af27a99bb7
Remove JWT for the 0.3 release; it needs a lot of rework.
2015-09-24 16:23:44 -04:00
f10343921b
Start rejigging JWT
2015-09-24 16:20:22 -04:00
e38c21e0ca
Documentation fix for global TTLs
2015-09-24 12:17:26 -04:00
8fa7d3bd0b
Add revoke-self to docs
2015-09-24 12:05:00 -04:00
fb7c05d7f6
Reorder changelog slightly
2015-09-24 10:55:32 -04:00
cc62bec8b4
Merge pull request #642 from dol/fix/jwt-docs
...
Fixes docs for new JWT secret backend
2015-09-24 10:55:00 -04:00
89511e6977
Fixes docs for new JWT secret backend
2015-09-24 16:47:17 +02:00
07288b3dcb
Forgot to add JWT to the chnangelog
2015-09-23 14:26:31 -04:00
0454d04097
Minor typo fix
2015-09-23 10:07:55 -04:00
9231476428
Bump version to v0.3.0-rc
2015-09-22 13:29:29 -04:00
bf6b0b89c4
Add Dockerfile to build a cross-compilation container
2015-09-22 13:19:58 -04:00
fb7e7bfa7b
Bump Travis go version
2015-09-22 11:52:20 -04:00
44166bb241
Update Changelog to 0.3
2015-09-22 11:44:28 -04:00
e3d1222dd7
Update deps
2015-09-22 11:44:21 -04:00
3e881d18d5
Merge pull request #637 from Banno/pg-username-doc-fix
...
docs: pg username not prefixed with vault-
2015-09-22 11:23:40 -04:00
54c62fe5aa
docs: pg username not prefixed with vault-
...
due to
05fa4a4a48
2015-09-22 10:14:47 -05:00
9860ea9e46
Update godeps
2015-09-22 10:15:06 -04:00
c694c7d31d
Fix situation where a new required singleton backend would not be activated upon upgrade.
2015-09-21 17:54:36 -04:00
8f7e56b81d
Merge pull request #631 from hashicorp/remove-generic-leases
...
Don't use leases on the generic backend
2015-09-21 16:57:57 -04:00
81e535dc2d
Minor updates to passthrough and additional tests
2015-09-21 16:57:41 -04:00
e7dfb4f943
Use 'ttl_seconds' in CLI output so as not to shadow actual 'ttl' parameter
2015-09-21 16:37:37 -04:00
425e286f90
If there's no lease, output ttl instead of lease_duration
2015-09-21 16:37:37 -04:00
15e1a2281d
If lease_duration is not zero, output it even if there is no lease.
2015-09-21 16:37:37 -04:00
47e8c0070a
Don't use leases on the generic backend...with a caveat.
...
You can now turn on and off the lease behavior in the generic backend by
using one of two factories. Core uses the normal one if it's not already
set, so unit tests can use the custom one and all stay working.
This also adds logic into core to check, when the response is coming
from a generic backend, whether that backend has leases enabled. This
adds some slight overhead.
2015-09-21 16:37:37 -04:00
a5f52f43b1
Minor doc update to SSH
2015-09-21 16:26:07 -04:00
d7b8ab4380
Use the stable-website branch for documentation pushes, to allow us to update the documentation async from releases.
2015-09-21 16:20:36 -04:00
29c722dbb6
Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values
2015-09-21 16:14:30 -04:00
3eb38d19ba
Update transit backend documentation, and also return the min decryption
...
value in a read operation on the key.
2015-09-21 16:13:43 -04:00
ca33cd8423
Add API endpoint documentation to cubbyhole
2015-09-21 16:13:36 -04:00
273f13fb41
Add API endpoint documentation to generic
2015-09-21 16:13:29 -04:00
d526c8ce1c
Merge pull request #629 from hashicorp/token-create-sudo
...
TokenStore: Provide access based on sudo permissions and not policy name
2015-09-21 10:12:29 -04:00
1a01ab3608
Take ClientToken instead of Policies
2015-09-21 10:04:03 -04:00
ab7d35b95e
Fix up per-backend timing logic; also fix error in TypeDurationSecond in
...
GetOkErr.
2015-09-21 09:55:03 -04:00
59ba17c601
Add clarity to the lease concepts document.
2015-09-21 08:56:26 -04:00
5172965850
Merge pull request #630 from hashicorp/barrier-pathing
...
Bump AESGCM version; include path in the GCM tags.
2015-09-21 08:39:30 -04:00
455b6dafdc
Merge pull request #632 from hashicorp/sethvargo/faster_deploy
...
Use a faster middleman deploy
2015-09-20 14:36:40 -04:00
92e3c02f06
Use a faster middleman deploy
2015-09-20 14:09:35 -04:00
3b51ee1c48
Using core's logger
2015-09-19 19:01:36 -04:00
02485e7175
Abstraced SudoPrivilege to take list of policies
2015-09-19 18:23:44 -04:00
a2799b235e
Using acl.RootPrivilege and rewrote mockTokenStore
2015-09-19 17:53:24 -04:00
c5ddfbc391
Bump AESGCM version; include path in the GCM tags.
2015-09-19 17:04:37 -04:00
b6d47dd784
fix broken tests
2015-09-19 12:33:52 -04:00
68c268a6f0
Allow tuning of auth mounts, to set per-mount default/max lease times
2015-09-19 11:50:50 -04:00
bf8a1e2b71
Merge pull request #627 from hashicorp/enhance-audit-security
...
Enhance audit security with hmac-sha256 on secrets
2015-09-19 11:30:30 -04:00
c8a0eda224
Use hmac-sha256 for protecting secrets in audit entries
2015-09-19 11:29:31 -04:00
fb77ec3623
TokenStore: Provide access based on sudo permissions and not policy name
2015-09-19 11:14:51 -04:00
8d71601221
Changes to salt to clean up HMAC stuff.
2015-09-18 18:13:10 -04:00
5dde76fa1c
Expand HMAC support in Salt; require an identifier be passed in to specify type but allow generation with and without. Add a StaticSalt ID for testing functions. Fix bugs; unit tests pass.
2015-09-18 17:38:30 -04:00
b655f6b858
Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash.
2015-09-18 17:38:22 -04:00
d775445efe
Store token creation time and TTL. This can be used to properly populate
...
fields in 'lookup-self'. Importantly, this also makes credential
backends use the SystemView per-backend TTL values and fixes unit tests
to expect this.
Fully fixes #527
2015-09-18 16:39:35 -04:00
Jeff Mitchell