Commit Graph

613 Commits

Author SHA1 Message Date
vishalnayak 68367f60c8 Fix broken testcases 2016-03-17 21:03:32 -04:00
vishalnayak d348735322 Fix help descriptions 2016-03-17 21:03:32 -04:00
vishalnayak f275cd2e9c Fixed capabilities API to receive logical response 2016-03-17 21:03:32 -04:00
vishalnayak a5d79d587a Refactoring the capabilities function 2016-03-17 21:03:32 -04:00
vishalnayak dcb7f00bcc Move sys/capabilities to logical_system along with business logic from core 2016-03-17 21:03:32 -04:00
vishalnayak 2b712bc778 Move capabilities accessor logic to logical_system 2016-03-17 21:03:32 -04:00
vishalnayak dd94e8e689 Fix broken test case 2016-03-14 18:44:13 -04:00
vishalnayak ba50a14736 Refactor fetching sys/health parameters 2016-03-11 09:52:31 -05:00
Jeff Mitchell 77b90c6745 Add query parameters to `/sys/health` to specify return codes.
Fixes #1199
2016-03-11 00:41:25 -05:00
Jeff Mitchell fa2ba47a5c Merge branch 'master' into token-roles 2016-03-09 17:23:34 -05:00
vishalnayak f478cc57e0 fix all the broken tests 2016-03-09 13:45:36 -05:00
vishalnayak c4a2c5b56e Added tests for 'sys/capabilities-accessor' endpoint 2016-03-09 11:29:09 -05:00
vishalnayak 151c932875 AccessorID --> Accessor, accessor_id --> accessor 2016-03-09 06:23:31 -05:00
vishalnayak 62777c9f7e ErrUserInput --> StatusBadRequest 2016-03-08 21:47:24 -05:00
vishalnayak 8117996378 Implemented /sys/capabilities-accessor and a way for setting HTTP error code in all the responses 2016-03-08 19:14:29 -05:00
vishalnayak 2737c81b39 Lay the foundation for returning proper HTTP status codes 2016-03-08 18:27:03 -05:00
vishalnayak 301776012f Introduced AccessorID in TokenEntry and returning it along with token 2016-03-08 14:06:10 -05:00
vishalnayak 08c40c9bba Introduced ErrUserInput to distinguish user error from server error 2016-03-07 22:16:09 -05:00
vishalnayak 3b463c2d4e use errwrap to check the type of error message, fix typos 2016-03-07 18:36:26 -05:00
Jeff Mitchell cc1f5207b3 Merge branch 'master' into token-roles 2016-03-07 10:03:54 -05:00
vishalnayak aab24113b0 test cases for capabilities endpoint 2016-03-05 00:03:55 -05:00
vishalnayak 9946a2d8b5 refactoring changes due to acl.Capabilities 2016-03-04 18:55:48 -05:00
vishalnayak 7fe871e60a Removing the 'Message' field 2016-03-04 10:36:03 -05:00
vishalnayak b67ab8ab7c Test files for capabilities endpoint 2016-03-04 10:36:03 -05:00
vishalnayak 816f1f8631 self review rework 2016-03-04 10:36:03 -05:00
vishalnayak 286e63a648 Handled root token use case 2016-03-04 10:36:03 -05:00
vishalnayak 07f9486ecb Added capabilities and capabilities-self endpoints to http muxer 2016-03-04 10:36:03 -05:00
vishalnayak a885f9e8d2 Refactor http/sys_capabilities.go 2016-03-04 10:36:03 -05:00
vishalnayak 5749a6718c Added sys/capabililties endpoint 2016-03-04 10:36:02 -05:00
Jeff Mitchell 3e7bca82a1 Merge pull request #1146 from hashicorp/step-down
Provide 'sys/step-down' and 'vault step-down'
2016-03-03 12:30:08 -05:00
Jeff Mitchell 6ed5d10580 Remove proxy function as it's unneeded now 2016-03-02 14:55:51 -05:00
Jeff Mitchell 9c47b8c0a7 Remove sys_policy from special handling as it's implemented in
logical_system too. Clean up the mux handlers.
2016-03-02 14:16:54 -05:00
Jeff Mitchell 7b4478faba Add a sleep in the RedirectStandby test to try to fix raciness 2016-03-02 12:06:16 -05:00
Jeff Mitchell df2e337e4c Update tests to add expected role parameters 2016-03-01 12:41:40 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down'
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
2016-02-26 19:43:55 -05:00
Jeff Mitchell 434962c632 We treat put/post the same, so allow init to use POST 2016-02-22 20:22:31 -05:00
Jeff Mitchell 76923aa28a Add the server's time in UTC to the health response. 2016-02-22 19:51:18 -05:00
Jeff Mitchell 8510dbad05 Verify that nonces are non-empty in tests 2016-02-12 15:35:26 -05:00
Jeff Mitchell 5f5542cb91 Return status for rekey/root generation at init time. This mitigates a
(very unlikely) potential timing attack between init-ing and fetching
status.

