e7fe48c33f
vault: refactor expiration timer management
2015-04-09 12:39:12 -07:00
5a3ab973e6
vault: Simplify common lease logic
2015-04-09 12:29:13 -07:00
4679febdf3
logical: Refactor LeaseOptions to share between Secret and Auth
2015-04-09 12:14:04 -07:00
7df486482b
vault: Adding LeaseIssue for renew to allow limiting maximum lease length
2015-04-09 11:54:32 -07:00
9a034c4ab8
vault: lookup-self should allow unauthenticated requests
2015-04-08 22:09:47 -07:00
8ebc29d1b9
vault: audit broker profiles each backend
2015-04-08 17:09:36 -07:00
e25886859e
vault: router generates metrics per operation
2015-04-08 17:09:10 -07:00
82c5d9c478
vault: Enforce non-renewability
2015-04-08 17:03:46 -07:00
512b3d7afd
vault: Adding metrics profiling
2015-04-08 16:43:17 -07:00
429ad7e5cb
vault: Handle auth entry without lease
2015-04-08 15:43:26 -07:00
466c7575d3
Replace VaultID with LeaseID for terminology simplification
2015-04-08 13:35:32 -07:00
7e4f47a9e6
vault: proper meta parameter for vaultstorage (tests pass now)
2015-04-07 14:37:50 -07:00
9378d0388a
vault: token store inehrits policies by default
2015-04-07 14:19:52 -07:00
8dce065972
vault: use mapstructure to decode token args
...
JSON sends as interface{}, so we can't decode directly into types.
2015-04-07 14:16:35 -07:00
a8d4319ad5
vault: Update LRU on GetPolicy
2015-04-06 16:43:05 -07:00
f022ec97c4
vault: Adding policy LRU cache
2015-04-06 16:41:48 -07:00
493ee49e4d
vault: unify the token renew response
2015-04-06 16:35:39 -07:00
7aee6269f7
vault: pass a logger around to logical backends
2015-04-04 11:39:58 -07:00
246c2839b0
logical/framework: make help look nicer
2015-04-03 21:00:23 -07:00
8ff435ba1a
vault: fix issue with wrong path getting passed through
2015-04-03 20:48:04 -07:00
df8dbe9677
vault: allow mount point queries without trailing /
2015-04-03 20:45:00 -07:00
148fe3d864
vault: Adding Hash function to MountTable
2015-04-03 17:46:57 -07:00
d74c4c1c33
vault: Remove log about rollback
2015-04-03 17:11:24 -07:00
3250bfad0a
vault: test credential unmount does cleanup
2015-04-03 16:15:34 -07:00
82eda2b169
vault: Do early check for missing backend
2015-04-03 16:09:06 -07:00
0dee7d29ec
vault: disable credential backend revokes tokens
2015-04-03 16:07:45 -07:00
56d0b51be0
vault: Reuse mount table methods
2015-04-03 16:00:46 -07:00
683d01e984
vault: Refactor common methods
2015-04-03 15:59:30 -07:00
eaa483ff87
vault: Enforce default and max length leasing
2015-04-03 15:42:34 -07:00
0ba7c64c0f
vault: Verify client token is not passed through in the plain
2015-04-03 15:39:56 -07:00
002b2ad589
vault: Provide salted client token to logical backends
2015-04-03 14:42:39 -07:00
e4854ca59b
vault: Allow deep paths for audit backends
2015-04-03 14:27:33 -07:00
2f3e511507
vault: Allow deep paths for auth mounting
2015-04-03 14:24:00 -07:00
b8d69a357c
vault: Use Auth for lease and renewable
2015-04-03 14:04:50 -07:00
2feba52f40
vault: Adding auth/token/renew endpoint
2015-04-03 12:11:49 -07:00
adaa83b48c
vault: Adding RenewToken to expiration manager
2015-04-03 11:58:10 -07:00
c82fbbb8c3
vault: Support prefix based token revocation
2015-04-03 11:40:08 -07:00
eec6c27fae
vault: Special case auth/token/create
2015-04-02 18:05:23 -07:00
c6479642e9
vault: integrate login with expiration manager
2015-04-02 17:52:11 -07:00
1b19a8ee1b
vault: Rename RegisterLogin to RegisterAuth
