lemondrank
255212af23
Non-recursive DFS token tree revoke ( #2478 )
2017-12-11 16:51:37 -05:00
Jeff Mitchell
8f159b12b1
allowed/disallowed_policies as TypeCommaStringSlice ( #3641 )
...
Our docs apparently claim that this is a list, but the code is
string-only. This fixes that discrepancy.
2017-12-04 12:47:05 -05:00
Jeff Mitchell
2b78bc2a9b
Port over bits ( #3575 )
2017-11-13 15:31:32 -05:00
Jeff Mitchell
119607dcb7
Seal wrap all root tokens and their leases ( #3540 )
2017-11-06 13:10:36 -05:00
Jeff Mitchell
47dae8ffc7
Sync
2017-10-23 14:59:37 -04:00
Vishal Nayak
f7ed6732a5
Porting identity store ( #3419 )
...
* porting identity to OSS
* changes that glue things together
* add testing bits
* wrapped entity id
* fix mount error
* some more changes to core
* fix storagepacker tests
* fix some more tests
* fix mount tests
* fix http mount tests
* audit changes for identity
* remove upgrade structs on the oss side
* added go-memdb to vendor
2017-10-11 10:21:20 -07:00
Jeff Mitchell
675cbe1bcd
Handle expiration manager being nil
2017-09-05 12:01:02 -04:00
Chris Hoffman
71952b7738
ExpirationManager restoration to load in the background ( #3260 )
2017-09-05 11:09:00 -04:00
Lars Lehtonen
b851d88d68
fix swallowed error in vault package. ( #2993 )
2017-07-26 12:15:54 -04:00
Brian Kassouf
b04e0a7a2a
Dynamically load and invalidate the token store salt ( #3021 )
...
* Dynaically load and invalidate the token store salt
* Pass salt function into the router
2017-07-18 09:02:03 -07:00
Jeff Mitchell
a71cb52f1b
Don't allow overriding token ID with the same token ID ( #2917 )
...
Fixes #2916
2017-06-24 01:52:48 +01:00
Jeff Mitchell
858deb9ca4
Don't allow parent references in file paths
2017-05-12 13:52:33 -04:00
Jeff Mitchell
d25aa9fc21
Don't write salts in initialization, look up on demand ( #2702 )
2017-05-09 17:51:09 -04:00
vishalnayak
fa201f2505
auth/token/tidy log level update
2017-05-05 11:16:13 -04:00
Jeff Mitchell
b482043de1
Update debugging around tidy
2017-05-05 10:48:12 -04:00
Jeff Mitchell
f8295a301d
Merge branch 'master-oss' into sys-tidy-leases
2017-05-04 09:37:52 -04:00
Chris Hoffman
3d9cf89ad6
Add the ability to view and list of leases metadata ( #2650 )
2017-05-03 22:03:42 -04:00
Jeff Mitchell
7f3891c734
Fix substitution of index/child in delete call
2017-05-03 15:09:13 -04:00
Jeff Mitchell
99884a8f13
Merge remote-tracking branch 'oss/master' into sys-tidy-leases
2017-05-03 15:02:42 -04:00
Jeff Mitchell
bb6b5f7aa6
Add taint flag for looking up by accessor
2017-05-03 13:08:50 -04:00
vishalnayak
a1a0c2950f
logging updates
2017-05-03 12:58:10 -04:00
vishalnayak
6aa7f9b7c9
Added logs when deletion fails so we can rely on server logs
2017-05-03 12:47:05 -04:00
vishalnayak
bc5d5b7319
consistent logging
2017-05-03 12:45:22 -04:00
Jeff Mitchell
596ad2c8f7
Adhere to tainted status in salted accessor lookup
2017-05-03 12:36:10 -04:00
Jeff Mitchell
0553f7a8d1
change some logging output
2017-05-03 12:14:58 -04:00
Jeff Mitchell
c9bd54ad65
Less scary debugging
2017-05-03 11:15:59 -04:00