Fixes #1054
2016-02-12 14:24:36 -05:00
Jeff Mitchell ff3adce39e Make "ttl" reflect the actual TTL of the token in lookup calls.
Add a new value "creation_ttl" which holds the value at creation time.

Fixes #986
2016-02-01 11:16:32 -05:00
Jeff Mitchell 88310ca538 Fix up unit tests to expect new values 2016-01-29 19:36:56 -05:00
Jeff Mitchell 7d1d003ba0 Update documentation and use ParseBool for list query param checking 2016-01-22 10:07:32 -05:00
Jeff Mitchell 455931873a Address some review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell 5341cb69cc Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell 9042315973 Add handling of LIST verb to logical router 2016-01-22 10:07:32 -05:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell 386aa408b7 Remove need for PUT in rekey. We've decided that POST and PUT are to
stay as synonyms for writes, so there's no reason to limit it for this
operation.
2016-01-14 16:52:34 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities.
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 455acc255b Have 'sys/renew' return the value provided in Secret.
Fixes a regression introduced in 0.3.
2016-01-07 11:35:09 -05:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell f6ff39ffb0 Fix StandbyRedirect test 2015-12-17 13:58:16 -05:00
Jeff Mitchell 7ce8aff906 Address review feedback 2015-12-14 17:58:30 -05:00
Jeff Mitchell ced0835574 Allow separate HA physical backend.
With no separate backend specified, HA will be attempted on the normal
physical backend.

Fixes #395.
2015-12-14 07:59:58 -05:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell d6693129de Create a "default" policy with sensible rules.
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
2015-11-09 15:44:09 -05:00
Jeff Mitchell 5783f547ab Display whether a token is an orphan on lookup. 2015-11-09 13:19:59 -05:00
Jeff Mitchell 7aa3faa626 Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 12:07:42 -05:00
Jeff Mitchell c1d8b97342 Add reset support to the unseal command.
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell 22c65c0c07 Use cleanhttp instead of bare http.Client 2015-10-22 14:37:12 -04:00
Jeff Mitchell cba4e82682 Don't use http.DefaultClient
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
2015-10-15 17:54:00 -04:00
Jeff Mitchell c7cec2aabc Add unit tests 2015-10-07 20:17:06 -04:00
Jeff Mitchell 10d24779c0 Rename GetWarnings->Warnings for responses 2015-10-07 16:18:39 -04:00
Jeff Mitchell d740fd4a6a Add the ability for warnings to be added to responses. These are
marshalled into JSON or displayed from the CLI depending on the output
mode. This allows conferring information such as "no such policy exists"
when creating a token -- not an error, but something the user should be
aware of.

Fixes #676
2015-10-07 16:18:39 -04:00
Jeff Mitchell 62ac518ae7 Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend. 2015-09-25 10:41:21 -04:00
Jeff Mitchell d775445efe Store token creation time and TTL. This can be used to properly populate
fields in 'lookup-self'. Importantly, this also makes credential
backends use the SystemView per-backend TTL values and fixes unit tests
to expect this.

Fully fixes #527
2015-09-18 16:39:35 -04:00
Jeff Mitchell 77e7379ab5 Implement the cubbyhole backend
In order to implement this efficiently, I have introduced the concept of
"singleton" backends -- currently, 'sys' and 'cubbyhole'. There isn't
much reason to allow sys to be mounted at multiple places, and there
isn't much reason you'd need multiple per-token storage areas. By
restricting it to just one, I can store that particular mount instead of
iterating through them in order to call the appropriate revoke function.

