vishalnayak
1e4834bd20
Remove addDefault param from ParsePolicies
2016-05-31 13:39:58 -04:00
vishalnayak
49b4c83580
Adding default policies while creating tokens
2016-05-31 13:39:58 -04:00
Sean Chittenden
7a4b31ce51
Speling police
2016-05-15 09:58:36 -07:00
Sean Chittenden
8c9dadf82b
Don't build mlock for NetBSD
...
NetBSD doesn't have the right symbols defined in Go for mlockall support. The OS supports it just fine, but the definitions aren't present in Go. If someone wanted to they could add support XOR the values from `sys/mman.h` for `MCL_CURRENT | MCL_FUTURE` which is almost certainly `0x01 | 0x02` but we're not going to do that in code due to the maintenance of a one-off just for NetBSD. PR's welcome.
2016-05-10 16:39:54 -07:00
Jeff Mitchell
80407eeba8
Fix up commenting
2016-05-05 10:31:50 -04:00
Jeff Mitchell
b6b9cd6f1f
Merge remote-tracking branch 'origin/master' into aws-cred-chain
2016-05-05 10:31:12 -04:00
vishalnayak
314a1f9406
Updates to policy and string helpers
2016-05-05 10:22:28 -04:00
vishalnayak
0cec22d27a
Lower case all policy values in ParsePolicies before processing
2016-05-05 05:22:59 -04:00
Jeff Mitchell
1b0df1d46f
Cleanups, add shared provider, ability to specify http client, and port S3 physical backend over
2016-05-03 17:01:02 -04:00
Jeff Mitchell
7fbe5d2eaa
Region is required so error in awsutil if not set and set if empty in client code in logical/aws
2016-05-03 15:25:11 -04:00
Jeff Mitchell
a244ef8a00
Refactor AWS credential code into a function that returns a static->env->instance chain
2016-05-03 15:10:35 -04:00
Adam Shannon
fb07d07ad9
all: Cleanup from running go vet
2016-04-13 14:38:29 -05:00
Sean Chittenden
09ad6317ea
Merge pull request #1297 from hashicorp/f-bsd-mlock
...
F bsd mlock
2016-04-06 13:57:34 -07:00
Sean Chittenden
b178bfabd9
Fix the build targets
...
I'm not entirely sure why this didn't work, but explicitly list the unsupported platforms as identified by `go tool dist list`
2016-04-05 22:24:53 -07:00
vishalnayak
e3a1ee92b5
Utility Enhancements
2016-04-05 20:32:59 -04:00
Sean Chittenden
2374129c33
Consolidate mlock calls into one place
...
In theory Android and NaCL could build Vault now, too.
List of targets derived from: `go tool dist list`
2016-04-05 13:57:29 -07:00
Sean Chittenden
308057a4a9
Switch Linux over to using the x/sys/unix
package
...
Same syscall interface, but the `x/sys/unix` package is not frozen. No functional change from this commit.
2016-04-05 12:19:46 -07:00
Sean Chittenden
dcde117bcb
go fmt
was here, no functional change
2016-04-05 12:18:45 -07:00
Sean Chittenden
087e7c94d3
Add Vault support for the *BSDs, including Darwin
...
The `syscall` package has been frozen in favor of `x/sys`. As a result, all of the BSDs are supported and do have `mlockall(2)` support in current versions of Go.
2016-04-05 12:18:19 -07:00
vishalnayak
95abdebb06
Added AcceptanceTest boolean to logical.TestCase
2016-04-05 15:10:44 -04:00
Jeff Mitchell
c50276ec17
Fix using wrong var
2016-03-24 10:23:09 -04:00
Jeff Mitchell
4c4a65ebd0
Properly check for policy equivalency during renewal.
...
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.
Fixes #1256
2016-03-24 09:41:51 -04:00
Jeff Mitchell
786bce24b1
Remove us building Solaris binaries for the moment, as they don't build successfully
2016-03-16 15:47:55 -04:00
Tom Ritter
8901c0b67d
Type in kdf.go
2016-02-08 14:39:46 -06:00
Jeff Mitchell
7a59af7d18
Fix lost code after rebase
2016-01-19 19:19:07 -05:00
Jeff Mitchell
973c888833
RootGeneration->GenerateRoot
2016-01-19 18:28:10 -05:00
Jeff Mitchell
3b100c5965
Address most of the review feedback
2016-01-19 18:28:10 -05:00
Jeff Mitchell
3b994dbc7f
Add the ability to generate root tokens via unseal keys.
2016-01-19 18:28:10 -05:00
Jeff Mitchell
630b2d83a7
Allow ASCII-armored PGP pub keys to be passed into -pgp-keys.
...
Fixes #940
2016-01-18 17:01:52 -05:00
Jeff Mitchell
9c5ad28632
Update deps, and adjust usage of go-uuid to match new return values
2016-01-13 13:40:08 -05:00
Jeff Mitchell
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
Jeff Mitchell
a094eedce2
Add rekey nonce/backup.
2016-01-06 09:54:35 -05:00
Jeff Mitchell
8d1e5cb50d
Add returning which user names could not be looked up
2016-01-04 13:56:45 -05:00
Jeff Mitchell
90ec946dab
Address review feedback.
2016-01-04 11:18:04 -05:00
Jeff Mitchell
d11509830f
Happy New Year everyone! (Add keybase support for PGP keys.)
...
Keys specified in rekey and init operations can now be sourced from
keybase.io by using "keybase:[username]" as the key.
2015-12-31 20:47:41 -05:00
Jeff Mitchell
4dac5f5a0e
Merge pull request #829 from andrewstuart/master
...
Add parsing of pkcs#8-encoded bundles for pki/config/ca
2015-12-22 10:06:59 -05:00
Jeff Mitchell
f2da5b639f
Migrate 'uuid' to 'go-uuid' to better fit HC naming convention
2015-12-16 12:56:20 -05:00
Charles Phillips
4cb2941b77
[helper] support mlock on Solaris/SmartOS
2015-12-15 11:28:16 -08:00
Andrew Stuart
c81e5c41d2
Update PrivateKeyType to string, update switch statement.
2015-12-14 11:16:47 -07:00
Andrew Stuart
100465fee8
Remove unnecessary cast
2015-12-14 06:17:20 -07:00
Andrew Stuart
567282170f
Remove printf call from test
2015-12-11 15:47:00 -07:00
Andrew Stuart
ae9e842841
Merge branch 'pkcs8'
2015-12-11 15:22:43 -07:00
Andrew Stuart
43bd14a755
Add benchmark for certutil bundle parsing
2015-12-11 15:17:49 -07:00
Andrew Stuart
551591fb70
Remove debugging print statement in compareCertBundleToParsedCertBundle
2015-12-11 15:17:49 -07:00
Andrew Stuart
b277eb9f14
Remove flag check before trying pkcs8 parsing.
2015-12-11 15:17:49 -07:00
Andrew Stuart
6f672a9589
Add pkcs8 flag setting in ParsePEMBundle
2015-12-11 15:17:49 -07:00
Andrew Stuart
4da225d39e
Update tests and finish implementation of PKCS8 handling
2015-12-11 15:17:49 -07:00
Andrew Stuart
25667df5f7
Update ParsePEMBundle to properly handle pkcs#8
...
Implementation based on be16001187/src/crypto/tls/tls.go (L273-L290)
2015-12-11 15:17:49 -07:00
Andrew Stuart
2861be29a4
Move to pem.Block.Type-based decoding
2015-12-11 14:57:33 -07:00
Andrew Stuart
9d97cc36c9
Add benchmark for certutil bundle parsing
2015-12-11 09:58:49 -07:00