vishalnayak
dd898ed2e1
Added summary logs to help better understand the consequence
2017-05-03 10:54:07 -04:00
Ben Gadbois
537342f038
Fixing printf (and similar) issues ( #2666 )
2017-05-01 23:34:10 -04:00
vishalnayak
72d05cd8dd
Refactor locking code in lease tidy; add ending debug statements
2017-04-27 16:22:19 -04:00
vishalnayak
d8e91ef616
refactor lock handling in token tidy function
2017-04-27 13:48:29 -04:00
vishalnayak
f9c1426ac8
Use an atomic lock for tidy operation in token store
2017-04-27 11:41:33 -04:00
vishalnayak
749ec4fab1
Some more logging updates
2017-04-27 11:20:55 -04:00
vishalnayak
d256248095
Fix logging suggestions; put the policyStore nil check back in
2017-04-27 10:56:19 -04:00
vishalnayak
3fd019574d
Fix logging levels
2017-04-26 17:29:04 -04:00
vishalnayak
7c3e20e9c5
Fix the log statements
2017-04-26 17:17:19 -04:00
vishalnayak
9025ef16e4
Added logger to token store and logs to tidy function
2017-04-26 16:11:23 -04:00
vishalnayak
5909d81b7b
Merge branch 'oss' into clean-stale-leases
2017-04-26 15:07:27 -04:00
Jeff Mitchell
4a4c981fb2
Update error message to distinguish tree revocation issue from non-tree
2017-04-26 14:06:45 -04:00
Jeff Mitchell
3ba162fea1
List should use a trailing slash
2017-04-21 15:37:43 -04:00
Chris Hoffman
847c86f788
Rename ParseDedupAndSortStrings to ParseDedupLowercaseAndSortStrings ( #2614 )
2017-04-19 10:39:07 -04:00
Jeff Mitchell
709389dd36
Use ParseStringSlice on PKI organization/organizational unit. ( #2561 )
...
After, separately dedup and use new flag to not lowercase value.
Fixes #2555
2017-04-04 08:54:18 -07:00
Vishal Nayak
5a6193a56e
Audit: Add token's use count to audit response ( #2437 )
...
* audit: Added token_num_uses to audit response
* Fixed jsonx tests
* Revert logical auth to NumUses instead of TokenNumUses
* s/TokenNumUses/NumUses
* Audit: Add num uses to audit requests as well
* Added RemainingUses to distinguish NumUses in audit requests
2017-03-08 17:36:50 -05:00
vishalnayak
f54ff0f842
Add locking where possible while doing auth/token/tidy
2017-03-07 16:06:05 -05:00
Jeff Mitchell
3d162b63cc
Use locks in a slice rather than a map, which is faster and makes things cleaner ( #2446 )
2017-03-07 11:21:32 -05:00
Jeff Mitchell
5119b173c4
Rename helper 'duration' to 'parseutil'. ( #2449 )
...
Add a ParseBool function that accepts various kinds of ways of
specifying booleans.
Have config use ParseBool for UI and disabling mlock/cache.
2017-03-07 11:21:22 -05:00
Jeff Mitchell
f37b6492d1
More rep porting ( #2391 )
...
* More rep porting
* Add a bit more porting
2017-02-16 23:09:39 -05:00
Jeff Mitchell
20c65b8300
Fix regression in 0.6.4 where token store roles could not properly wo… ( #2286 )
2017-01-18 16:11:25 -05:00
vishalnayak
c9bd2a37f8
Don't sanitize disallowed_policies on token role
2017-01-17 21:34:14 -05:00
Vishal Nayak
ba026aeaa1
TokenStore: Added tidy endpoint ( #2192 )
2016-12-16 15:29:27 -05:00
Jeff Mitchell
f6044764c0
Fix revocation of leases when num_uses goes to 0 ( #2190 )
2016-12-16 13:11:55 -05:00