Additionally, because revocation on the backend needs to be triggered by
the token store, the token store's salt is kept in the router and
client tokens going to the cubbyhole backend are double-salted by the
router. This allows the token store to drive when revocation happens
using its salted tokens.
2015-09-15 13:50:37 -04:00
Jeff Mitchell ace611d56d Address items from feedback. Make MountConfig use values rather than
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
Jeff Mitchell eff1c331ad Add more unit tests against backend TTLs, and fix two bugs found by them
(yay unit tests!)
2015-09-10 15:09:54 -04:00
Jeff Mitchell 86ccae7bd5 Fix mount config test by proxying mounts/ in addition to mounts 2015-09-10 15:09:54 -04:00
Jeff Mitchell 775dfe38a2 A couple bug fixes + most unit tests 2015-09-10 15:09:54 -04:00
Jeff Mitchell 6efcbe3a9f Allow POST as well as PUT for seal/unseal command, fits in more with how logical handles things 2015-09-10 15:09:53 -04:00
Jeff Mitchell 696d0c7b1d Plumb per-mount config options through API 2015-09-10 15:09:53 -04:00
Jeff Mitchell 4596ed6484 Remove custom http/sys_auth handler in favor of logical. Unit tests
pass.
2015-08-28 13:42:01 -07:00
Jeff Mitchell 6bc86cfee1 Use logical passthrough for renew API calls 2015-08-26 13:22:16 -07:00
Jeff Mitchell 17cbd9e1ca If JSON decoding fails, make it clear that the problem is failing to
parse the JSON, rather than returning the possibly confusing error from
the JSON decoder.

Fixes #553.
2015-08-26 07:03:33 -07:00
Jeff Mitchell cc232e6f79 Address comments from review. 2015-08-25 15:33:58 -07:00
Jeff Mitchell c887df93cc Add support for pgp-keys argument to rekey, as well as tests, plus
refactor common bits out of init.
2015-08-25 14:52:13 -07:00
Jeff Mitchell 2f3e245b0b Add support for "pgp-tokens" parameters to init.
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
2015-08-25 14:52:13 -07:00
Jeff Mitchell a8ef0e8a80 Remove cookie authentication. 2015-08-21 19:46:23 -07:00
Jeff Mitchell 93ef9a54bd Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Jeff Mitchell c84ccc08d4 sys_mount.go is now unnecessary 2015-08-20 14:09:15 -07:00
Jeff Mitchell 271255b008 Send sys mounting logic directly to logical backend. Unit tests run. 2015-08-20 13:59:57 -07:00
Jeff Mitchell 15f57082e0 Begin factoring out sys paths into logical routes. Also, standardize on 307 as redirect code. 2015-08-20 13:20:35 -07:00
Caleb Tennis 4da080e769 This adds a new error class which can be used by logical backends to
specify more concrete error cases to make their way back up the stack.

Over time there is probably a cleaner way of doing this, but that's
looking like a more massive rewrite and this solves some issues in
the meantime.

