Commit graph

118 commits

Author SHA1 Message Date
vishalnayak 1e4834bd20 Remove addDefault param from ParsePolicies 2016-05-31 13:39:58 -04:00
vishalnayak 49b4c83580 Adding default policies while creating tokens 2016-05-31 13:39:58 -04:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Sean Chittenden 8c9dadf82b
Don't build mlock for NetBSD
NetBSD doesn't have the right symbols defined in Go for mlockall support.  The OS supports it just fine, but the definitions aren't present in Go.  If someone wanted to they could add support XOR the values from `sys/mman.h` for `MCL_CURRENT | MCL_FUTURE` which is almost certainly `0x01 | 0x02` but we're not going to do that in code due to the maintenance of a one-off just for NetBSD.  PR's welcome.
2016-05-10 16:39:54 -07:00
Jeff Mitchell 80407eeba8 Fix up commenting 2016-05-05 10:31:50 -04:00
Jeff Mitchell b6b9cd6f1f Merge remote-tracking branch 'origin/master' into aws-cred-chain 2016-05-05 10:31:12 -04:00
vishalnayak 314a1f9406 Updates to policy and string helpers 2016-05-05 10:22:28 -04:00
vishalnayak 0cec22d27a Lower case all policy values in ParsePolicies before processing 2016-05-05 05:22:59 -04:00
Jeff Mitchell 1b0df1d46f Cleanups, add shared provider, ability to specify http client, and port S3 physical backend over 2016-05-03 17:01:02 -04:00
Jeff Mitchell 7fbe5d2eaa Region is required so error in awsutil if not set and set if empty in client code in logical/aws 2016-05-03 15:25:11 -04:00
Jeff Mitchell a244ef8a00 Refactor AWS credential code into a function that returns a static->env->instance chain 2016-05-03 15:10:35 -04:00
Adam Shannon fb07d07ad9 all: Cleanup from running go vet 2016-04-13 14:38:29 -05:00
Sean Chittenden 09ad6317ea Merge pull request #1297 from hashicorp/f-bsd-mlock
F bsd mlock
2016-04-06 13:57:34 -07:00
Sean Chittenden b178bfabd9 Fix the build targets
I'm not entirely sure why this didn't work, but explicitly list the unsupported platforms as identified by `go tool dist list`
2016-04-05 22:24:53 -07:00
vishalnayak e3a1ee92b5 Utility Enhancements 2016-04-05 20:32:59 -04:00
Sean Chittenden 2374129c33 Consolidate mlock calls into one place
In theory Android and NaCL could build Vault now, too.

List of targets derived from: `go tool dist list`
2016-04-05 13:57:29 -07:00
Sean Chittenden 308057a4a9 Switch Linux over to using the x/sys/unix package
Same syscall interface, but the `x/sys/unix` package is not frozen.  No functional change from this commit.
2016-04-05 12:19:46 -07:00
Sean Chittenden dcde117bcb go fmt was here, no functional change 2016-04-05 12:18:45 -07:00
Sean Chittenden 087e7c94d3 Add Vault support for the *BSDs, including Darwin
The `syscall` package has been frozen in favor of `x/sys`.  As a result, all of the BSDs are supported and do have `mlockall(2)` support in current versions of Go.
2016-04-05 12:18:19 -07:00
vishalnayak 95abdebb06 Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell c50276ec17 Fix using wrong var 2016-03-24 10:23:09 -04:00
Jeff Mitchell 4c4a65ebd0 Properly check for policy equivalency during renewal.
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
2016-03-24 09:41:51 -04:00
Jeff Mitchell 786bce24b1 Remove us building Solaris binaries for the moment, as they don't build successfully 2016-03-16 15:47:55 -04:00
Tom Ritter 8901c0b67d Type in kdf.go 2016-02-08 14:39:46 -06:00
Jeff Mitchell 7a59af7d18 Fix lost code after rebase 2016-01-19 19:19:07 -05:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b100c5965 Address most of the review feedback 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell 630b2d83a7 Allow ASCII-armored PGP pub keys to be passed into -pgp-keys.
Fixes #940
2016-01-18 17:01:52 -05:00
Jeff Mitchell 9c5ad28632 Update deps, and adjust usage of go-uuid to match new return values 2016-01-13 13:40:08 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell 8d1e5cb50d Add returning which user names could not be looked up 2016-01-04 13:56:45 -05:00
Jeff Mitchell 90ec946dab Address review feedback. 2016-01-04 11:18:04 -05:00
Jeff Mitchell d11509830f Happy New Year everyone! (Add keybase support for PGP keys.)
Keys specified in rekey and init operations can now be sourced from
keybase.io by using "keybase:[username]" as the key.
2015-12-31 20:47:41 -05:00
Jeff Mitchell 4dac5f5a0e Merge pull request #829 from andrewstuart/master
Add parsing of pkcs#8-encoded bundles for pki/config/ca
2015-12-22 10:06:59 -05:00
Jeff Mitchell f2da5b639f Migrate 'uuid' to 'go-uuid' to better fit HC naming convention 2015-12-16 12:56:20 -05:00
Charles Phillips 4cb2941b77 [helper] support mlock on Solaris/SmartOS 2015-12-15 11:28:16 -08:00
Andrew Stuart c81e5c41d2
Update PrivateKeyType to string, update switch statement. 2015-12-14 11:16:47 -07:00
Andrew Stuart 100465fee8
Remove unnecessary cast 2015-12-14 06:17:20 -07:00
Andrew Stuart 567282170f
Remove printf call from test 2015-12-11 15:47:00 -07:00
Andrew Stuart ae9e842841
Merge branch 'pkcs8' 2015-12-11 15:22:43 -07:00
Andrew Stuart 43bd14a755
Add benchmark for certutil bundle parsing 2015-12-11 15:17:49 -07:00
Andrew Stuart 551591fb70
Remove debugging print statement in compareCertBundleToParsedCertBundle 2015-12-11 15:17:49 -07:00
Andrew Stuart b277eb9f14
Remove flag check before trying pkcs8 parsing. 2015-12-11 15:17:49 -07:00
Andrew Stuart 6f672a9589
Add pkcs8 flag setting in ParsePEMBundle 2015-12-11 15:17:49 -07:00
Andrew Stuart 4da225d39e
Update tests and finish implementation of PKCS8 handling 2015-12-11 15:17:49 -07:00
Andrew Stuart 25667df5f7
Update ParsePEMBundle to properly handle pkcs#8
Implementation based on be16001187/src/crypto/tls/tls.go (L273-L290)
2015-12-11 15:17:49 -07:00
Andrew Stuart 2861be29a4
Move to pem.Block.Type-based decoding 2015-12-11 14:57:33 -07:00
Andrew Stuart 9d97cc36c9
Add benchmark for certutil bundle parsing 2015-12-11 09:58:49 -07:00