2015-04-02 17:45:42 -07:00
d0ac9e5711
vault: Expose SaltID from token store
2015-04-02 17:39:38 -07:00
c54534875a
vault: testing remount cleanup
2015-04-02 12:04:37 -07:00
f397cd3fb1
vault: remount does appropriate cleanup
2015-04-02 12:03:00 -07:00
3a8dc4dff9
vault: Adding Untaint to router
2015-04-02 12:01:53 -07:00
bfe7a1e901
vault: testing unmount cleanup
2015-04-02 11:47:44 -07:00
0b5572a2f7
vault: ensure unmount properly cleans up state
2015-04-02 11:18:06 -07:00
3e427910fb
vault: Support tainting router paths
2015-04-02 11:18:06 -07:00
c718408055
vault: Added MatchingView method
2015-04-02 11:18:06 -07:00
d5e5499ddd
vault: Adding ClearView method
2015-04-02 11:18:05 -07:00
d5403d6673
vault: TODO cleanups
2015-04-01 22:13:08 -07:00
f231a6c67d
vault: rollback supports joining an inflight operation
2015-04-01 22:12:03 -07:00
c3aed5589e
vault: Adding intermediate taint step to unmount
2015-04-01 22:12:03 -07:00
6218c2729d
http: audit endpoints
2015-04-01 18:36:13 -07:00
114c1e1dea
vault: Adding the raw/ endpoints to sys
2015-04-01 17:45:00 -07:00
28bc849fd9
vault: Attach policy name if missing
2015-04-01 17:45:00 -07:00
6933f94acd
vault: Prevent UUID injection on sys mount path
2015-04-01 17:45:00 -07:00
a8912e82d8
enable github
2015-04-01 15:48:56 -07:00
4138e43f00
vault: Adding audit trail for login
2015-04-01 14:48:37 -07:00
3d3e18793b
vault: Integrate audit logging with core
2015-04-01 14:33:48 -07:00
b657b74a97
vault: Minor rework for clarity
2015-04-01 14:11:26 -07:00
c83f46606b
vault: Simpify token checking logic
2015-04-01 14:03:17 -07:00
cd681d7226
vault: Extending AuditBroker to support new audit methods
2015-04-01 13:55:07 -07:00
08a9216aa7
vault: register vault ID even fi no lease
2015-03-31 21:04:10 -07:00
2c9ebecda7
vault: register zero lease entries with the expiration manager
...
/cc @armon - would appreciate a review on this one
2015-03-31 21:01:12 -07:00
aba7fc1910
http: auth handlers
2015-03-31 20:24:51 -07:00
dda8dec5bf
vault: Adding sys/ paths to enable/disable audit backends
2015-03-31 16:45:08 -07:00
7ca462c028
vault: Adding enable/disable audit methods
2015-03-31 15:26:07 -07:00
d817e31d67
vault: Sanity check keys in the barrier view
2015-03-31 13:32:24 -07:00
a6bc60c7d6
vault: Adding AuditBroker and basic tests
2015-03-31 13:22:40 -07:00
0a7df0b3d4
vault: Adding options to mount table
2015-03-31 13:14:08 -07:00
1dcb37c6b6
vault: lookup-self for TokenStore to look up your own store
2015-03-31 12:51:00 -07:00
63f259cc8d
vault: lookup without a token looks up self
2015-03-31 12:50:07 -07:00
6a72ea61d5
vault: convert TokenStore to logical/framework
2015-03-31 12:48:19 -07:00
c8294170cc
vault: test bad key to seal
2015-03-31 10:00:04 -07:00
0666bda865
vault: require root token for seal
2015-03-31 09:59:02 -07:00
04c80a81bc
vault: add seal to the sys backend
2015-03-31 09:36:13 -07:00
d4509b0ee3
vault: keep the connection info around for auth
2015-03-30 20:55:01 -07:00
c9acfa17cb
vault: get rid of HangleLogin
2015-03-30 20:26:39 -07:00
69593cde56
remove credential/ lots of tests faililng
2015-03-30 18:07:05 -07:00
62ee621ea3
logical: move cred stuff over here
2015-03-30 17:46:18 -07:00
e9a3a34c27
vault: tests passing
2015-03-29 16:18:08 -07:00
4cacaf62f0
http: support auth
2015-03-29 16:14:54 -07:00
5517910829
vault: Make audit/ a protected path
2015-03-27 14:00:57 -07:00
042db7798e
