Vishal Nayak
ad09acb479
Use Vault client's scheme for auto discovery ( #2146 )
2016-12-02 11:24:57 -05:00
Jeff Mitchell
3397d55722
Better handle nil responses in logical unwrap
2016-12-01 16:38:08 -05:00
Jeff Mitchell
0f5b847748
Fix panic when unwrapping if the server EOFs
2016-11-29 16:50:07 -05:00
Jeff Mitchell
97ca3292a4
Set number of pester retries to zero by default and make seal command… ( #2093 )
...
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500
* Fix build
* Use 403 instead and update test
* Change another 500 to 403
2016-11-16 14:08:09 -05:00
Jeff Mitchell
12e986c6ec
Fix unwrap CLI command when there is no client token set. ( #2077 )
2016-11-08 11:36:15 -05:00
Jeff Mitchell
22b5bd54e3
change api so if wrapping token is the same as the client token it doesn't set it in the body
2016-10-27 12:15:30 -04:00
Jeff Mitchell
4072ac0eb9
Fix NOT logical bug.
...
Ping #2014
2016-10-18 09:51:45 -04:00
Jeff Mitchell
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
Jeff Mitchell
f0203741ff
Change default TTL from 30 to 32 to accommodate monthly operations ( #1942 )
2016-09-28 18:32:49 -04:00
Jeff Mitchell
722e26f27a
Add support for PGP encrypting the initial root token. ( #1883 )
2016-09-13 18:42:24 -04:00
Jeff Mitchell
ac5ea8ccc2
Reinstate the token parameter to api.RevokeSelf to avoid breaking compatibility
2016-09-13 11:03:05 -04:00
Jeff Mitchell
1c6f2fd82b
Add response wrapping to list operations ( #1814 )
2016-09-02 01:13:14 -04:00
Evan Gilman
d7502e543d
Add golang api method for creating orphan tokens ( #1834 )
2016-09-01 15:39:44 -04:00
Jeff Mitchell
9fee9ce8ff
Don't allow tokens in paths. ( #1783 )
2016-08-24 15:59:43 -04:00
markrzasa
a110cd637c
allow a TLS server name to be configured for SSH agents ( #1720 )
2016-08-23 22:06:56 -04:00
Jeff Mitchell
62c69f8e19
Provide base64 keys in addition to hex encoded. ( #1734 )
...
* Provide base64 keys in addition to hex encoded.
Accept these at unseal/rekey time.
Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
Jeff Mitchell
ba87c6c0d6
Restore compatibility with pre-0.6.1 servers for CLI/Go API calls
2016-08-14 14:52:45 -04:00
Jeff Mitchell
bcb4ab5422
Add periodic support for root/sudo tokens to auth/token/create
2016-08-12 21:14:12 -04:00
Jeff Mitchell
9c33224928
Don't retry on redirections.
2016-08-12 15:13:42 -04:00
vishalnayak
ff22640015
Use default config and read environment by default while creating client object
2016-08-12 11:37:13 -04:00
Jeff Mitchell
5a1ca832af
Merge pull request #1699 from hashicorp/dataonly
...
Return sys values in top level normal api.Secret
2016-08-09 07:17:02 -04:00
Jeff Mitchell
ab71b981ad
Add ability to specify renew lease ID in POST body.
2016-08-08 18:00:44 -04:00
Jeff Mitchell
3c2aae215c
Fix tests and update mapstructure
2016-08-08 16:00:31 -04:00
Alex Dadgar
4d5de08a46
Merge pull request #1682 from hashicorp/f-refactor-tls-config
...
Refactor the TLS configuration between meta.Client and the api.Config
2016-08-02 13:35:37 -07:00
Alex Dadgar
92ede0db17
Address comments
2016-08-02 13:17:45 -07:00
vishalnayak
8b0b0d5922
Add cluster information to 'vault status'
2016-07-29 14:13:53 -04:00
vishalnayak
e5e0431393
Added Vault version informationto the 'status' command
2016-07-28 17:37:35 -04:00
Alex Dadgar
f5d56ad8f8
Refactor the TLS configuration between meta.Client and the api.Config
2016-07-27 17:26:26 -07:00
Jeff Mitchell
a76d51d0ee
Plumb request UUID through the API
2016-07-27 09:25:04 -04:00
vishalnayak
23800c5f1d
Add service discovery to init command
2016-07-21 16:17:29 -04:00
Vishal Nayak
8a1bb1626a
Merge pull request #1583 from hashicorp/ssh-allowed-roles
...
Add allowed_roles to ssh-helper-config and return role name from verify call
2016-07-19 12:04:12 -04:00
vishalnayak
c14235b206
Merge branch 'master-oss' into json-use-number
...
Conflicts:
http/handler.go
logical/framework/field_data.go
logical/framework/wal.go
vault/logical_passthrough.go
2016-07-15 19:21:55 -04:00
Jeff Mitchell
a6682405a3
Migrate number of retries down by one to have it be max retries, not tries
2016-07-11 21:57:14 +00:00
Jeff Mitchell
57cdb58374
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages
2016-07-11 21:37:46 +00:00
Jeff Mitchell
7023eafc67
Make the API client retry on 5xx errors.
...
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.
Fix tests.
2016-07-06 16:50:23 -04:00
vishalnayak
ad7cb2c8f1
Added JSON Decode and Encode helpers.
...
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
2016-07-06 12:25:40 -04:00
vishalnayak
5367a7223d
Add allowed_roles to ssh-helper-config and return role name from verify call
2016-07-05 11:14:29 -04:00
vishalnayak
848b479a61
Added 'sys/auth/<path>/tune' endpoints.
...
Displaying 'Default TTL' and 'Max TTL' in the output of 'vault auth -methods'
2016-06-15 13:58:24 -04:00
Jeff Mitchell
e925987cb6
Add token accessor to wrap information if one exists
2016-06-13 23:58:17 +00:00
Jeff Mitchell
65d8973864
Add explicit max TTL capability to token creation API
2016-06-08 14:49:48 -04:00
Jeff Mitchell
c0155ac02b
Add renewable flag and API setting for token creation
2016-06-08 11:14:30 -04:00
Jeff Mitchell
10b218d292
Use time.Time which does RFC3339 across the wire to handle time zones. Arguably we should change the API to always do this...
2016-06-07 16:01:09 -04:00
Jeff Mitchell
401456ea50
Add creation time to returned wrapped token info
...
This makes it easier to understand the expected lifetime without a
lookup call that uses the single use left on the token.
This also adds a couple of safety checks and for JSON uses int, rather
than int64, for the TTL for the wrapped token.
2016-06-07 15:00:35 -04:00
Jeff Mitchell
63aba520c6
Make Unwrap a first-party API command and refactor UnwrapCommand to use it
2016-05-27 21:04:30 +00:00
Jeff Mitchell
05b2d4534c
Add unwrap test function and some robustness around paths for the wrap lookup function
2016-05-19 11:49:46 -04:00
Jeff Mitchell
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
Jeff Mitchell
c5008bcaac
Add more tests
2016-05-07 21:08:13 -04:00
Jeff Mitchell
99a5b4402d
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-04 14:42:14 -04:00
Jeff Mitchell
45a120f491
Switch our tri-copy ca loading code to go-rootcerts
2016-05-03 12:23:25 -04:00
Jeff Mitchell
1ffd5653c6
Add wrap support to API/CLI
2016-05-02 02:03:23 -04:00