:14:00 -07:00
Bradley Girardeau	8fa5a349a5	ldap: add mfa to LDAP login	2015-07-27 21:14:00 -07:00
Raymond Pete	1ca09a74b3	name slug check	2015-07-26 22:21:16 -04:00
Bradley Girardeau	e8d26d244b	ldap: change setting user policies to setting user groups	2015-07-20 11:33:39 -07:00
Bradley Girardeau	301a22295d	ldap: add ability to set policies based on username as well as groups	2015-07-14 15:46:15 -07:00
Bradley Girardeau	0e2edc2378	ldap: add ability to login with a userPrincipalName (user@upndomain)	2015-07-14 15:37:46 -07:00
Armon Dadgar	504a7ca7c1	auth/userpass: store password as hash instead of direct. Credit @kenbreeman	2015-07-13 15:09:24 +10:00
Armon Dadgar	da4650ccb4	auth/userpass: protect against timing attack. Credit @kenbreeman	2015-07-13 15:01:18 +10:00
Armon Dadgar	599d5f1431	auth/app-id: protect against timing attack. Credit @kenbreeman	2015-07-13 14:58:18 +10:00
Armon Dadgar	96d6455ef5	audit: properly restore TLS state	2015-07-08 16:45:15 -06:00
Armon Dadgar	0be3d419c8	secret/transit: address PR feedback	2015-07-05 19:58:31 -06:00
Armon Dadgar	8293457633	secret/transit: use base64 for context to allow binary	2015-07-05 14:37:51 -07:00
Armon Dadgar	f0eec18cc7	secret/transit: testing key derivation	2015-07-05 14:30:45 -07:00
Armon Dadgar	143cd0875e	secret/transit: support key derivation in encrypt/decrypt	2015-07-05 14:19:24 -07:00
Armon Dadgar	ae9591004b	secret/transit: check for context for derived keys	2015-07-05 14:12:07 -07:00
Armon Dadgar	b30dbce404	secret/transit: support derived keys	2015-07-05 14:11:02 -07:00
Bradley Girardeau	42050fe77b	ldap: add starttls support and option to specificy ca certificate	2015-07-02 15:49:51 -07:00
Jeff Mitchell	13c5fe0a16	Fix regexes to allow hyphens in role names, as the documentation shows	2015-07-01 20:39:18 -05:00
Armon Dadgar	b52d3e6506	cred/app-id: testing upgrade to salted keys	2015-06-30 18:37:10 -07:00
Armon Dadgar	eeb717c901	cred/app-id: first pass at automatic upgrading to salting	2015-06-30 18:09:08 -07:00
Armon Dadgar	4b27e4d8c5	Remove SetLogger, and unify on framework.Setup	2015-06-30 17:45:20 -07:00
Armon Dadgar	5d69e7da90	Updating for backend API change	2015-06-30 17:36:12 -07:00
Armon Dadgar	8bc99f8c23	helper/uuid: single generateUUID definition	2015-06-30 12:38:32 -07:00
Armon Dadgar	3c58773598	Merge pull request #380 from kgutwin/cert-cli Enable TLS client cert authentication via the CLI	2015-06-30 11:44:28 -07:00
Armon Dadgar	b1f7e2f0ea	ldap: fixing merge conflict	2015-06-30 09:40:43 -07:00
Jeff Mitchell	762108d9eb	Put timestamp back into the username. Since Cassandra doesn't support expiration, this can be used by scripts to manually clean up old users if revocation fails for some reason. Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>	2015-06-30 11:15:46 -04:00
Jeff Mitchell	42b90fa9b9	Address some issues from code review. Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>	2015-06-30 09:27:23 -04:00
Jeff Mitchell	fccbc587c6	A Cassandra secrets backend. Supports creation and deletion of users in Cassandra using flexible CQL queries. TLS, including client authentication, is supported. Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>	2015-06-30 09:04:01 -04:00
Karl Gutwin	0062d923cc	Better error messages.	2015-06-30 08:59:38 -04:00
Karl Gutwin	a54ba31635	Merge remote-tracking branch 'upstream/master' into cert-cli	2015-06-30 08:31:00 -04:00

1 2 3 4

185 commits