vault: Adding basic audit table load/unload
2015-03-27 14:00:38 -07:00
609ac4c562
vault: Allow passing in audit factory methods
2015-03-27 13:45:13 -07:00
9a4946f115
vault: Testing core ACL enforcement
2015-03-24 15:55:27 -07:00
23864839bb
vault: testing root privilege restrictions
2015-03-24 15:52:07 -07:00
fe402cdd87
vault: ignore a nil policy object, as it has no permissions
2015-03-24 15:49:17 -07:00
b354f03cb2
vault: adding auth/token/lookup/ support
2015-03-24 15:39:33 -07:00
4a4d1d3e45
vault: adding auth/token/revoke/ and auth/token/revoke-orphan/
2015-03-24 15:30:09 -07:00
26f05f7a20
vault: Passthrough of client token to token store
2015-03-24 15:12:52 -07:00
6fd3cae2c2
vault: Adding auth/token/create endpoint
2015-03-24 15:10:46 -07:00
b5332404d1
vault: Allow providing token ID during creation
2015-03-24 14:22:50 -07:00
b41d2e6368
vault: utility string set methods
2015-03-24 13:56:07 -07:00
493fbc12fc
vault: utility string search methods
2015-03-24 13:44:47 -07:00
49df1570d6
vault: test missing and invalid tokens
2015-03-24 11:57:08 -07:00
20c2375352
vault: Adding ACL enforcement
2015-03-24 11:37:07 -07:00
43a99aec93
vault: Special case root policy
2015-03-24 11:27:21 -07:00
4598e43140
vault: Adding ClientToken
2015-03-24 11:09:25 -07:00
65ef4f1032
vault: wire tokens into expiration manager
2015-03-23 18:11:15 -07:00
86c9bd9083
vault: Give expiration manager a token store reference
2015-03-23 18:00:14 -07:00
6481ff9e34
vault: Generate a root token when initializing
2015-03-23 17:31:30 -07:00
cd3ee5cc03
vault: Remove core reference
2015-03-23 17:29:36 -07:00
539554fc0b
vault: only log expiration notice if useful
2015-03-23 17:27:46 -07:00
3607eae208
vault: Adding method to generate root token
2015-03-23 17:16:37 -07:00
f40ed182c4
vault: Support policy CRUD
2015-03-23 14:43:31 -07:00
192dcf7d39
vault: first pass at HandleLogin
2015-03-23 13:56:43 -07:00
879a0501f8
vault: Track the token store in core
2015-03-23 13:41:05 -07:00
56d99fe580
vault: token tracks generation path and meta data
2015-03-23 13:39:43 -07:00
10e64d1e90
vault: extend router to handle login routing
2015-03-23 11:47:55 -07:00
a78b7207b9
vault: playing with credential store interface
2015-03-20 13:54:57 -07:00
82e13e3c41
vault: implement the sys/auth* endpoints
2015-03-20 12:48:19 -07:00
a0f59f682b
logical/framework: can specify InternalData for secret
2015-03-20 17:59:48 +01:00
1ff229ca68
http: passing tests
2015-03-19 23:28:49 +01:00
c349e97168
vault: clean up VaultID duplications, make secret responses clearer
...
/cc @armon - This is a reasonably major refactor that I think cleans up
a lot of the logic with secrets in responses. The reason for the
refactor is that while implementing Renew/Revoke in logical/framework I
found the existing API to be really awkward to work with.
Primarily, we needed a way to send down internal data for Vault core to
store since not all the data you need to revoke a key is always sent
down to the user (for example the user than AWS key belongs to).
At first, I was doing this manually in logical/framework with
req.Storage, but this is going to be such a common event that I think
its something core should assist with. Additionally, I think the added
context for secrets will be useful in the future when we have a Vault
API for returning orphaned out keys: we can also return the internal
data that might help an operator.
