Commit graph

23 commits

Author SHA1 Message Date
Jeff Mitchell b6b62f7dc1 Drastically simplify the method and logic; keep an in-memory cache and use that for most operations, only affecting the backend storage when needed. 2015-11-03 10:52:20 -05:00
Jeff Mitchell c66f0918be Add delete method, and ability to delete only one serial as well as an entire set. 2015-11-03 10:52:20 -05:00
Jeff Mitchell be1a2266cc Add CRLSets endpoints; write method is done. Add verification logic to
login path. Change certs "ttl" field to be a string to match common
backend behavior.
2015-11-03 10:52:19 -05:00
Jeff Mitchell 9c5dcac90c Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527 2015-09-18 14:01:28 -04:00
Jeff Mitchell 959a727acd Don't re-use tls configuration, to fix a possible race issue during test 2015-09-03 13:04:32 -04:00
Jeff Mitchell 5695d57ba0 Merge pull request #561 from hashicorp/fix-wild-cards
Allow hyphens in endpoint patterns of most backends
2015-08-21 11:40:42 -07:00
vishalnayak 6c2927ede0 Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell 93ef9a54bd Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Jeff Mitchell 133380915a Disallow non-client X509 key usages for client TLS cert authentication. 2015-08-20 15:50:47 -07:00
Michael S. Fischer 21ab4d526c Provide working example of TLS certificate authentication
Fixes #474
2015-08-07 15:15:53 -07:00
Armon Dadgar 4b27e4d8c5 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar 5d69e7da90 Updating for backend API change 2015-06-30 17:36:12 -07:00
Karl Gutwin 0062d923cc Better error messages. 2015-06-30 08:59:38 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
Armon Dadgar 45d3c512fb builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Christian Svensson e3d3012795 Record the common name in TLS metadata
It is useful to be able to save the client cert's Common Name for auditing purposes when using a central CA.

This adds a "common_name" value to the Metadata structure passed from login.
2015-06-14 23:18:21 +01:00
Armon Dadgar cc966d6b52 auth/cert: Guard against empty certs. Fixes #214 2015-05-18 16:11:09 -07:00
Armon Dadgar 9087471bad credential/cert: support leasing and renewal 2015-04-24 12:58:39 -07:00
Armon Dadgar 3a9e20748b credential/cert: default display name 2015-04-24 10:52:17 -07:00
Armon Dadgar 7b4ceeb7e6 credential/cert: more validation on cert setup 2015-04-24 10:39:44 -07:00
Armon Dadgar d57c8ea0f0 credential/cert: return logical error if invalid 2015-04-24 10:36:25 -07:00
Armon Dadgar ae272b83ce credential/cert: major refactor 2015-04-24 10:31:57 -07:00
Armon Dadgar 28b18422b7 credential/cert: First pass at public key credential backend 2015-04-23 21:46:21 -07:00