Use a CodedError to return a more concrete HTTP return code for
operations you want to do so.  Returning a regular error leaves
the existing behavior in place.
2015-08-10 13:27:25 -04:00
Armon Dadgar 0521c6df6c http: support ?standbyok for 200 status on standby. Fixes #389 2015-07-02 17:49:35 -07:00
Armon Dadgar 3bc388f30d Merge pull request #366 from nbrownus/http_responses
Better http responses
2015-06-29 15:31:45 -07:00
Armon Dadgar 496ebe561c vault: cleanups for the audit log changes 2015-06-29 15:27:28 -07:00
Nate Brown 31ab086063 Doing a little better with http response codes 2015-06-19 14:00:48 -07:00
Nate Brown c55f103c58 Adding error and remote_address to audit log lines 2015-06-18 17:17:18 -07:00
Seth Vargo 79388d2446 Accept PUT as well as post to sys/mounts 2015-06-16 13:02:21 -04:00
Armon Dadgar 7964fa4d86 http: adding rekey handlers 2015-05-28 14:28:50 -07:00
Armon Dadgar af47c72639 http: adding key-status and rotate handlers 2015-05-27 18:02:50 -07:00
Armon Dadgar 8ee5aebb3c vault: testing raw responses 2015-05-27 14:19:12 -07:00
Armon Dadgar 11c625fea2 http: support raw HTTP output 2015-05-27 14:10:00 -07:00
Jonathan Sokolowski be2538aca3 http: Extract IP from RemoteAddr correctly 2015-05-20 15:23:41 +10:00
Ian Unruh 63199e5af4 HTTP should return 503 when sealed 2015-05-19 00:59:19 -07:00
Armon Dadgar 42b28ca03d http: PUT to sys/auth should be the same as POST 2015-05-12 17:57:39 -07:00
Mitchell Hashimoto 42d6b2a916 http: allow header for auth token [GH-124] 2015-05-11 10:56:58 -07:00
Seth Vargo 95c8001388 Disable mlock in tests 2015-04-28 22:18:00 -04:00
Armon Dadgar d258be6093 http: avoid authenticating as new token for auth/token/create 2015-04-27 15:17:59 -07:00
Seth Vargo ee6963ee01 Use lowercase JSON keys for client_token 2015-04-24 12:00:00 -04:00
Armon Dadgar cca4580db8 Merge pull request #29 from hashicorp/f-health
Adding sys/health for Consul HTTP health monitoring
2015-04-23 11:58:58 -07:00
Armon Dadgar 667a1bf2d8 http: adding sys/health endpoint 2015-04-23 11:53:31 -07:00
Mitchell Hashimoto 978d324c43 http: allow trailing slash on GET /sys/auth 2015-04-22 07:55:51 +02:00
Mitchell Hashimoto bfaf52c34e http: fix redirect issues with trailing slashes 2015-04-22 07:55:40 +02:00
Armon Dadgar f9501c4981 http: Adding sys/leader endpoint 2015-04-20 11:59:24 -07:00
Mitchell Hashimoto 86ea943537 http: fix some error returns to use the common helper 2015-04-19 22:40:50 -07:00
Mitchell Hashimoto 0ebf2508e0 command/policy-delete 2015-04-19 16:36:11 -07:00
Armon Dadgar c7d521b2be http: pass raw request through 2015-04-19 14:36:50 -07:00
Armon Dadgar 6f5b4637fb http: support standby redirects 2015-04-19 13:47:57 -07:00
Armon Dadgar 76c6c18826 http: split testing methods 2015-04-19 13:47:56 -07:00
Mitchell Hashimoto a44eb0dcd0 http: renew endpoints 2015-04-13 20:42:07 -07:00
Armon Dadgar 466c7575d3 Replace VaultID with LeaseID for terminology simplification 2015-04-08 13:35:32 -07:00
Mitchell Hashimoto 6015a8d7c2 http: handle errors better 2015-04-08 11:19:03 -07:00
Mitchell Hashimoto d97d9b928a command/token-revoke 2015-04-07 14:36:17 -07:00
Mitchell Hashimoto ee690ee3b3 command/token-create 2015-04-07 14:20:18 -07:00
Mitchell Hashimoto 065650b88d http: make POST to WriteOperation 2015-04-07 14:00:09 -07:00
Mitchell Hashimoto 37f58dec59 http: logical delete support 2015-04-07 11:04:06 -07:00
Mitchell Hashimoto fe9dbc6616 http: remount verbs 2015-04-07 10:55:18 -07:00
Mitchell Hashimoto f9f7001242 http: remount 2015-04-07 10:54:58 -07:00