So this leads me to this refactor. I've removed most of the fields in
`logical.Response` and replaced it with a single `*Secret` pointer. If
this is non-nil, then the response represents a secret. The Secret
struct encapsulates all the lease info and such.
It also has some fields on it that are only populated at _request_ time
for Revoke/Renew operations. There is precedent for this sort of
behavior in the Go stdlib where http.Request/http.Response have fields
that differ based on client/server. I copied this style.
All core unit tests pass. The APIs fail for obvious reasons but I'll fix
that up in the next commit.
2015-03-19 23:11:42 +01:00
8039fc5c63
logical/framework: support renew
2015-03-19 20:20:57 +01:00
d4b284fba4
logical/framework: revoke support
2015-03-19 19:41:41 +01:00
7170bff4f9
vault: testing credential enable/disable
2015-03-19 10:39:47 -07:00
ca44529c9d
vault: Change constant name
2015-03-19 09:56:39 -07:00
d88a41944e
vault: Switch AuthTable to using MountTable
2015-03-19 09:54:57 -07:00
2a1ae18877
vault: convert to new callback style
2015-03-19 15:05:22 +01:00
bb8a014b6a
vault: first pass at enable/disable auth backends
2015-03-18 19:36:17 -07:00
8cc88981d6
vault: token store is a credential implementation
2015-03-18 19:11:52 -07:00
421f73d332
vault: Removing mtype from router
2015-03-18 15:48:14 -07:00
b8da9c2ee2
vault: first pass at initializing credential backends
2015-03-18 15:46:07 -07:00
d2d1822931
vault: Adding hooks for auth loading
2015-03-18 15:30:31 -07:00
21b9bdaf37
vault: Allow passing in credential backends
2015-03-18 15:21:41 -07:00
10a67592cd
vault: more protection of protected mount points
2015-03-18 15:16:52 -07:00
6e22ca50eb
vault: integrate policy and token store into core
2015-03-18 14:00:42 -07:00
481a3a2a91
vault: testing token revocation
2015-03-18 13:50:36 -07:00
4d0700d12f
vault: Guard against blank tokens
2015-03-18 13:21:16 -07:00
ded5dc71e9
vault: First pass token store
2015-03-18 13:19:19 -07:00
51ce336753
vault: Adding PolicyStore
2015-03-18 12:17:03 -07:00
061b6b24f1
vault: Refactor to use CollectKeys
2015-03-18 12:06:18 -07:00
d9bff7b674
vault: TODOs
2015-03-17 20:54:38 -05:00
6f9d63dea5
vault: comment mounts mapping in rollback manager
2015-03-17 20:53:28 -05:00
05f86ca957
vault: put uint32 at top of struct to avoid alignment issues
2015-03-17 20:46:10 -05:00
97dab0c285
vault: ignore backends that don't support rollback
2015-03-17 20:39:45 -05:00
e078b957d4
vault: start/stop rollback manager post/pre seal
2015-03-17 20:39:45 -05:00
c7b9148841
vault: RollbackManager
...
There are some major TODO items here, and it isn't hooked into the core
yet, but the basic functionality is there.
