Jeff Mitchell
b6b62f7dc1
Drastically simplify the method and logic; keep an in-memory cache and use that for most operations, only affecting the backend storage when needed.
2015-11-03 10:52:20 -05:00
Jeff Mitchell
c66f0918be
Add delete method, and ability to delete only one serial as well as an entire set.
2015-11-03 10:52:20 -05:00
Jeff Mitchell
be1a2266cc
Add CRLSets endpoints; write method is done. Add verification logic to
...
login path. Change certs "ttl" field to be a string to match common
backend behavior.
2015-11-03 10:52:19 -05:00
Jeff Mitchell
9c5dcac90c
Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527
2015-09-18 14:01:28 -04:00
Jeff Mitchell
959a727acd
Don't re-use tls configuration, to fix a possible race issue during test
2015-09-03 13:04:32 -04:00
Jeff Mitchell
5695d57ba0
Merge pull request #561 from hashicorp/fix-wild-cards
...
Allow hyphens in endpoint patterns of most backends
2015-08-21 11:40:42 -07:00
vishalnayak
6c2927ede0
Vault: Fix wild card paths for all backends
2015-08-21 00:56:13 -07:00
Jeff Mitchell
93ef9a54bd
Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod
2015-08-20 18:00:51 -07:00
Jeff Mitchell
133380915a
Disallow non-client X509 key usages for client TLS cert authentication.
2015-08-20 15:50:47 -07:00
Michael S. Fischer
21ab4d526c
Provide working example of TLS certificate authentication
...
Fixes #474
2015-08-07 15:15:53 -07:00
Armon Dadgar
4b27e4d8c5
Remove SetLogger, and unify on framework.Setup
2015-06-30 17:45:20 -07:00
Armon Dadgar
5d69e7da90
Updating for backend API change
2015-06-30 17:36:12 -07:00
Karl Gutwin
0062d923cc
Better error messages.
2015-06-30 08:59:38 -04:00
Karl Gutwin
dafcc5b2ce
enable CLI cert login
2015-06-29 23:29:41 -04:00
Armon Dadgar
45d3c512fb
builtin: fixing API change in logical framework
2015-06-17 14:34:11 -07:00
Christian Svensson
e3d3012795
Record the common name in TLS metadata
...
It is useful to be able to save the client cert's Common Name for auditing purposes when using a central CA.
This adds a "common_name" value to the Metadata structure passed from login.
2015-06-14 23:18:21 +01:00
Armon Dadgar
cc966d6b52
auth/cert: Guard against empty certs. Fixes #214
2015-05-18 16:11:09 -07:00
Armon Dadgar
9087471bad
credential/cert: support leasing and renewal
2015-04-24 12:58:39 -07:00
Armon Dadgar
3a9e20748b
credential/cert: default display name
2015-04-24 10:52:17 -07:00
Armon Dadgar
7b4ceeb7e6
credential/cert: more validation on cert setup
2015-04-24 10:39:44 -07:00
Armon Dadgar
d57c8ea0f0
credential/cert: return logical error if invalid
2015-04-24 10:36:25 -07:00
Armon Dadgar
ae272b83ce
credential/cert: major refactor
2015-04-24 10:31:57 -07:00
Armon Dadgar
28b18422b7
credential/cert: First pass at public key credential backend
2015-04-23 21:46:21 -07:00