luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
2840 commits 1 branch 0 tags 214 MiB
Commit graph

2840 commits

This branch
This branch
All branches
Author SHA1 Message Date
vishalnayak bc4710eb06 Cert: renewal enhancements 2016-02-24 14:31:38 -05:00
Jack Pearkes d065425f44 website: fix hover state for annc banner 2016-02-24 11:18:10 -08:00
Jack Pearkes c3fd1f8853 Merge pull request #1119 from hashicorp/jt-enterprise-bnr 
Vault Enterprise Banner and Nav
 2016-02-24 11:03:09 -08:00
captainill a83db21a77 website: announcement banner for vault enterprise 2016-02-24 10:59:31 -08:00
vishalnayak f40a65be20 changelog++ 2016-02-24 11:04:19 -05:00
Vishal Nayak d92b8cff8e Merge pull request #1039 from hashicorp/vault-iss539-app-id 
Added renewal capability to app-id backend
 2016-02-24 10:59:58 -05:00
vishalnayak 053bbd97ea check CIDR block for renewal as well 2016-02-24 10:55:31 -05:00
vishalnayak 978075a1b4 Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Vishal Nayak 0f017568e5 Merge pull request #1123 from hashicorp/ssh-add-tls-skip-verify 
Use tls_skip_verify in vault-ssh-helper
 2016-02-23 22:06:46 -05:00
vishalnayak c42ade8982 Use tls_skip_verify in vault-ssh-helper 2016-02-23 17:32:49 -05:00
Jeff Mitchell f745148249 changelog++ 2016-02-23 13:24:57 -05:00
Jeff Mitchell 536c04a293 Merge pull request #1121 from mhurne/improve-error-on-sts-read-with-arn-policy 
Improve error message when client attempts to generate STS creds for managed policy
 2016-02-23 13:22:44 -05:00
Matt Hurne f4d8852259 Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation 2016-02-23 09:06:52 -05:00
Matt Hurne 11187112bc Improve error message returned when client attempts to generate STS credentials for a managed policy; addresses #1113 2016-02-23 08:58:28 -05:00
Vishal Nayak eb95205f99 Merge pull request #1118 from hashicorp/ssh-api-fix 
ssh-helper related API changes
 2016-02-23 00:20:20 -05:00
vishalnayak 00d01043fd ssh-helper api changes 2016-02-23 00:16:00 -05:00
Jeff Mitchell 434962c632 We treat put/post the same, so allow init to use POST 2016-02-22 20:22:31 -05:00
Jeff Mitchell 291352fd99 changelog++ 2016-02-22 19:52:48 -05:00
Jeff Mitchell 84d87b171b Merge pull request #1117 from hashicorp/add-time-to-responses 
Add the server's time in UTC to the health response.
 2016-02-22 19:52:03 -05:00
Jeff Mitchell 76923aa28a Add the server's time in UTC to the health response. 2016-02-22 19:51:18 -05:00
Jeff Mitchell f56e4a604d Merge pull request #1114 from hashicorp/dont-delete-certs 
Do not delete certs (or revocation information)
 2016-02-22 16:11:13 -05:00
Jeff Mitchell 4514192145 Address review feedback 2016-02-22 16:11:01 -05:00
Jeff Mitchell 9a1ddf6d5f changelog++ 2016-02-22 13:40:27 -05:00
Jeff Mitchell f43ab6a25d Remove extra debugging from PKI tests 2016-02-22 13:39:05 -05:00
Jeff Mitchell f27eab1d28 Do not delete certs (or revocation information) to avoid potential 
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
 2016-02-22 13:36:17 -05:00
Jeff Mitchell 51ced69bf8 Fix issue where leftover values after cn tests could trigger errors in ipsan tests 2016-02-22 13:35:57 -05:00
vishalnayak e2e15376dd changelog++ 2016-02-22 11:41:13 -05:00
Vishal Nayak 949f8a6b69 Merge pull request #1112 from hashicorp/1089-postgres-connection-url 
postgres: connection_url fix
 2016-02-22 11:36:04 -05:00
Jeff Mitchell 4c327ca4cc More improvements to PKI tests; allow setting a specific seed, output 
the seed to the console, and split generated steps to make it
understandable which seed is for which set of steps.
 2016-02-22 11:22:52 -05:00
vishalnayak c9899a5300 postgres: connection_url fix 2016-02-22 11:22:49 -05:00
Vishal Nayak 879db1766a Merge pull request #1108 from vanhalt/fixing_write_help 
When writing from a file it must be a JSON file
 2016-02-22 11:01:21 -05:00
Jeff Mitchell 8d4c6f4c98 Use more fuzziness in PKI backend tests 2016-02-22 10:59:37 -05:00
vanhalt a387725e96 help sentence improved 2016-02-22 09:38:30 -06:00
Jeff Mitchell 392a26e9cd Better handle errors from fetchCertBySerial 2016-02-22 10:36:26 -05:00
vanhalt 31862dc5c2 When writing from a file it must be a JSON file 
Making clear from write help text that when writing secrets
using @file, the file must be a JSON file.
 2016-02-21 19:02:09 -06:00
Jeff Mitchell 0451adc28f Merge pull request #1107 from vanhalt/fixing_auth-enable_help 
Fixing auth-enable help text
 2016-02-21 16:14:29 -05:00
vanhalt d0489e16c1 Fixing auth-enable help text 
auth-enable command help in the "Auth Enable Options" is suggesting
the usage of a non-existing command called 'auth-list' instead of
the correct one "auth -methods"
 2016-02-21 14:54:50 -06:00
Jeff Mitchell fc3d828c9d changelog++ 2016-02-21 15:35:43 -05:00
Jeff Mitchell f30ea2dc0a Merge pull request #1106 from hashicorp/issue-468 
Remove root requirement for certs/ and crls/ in TLS auth backend.
 2016-02-21 15:34:26 -05:00
Jeff Mitchell fab2d8687a Remove root requirement for certs/ and crls/ in TLS auth backend. 
Fixes #468
 2016-02-21 15:33:33 -05:00
Jeff Mitchell 7165be0cf3 changelog++ 2016-02-19 21:43:37 -05:00
Jeff Mitchell 2bff5716bf changelog++ 2016-02-19 21:42:50 -05:00
Jeff Mitchell 5d5c6527dc Merge pull request #1104 from hashicorp/check-role-keybits 
Check role key type and bits when signing CSR.
 2016-02-19 21:41:27 -05:00
Jeff Mitchell 58432c5d57 Add tests for minimum key size checking. (This will also verify that the 
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
 2016-02-19 21:39:40 -05:00
Jeff Mitchell c57b646848 Check role key type and bits when signing CSR. 
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
 2016-02-19 20:50:49 -05:00
vishalnayak 6a14786660 changelog++ 2016-02-19 18:34:23 -05:00
vishalnayak c4abe72075 Cap the length midString in IAM user's username to 42 2016-02-19 18:31:10 -05:00
Vishal Nayak 773de69796 Merge pull request #1102 from hashicorp/shorten-aws-usernames 
Set limits on generated IAM user and STS token names.
 2016-02-19 18:25:29 -05:00
vishalnayak a43bd9131b changelog++ 2016-02-19 16:52:19 -05:00
Jeff Mitchell 574542b683 Some minor changes in mysql commenting and names 2016-02-19 16:44:52 -05:00