2015-03-17 20:39:45 -05:00
abe0859aa5
vault: use RWMutex on MountTable itself
2015-03-17 20:39:45 -05:00
99abc11ec5
vault: Adding ACL representation
2015-03-17 18:31:20 -07:00
ddab671bf4
vault: Adding policy parsing
2015-03-17 15:53:29 -07:00
46ccb81db4
vault: Respect grace period for revocation
2015-03-16 17:09:18 -07:00
a24192b728
vault: Support sys/revoke-prefix/
2015-03-16 16:33:48 -07:00
f08659aaaa
vault: Adding sys/revoke
2015-03-16 16:26:34 -07:00
57b4f970d2
vault: Test renew of bad ID
2015-03-16 16:14:53 -07:00
e52f1ee960
vault: Testing sys/renew
2015-03-16 16:11:55 -07:00
15b7dc2d02
vault: integration expiration manager with core
2015-03-16 15:28:50 -07:00
5f1e3e5986
vault: Testing restore
2015-03-16 15:11:47 -07:00
703bcd8190
vault: Testing revoke and renew
2015-03-16 15:11:47 -07:00
b203c27326
vault: testing internal expiration manager methods
2015-03-16 15:11:47 -07:00
11552f132b
vault: testing expiration manager persistence
2015-03-16 15:11:46 -07:00
e85cd66b30
all: Removing fields from Lease
2015-03-16 13:29:51 -07:00
18069d4cf7
vault: Handle a negetive renew increment
2015-03-16 11:52:38 -07:00
bdfa320e01
vault: First pass at expiration manager
2015-03-16 11:35:43 -07:00
c8d00f6aa2
vault: Adding barrier view scan method
2015-03-16 11:35:43 -07:00
de1e28a77c
vault: change to /sys/mounts
2015-03-16 10:52:35 -07:00
e3a796028e
http: /v1/sys/mount endpoint
2015-03-16 10:36:43 -07:00
12b12e578c
vault: fix merge conflict + pass tests
2015-03-15 19:38:23 -07:00
ca358f64dd
vault: Merge conflict
2015-03-15 18:06:19 -07:00
b96ac9f95f
vault: Assign renew time
2015-03-15 18:05:31 -07:00
9f0d59d03f
vault: system using the framework
2015-03-15 17:35:59 -07:00
edd13a5d24
vault: passthrough backend uses logical/framework
2015-03-15 17:07:54 -07:00
d4f54be927
vault: can pass in the backends
2015-03-15 16:25:38 -07:00
ece0be434e
vault: rename SystemBackend2 to SystemBackend
2015-03-15 14:54:49 -07:00
d1d1929192
vault: convert to logical.Request and friends
2015-03-15 14:53:41 -07:00
5ffcd02b7a
vault: convert system to logical.Backend
2015-03-15 14:42:05 -07:00
c3ae1b59a1
vault: Passthrough backend uses logical.Backend
2015-03-15 14:27:06 -07:00
c7e901ce45
vault: incremental change to get closer to logical structs
2015-03-15 14:27:06 -07:00
63a9eb321a
logical: put structs here, vault uses them
2015-03-15 14:27:06 -07:00
92910d18d1
vault: make mount functions private again, going to try something else
2015-03-14 18:31:31 -07:00
9d84e7bacc
vault: don't copy the key so it can be zeroed, document, add helper
2015-03-14 18:25:55 -07:00
866b91d858
vault: public TestCoreUnsealed, don't modify key in Unseal
...
/cc @armon - I do a key copy within Unseal now. It tripped me up for
quite awhile that that method actually modifies the param in-place and I
can't think of any scenario that is good for the user. Do you see any
issues here?
2015-03-14 17:47:11 -07:00
b2af154fb4
vault: make Mount related core functions public
...
/cc @armon - So I know the conversation we had related to this about
auth, but I think we still need to export these and do auth only at the
external API layer. If you're writing to the internal API, then all bets
are off.
The reason is simply that if you have access to the code, you can
already work around it anyways (you can disable auth or w/e), so a
compromised Vault source/binary is already a failure, and that is the
only thing that our previous unexported methods were protecting against.
If you write an external tool to access a Vault, it still needs to be
unsealed so _that_ is the primary security mechanism from an API
perspective. Once it is unsealed then the core API has full access to
the Vault, and identity/auth is only done at the external API layer, not
at the internal API layer.
The benefits of this approach is that it lets us still treat the "sys"
mount specially but at least have sys adopt helper/backend and use that
machinery and it can still be the only backend which actually has a
reference to *vault.Core to do core things (a key difference). So, an
AWS backend still will never be able to muck with things it can't, but
we're explicitly giving Sys (via struct initialization in Go itself)
a reference to *vault.Core.