Mitchell Hashimoto 2c1d334156 http: fix tests 2015-04-04 17:42:19 -07:00
Mitchell Hashimoto aabcaee0c0 api: add auth information to results 2015-04-04 15:40:41 -07:00
Mitchell Hashimoto 020af2fac2 http: help 2015-04-02 22:26:45 -07:00
Mitchell Hashimoto 20d6fdf83f command/policy-write 2015-04-01 23:00:15 -07:00
Mitchell Hashimoto 6218c2729d http: audit endpoints 2015-04-01 18:36:13 -07:00
Mitchell Hashimoto c25b7010d9 http: all policy endpoints 2015-04-01 17:59:50 -07:00
Mitchell Hashimoto fce856d19c http: list policies 2015-04-01 17:43:58 -07:00
Mitchell Hashimoto 4e8efbbd48 http: respondCommon to do common responses 2015-03-31 21:29:53 -07:00
Mitchell Hashimoto 795e117867 http: detect errors in logical and return them properly 2015-03-31 21:24:20 -07:00
Mitchell Hashimoto aba7fc1910 http: auth handlers 2015-03-31 20:24:51 -07:00
Mitchell Hashimoto ed2cc3a769 http: revoke-prefix 2015-03-31 19:23:32 -07:00
Mitchell Hashimoto bbaa137f4e command/revoke: revoke 2015-03-31 19:21:02 -07:00
Mitchell Hashimoto ed129880fd http: /sys/seal requires a token 2015-03-31 11:45:44 -07:00
Mitchell Hashimoto 0666bda865 vault: require root token for seal 2015-03-31 09:59:02 -07:00
Mitchell Hashimoto 85de47ef61 http: /sys/seal-status should return 400 if still uninitialized 2015-03-30 23:36:03 -07:00
Mitchell Hashimoto 78a783a1b9 command/meta: tests passing 2015-03-30 23:30:30 -07:00
Mitchell Hashimoto e9b20c7ae3 http: handle redirects and set auth cookies 2015-03-30 21:06:15 -07:00
Mitchell Hashimoto cfce19d9a8 http: remove /sys/login 2015-03-30 20:28:52 -07:00
Mitchell Hashimoto e46cc7cc87 http: start implementing /sys/login (incomplete) 2015-03-30 12:21:06 -07:00
Mitchell Hashimoto 8c1b90f591 http: root token in init 2015-03-29 16:22:09 -07:00
Mitchell Hashimoto 4cacaf62f0 http: support auth 2015-03-29 16:14:54 -07:00
Armon Dadgar 2024c7a155 Fixing compilation errors due to API change 2015-03-24 16:20:05 -07:00
Mitchell Hashimoto 1ff229ca68 http: passing tests 2015-03-19 23:28:49 +01:00
Armon Dadgar e85cd66b30 all: Removing fields from Lease 2015-03-16 13:29:51 -07:00
Mitchell Hashimoto de1e28a77c vault: change to /sys/mounts 2015-03-16 10:52:35 -07:00
Mitchell Hashimoto 4161f7a440 http: fix mount endpoints 2015-03-16 10:51:13 -07:00
Mitchell Hashimoto 0e61d88b31 http: /v1/sys/mount DELETE 2015-03-16 10:41:08 -07:00
Mitchell Hashimoto e3a796028e http: /v1/sys/mount endpoint 2015-03-16 10:36:43 -07:00
Mitchell Hashimoto 850349425a http: /sys/mounts 2015-03-15 21:18:25 -07:00
Mitchell Hashimoto 341d71c91d http: 404 if reading secret that doesn't exist 2015-03-15 19:42:24 -07:00
Mitchell Hashimoto 742923452b http: generic read/write endpoint for secrets 2015-03-15 19:35:04 -07:00
Mitchell Hashimoto ab722a5ec2 fix all tests 2015-03-15 17:10:33 -07:00
Mitchell Hashimoto 5fbe17e8df logical/testing: acceptance testttttttt 2015-03-15 16:52:19 -07:00
Mitchell Hashimoto 1bd0772986 http: make TestServer public 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto f43a0290cf vault: public testing methods 2015-03-13 12:53:09 -07:00
Mitchell Hashimoto d35b8eaa6f http: init endpoints 2015-03-12 12:37:54 -07:00
Mitchell Hashimoto 319500748a http: mask user error away from unseal since its not actionable 2015-03-12 11:26:59 -07:00
Mitchell Hashimoto 1baf86b061 http: test all seal endpoints 2015-03-12 11:12:44 -07:00
Mitchell Hashimoto 352ad00e68 http: prefix with v1 2015-03-12 10:47:31 -07:00
Mitchell Hashimoto 562ef24d83 http: tests 2015-03-12 10:46:45 -07:00
Mitchell Hashimoto cacb209471 http: start the API server 2015-03-11 23:05:16 -07:00