luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
2,018 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

2018 Commits

Author SHA1 Message Date
Vishal Nayak d4609dea28 Merge pull request #578 from hashicorp/exclude-cidr-list 
Vault SSH: Added exclude_cidr_list option to role
 2015-08-28 07:59:46 -04:00
vishalnayak b12a2f0013 Vault SSH: Added exclude_cidr_list option to role 2015-08-27 23:19:55 -04:00
Jeff Mitchell a4fc4a8e90 Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470. 2015-08-27 12:24:37 -07:00
Jeff Mitchell eed9b6da7f Merge pull request #576 from hashicorp/system-config-to-logical 
Plumb system config to logical
 2015-08-27 15:15:12 -04:00
Jeff Mitchell 9e5e8a8a4d Whitespace fix 2015-08-27 12:14:51 -07:00
Jeff Mitchell cdabe6350e SystemConfig -> SystemView 2015-08-27 11:38:05 -07:00
Jeff Mitchell b74fa8c888 Make DefaultSystemView StaticSystemView with statically-configured information. Export this from Framework to make it easy to override for testing. 2015-08-27 11:25:07 -07:00
Jeff Mitchell 7c2bbe4c7f Use a SystemView interface and turn SystemConfig into DefaultSystemView 2015-08-27 10:36:44 -07:00
Vishal Nayak 47a6ec0b1f Merge pull request #577 from hashicorp/default-cidr 
Vault SSH: Default CIDR for roles
 2015-08-27 13:17:58 -04:00
vishalnayak fbff20d9ab Vault SSH: Docs for default CIDR value 2015-08-27 13:10:15 -04:00
vishalnayak 5063a0608b Vault SSH: Default CIDR for roles 2015-08-27 13:04:15 -04:00
Jeff Mitchell e58553e7d5 Plumb the system configuration information up into framework 2015-08-27 09:41:03 -07:00
Jeff Mitchell 2e07106c4b Add some documentation to SystemConfig 2015-08-27 09:14:03 -07:00
Jeff Mitchell 992e357d07 Add some plumbing to allow specified system configuration information to 
be retrieved by logical backends. First implemented is default/max TTL.
 2015-08-27 08:51:35 -07:00
Vishal Nayak 2cdee69501 Merge pull request #575 from hashicorp/fix-option-specs 
Key option specifications as optional parameter to Dynamic key type
 2015-08-27 11:48:42 -04:00
vishalnayak 702a869010 Vault SSH: Provide key option specifications for dynamic keys 2015-08-27 11:41:29 -04:00
Jeff Mitchell 3f45f3f41b Rename config lease_duration parameters to lease_ttl in line with current standardization efforts 2015-08-27 07:50:24 -07:00
vishalnayak d5a3ff1c49 Merge branch 'master' of https://github.com/hashicorp/vault 2015-08-27 08:47:56 -04:00
vishalnayak 5b08e01bb1 Vault SSH: Create .ssh directory if not present. Closes #573 2015-08-27 08:45:34 -04:00
Jeff Mitchell d6f64ab368 Merge pull request #574 from msample/master 
corrected two typos
 2015-08-27 08:08:58 -04:00
Mike Sample e847fbd596 corrected two typos 2015-08-27 00:05:19 -07:00
Jeff Mitchell 6bc86cfee1 Use logical passthrough for renew API calls 2015-08-26 13:22:16 -07:00
Jeff Mitchell ec57e983f7 Don't allow duplicate x parts in Shamir. Add unit test for verification. 2015-08-26 10:03:44 -07:00
Jeff Mitchell 9db8a5c744 Merge pull request #567 from hobbeswalsh/master 
Spaces in displayName break AWS IAM
 2015-08-26 12:37:52 -04:00
Robin Walsh 34b84367b5 Adding one more test (for no-op case) 2015-08-26 09:26:20 -07:00
Robin Walsh 4b7c2cc114 Adding unit test for normalizeDisplayName() 2015-08-26 09:23:33 -07:00
Jeff Mitchell 2098446d47 Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550. 2015-08-26 09:13:10 -07:00
Jeff Mitchell 2d8bfff02b Explicitly check for blank leases in AWS, and give a better error message if lease_max cannot be parsed. Fixes #569. 2015-08-26 09:04:47 -07:00
Jeff Mitchell 8669a87fdd When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes. 2015-08-26 07:59:50 -07:00
Jeff Mitchell 17cbd9e1ca If JSON decoding fails, make it clear that the problem is failing to 
parse the JSON, rather than returning the possibly confusing error from
the JSON decoder.

Fixes #553.
 2015-08-26 07:03:33 -07:00
Jeff Mitchell b940d214bd Merge pull request #568 from ctennis/add_some_s3_info 
Make it clear for physical S3 backend we support instance profiles as well.
 2015-08-26 09:03:38 -04:00
Jeff Mitchell 003029938d Merge pull request #570 from hashicorp/pgp-init-keys 
PGP keys at init/rekey time
 2015-08-25 19:41:21 -04:00
Jeff Mitchell ea08678189 Update godeps 2015-08-25 16:24:25 -07:00
Jeff Mitchell cc232e6f79 Address comments from review. 2015-08-25 15:33:58 -07:00
Jeff Mitchell 0b580d0521 Update website documentation for init and rekey with secret_pgp_keys API option 2015-08-25 14:52:13 -07:00
Jeff Mitchell c887df93cc Add support for pgp-keys argument to rekey, as well as tests, plus 
refactor common bits out of init.
 2015-08-25 14:52:13 -07:00
Jeff Mitchell f57e7892e7 Don't store the given public keys in the seal config 2015-08-25 14:52:13 -07:00
Jeff Mitchell a7316f2e24 Handle people specifying PGP key files with @ in front 2015-08-25 14:52:13 -07:00
Jeff Mitchell 2f3e245b0b Add support for "pgp-tokens" parameters to init. 
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
 2015-08-25 14:52:13 -07:00
Caleb Tennis 6c30f9a0f9 Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required 2015-08-25 06:47:07 -07:00
Robin Walsh 8530f14fee s/string replacement/regexp replacement 2015-08-24 17:00:54 -07:00
Robin Walsh 69f5abdc91 spaces in displayName break AWS IAM 2015-08-24 16:12:45 -07:00
Vishal Nayak 07b4091cae Merge pull request #566 from hashicorp/fix-install-script 
Cleanup of public key install script
 2015-08-24 15:06:28 -04:00
vishalnayak c35d78b3cb Vault SSH: Documentation update 2015-08-24 14:18:37 -04:00
vishalnayak e6987beb61 Vault SSH: Replace args with named vars 2015-08-24 14:07:07 -04:00
vishalnayak eb91a3451b Merging with master 2015-08-24 13:55:20 -04:00
vishalnayak 44c07cff5b Vault SSH: Cleanup of aux files in install script 2015-08-24 13:50:46 -04:00
Jeff Mitchell 025ec5057e Merge pull request #564 from hashicorp/remove-cookie-auth 
Remove cookie authentication
 2015-08-21 19:55:00 -07:00
Jeff Mitchell a8ef0e8a80 Remove cookie authentication. 2015-08-21 19:46:23 -07:00
Jeff Mitchell f7845234b4 Merge pull request #555 from hashicorp/toggleable-hostname-enforcement 
Allow enforcement of hostnames to be toggleable for certificates.
 2015-08-21 19:23:09 -07:00