2015-03-14 17:26:59 -07:00
f43a0290cf
vault: public testing methods
2015-03-13 12:53:09 -07:00
9d5db1286d
vault: Track the renew time
2015-03-13 11:36:24 -07:00
081358091a
vault: improve seal/unseal log messages
2015-03-13 11:34:40 -07:00
f0d00e77ec
vault: Adding start/stop to expiration manager
2015-03-13 11:31:43 -07:00
d744d4ee5e
vault: integrate expiration manager with core setup/teardown
2015-03-13 11:20:36 -07:00
d0380e553d
vault: Support a pre-seal teardown
2015-03-13 11:16:24 -07:00
5ce63ea7cd
vault: Adding lease registration
2015-03-13 10:56:03 -07:00
affeefa7f8
vault: Validate lease values
2015-03-13 10:56:03 -07:00
e77ce26d31
vault: spec out expiration manager API
2015-03-12 18:38:22 -07:00
15de847389
vault: Setup expiration manager on unseal
2015-03-12 12:44:30 -07:00
6c759416d0
vault: special view path for system
2015-03-12 12:44:30 -07:00
ef82fe04c6
vault: Support sub-views
2015-03-12 12:44:30 -07:00
b17607e51f
vault: support remount
2015-03-12 12:09:30 -07:00
3ed3e23d93
vault: Improve error when unseal key is wrong
2015-03-12 11:27:41 -07:00
aa0ca02b8c
vault: sanity check key length
2015-03-12 11:20:38 -07:00
718065c733
vault: the config has to be exported
2015-03-12 10:22:12 -07:00
11b76b064c
vault: Verify paths that are root
2015-03-11 18:47:15 -07:00
67dc52f40f
vault: testing new system endpoints
2015-03-11 18:34:33 -07:00
719eded495
vault: testing mount/unmount
2015-03-11 18:29:49 -07:00
0ca093fb2d
vault: First pass at mount/unmount
2015-03-11 18:19:45 -07:00
59052069bc
vault: Router can check for matching mounts
2015-03-11 18:19:45 -07:00
91462a61a2
vault: Adding mounts table endpoint
2015-03-11 16:12:15 -07:00
b212890043
vault: Setup the mount tables after load
2015-03-11 15:50:42 -07:00
10afebabdd
vault: Moving generic backend into package
2015-03-11 15:50:42 -07:00
c6009345d1
vault: Testing mount table setup
2015-03-11 15:33:25 -07:00
f54e4e0f6a
vault: Loading mount tables on start
2015-03-11 15:19:41 -07:00
370693ebb4
vault: Adding UUID method
2015-03-11 15:13:07 -07:00
fdad9e9ce3
vault: Test routing while sealed
2015-03-11 14:31:55 -07:00
a6508b4010
vault: Testing core unseal
2015-03-11 14:25:16 -07:00
faa337dcbe
vault: Testing initialization
2015-03-11 11:57:05 -07:00
8fdac427a7
vault: Test initialization simple
2015-03-11 11:52:01 -07:00
6794e59e2b
vault: First pass at Unseal
2015-03-11 11:43:36 -07:00
8c49152c78
vault: Support secret sharing
2015-03-11 11:34:08 -07:00
53b4e3281a
vault: First pass at initialization
2015-03-09 17:45:34 -07:00
da34cbb39a
vault: Adding core skeleton
2015-03-09 16:33:27 -07:00
ff5834ddb4
vault: Adding mount type
2015-03-09 16:12:07 -07:00
a453d8fbf8
vault: Adding router
2015-03-05 17:23:56 -08:00
51cc19e92f
logical: Adding generic backend
2015-03-05 16:35:09 -08:00
e997fd31ea
vault: more logical details
2015-03-05 15:31:40 -08:00
0de1ac001f
vault: Skeleton logical backend interface
2015-03-05 15:24:00 -08:00
a249149329
vault: Adding a barrier view
2015-03-05 14:34:05 -08:00
9d2d0298ea
vault: Basic test for barrier confidentiality and integrity
2015-03-05 14:03:00 -08:00
ea7f4a45e6
vault: Structure the barrier init file
2015-03-05 13:57:45 -08:00
7326959d25
vault: Double Unseal should be a no-op
2015-03-05 13:29:23 -08:00
e8abe8b0cd
vault: First pass at a barrier
2015-03-05 13:27:35 -08:00
0cac63234a
vault: Adding utility methods
2015-03-05 11:44:03 -08:00
Armon Dadgar