c8a0eda224
Use hmac-sha256 for protecting secrets in audit entries
2015-09-19 11:29:31 -04:00
5dde76fa1c
Expand HMAC support in Salt; require an identifier be passed in to specify type but allow generation with and without. Add a StaticSalt ID for testing functions. Fix bugs; unit tests pass.
2015-09-18 17:38:30 -04:00
b655f6b858
Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash.
2015-09-18 17:38:22 -04:00
d775445efe
Store token creation time and TTL. This can be used to properly populate
...
fields in 'lookup-self'. Importantly, this also makes credential
backends use the SystemView per-backend TTL values and fixes unit tests
to expect this.
Fully fixes #527
2015-09-18 16:39:35 -04:00
8f79e8be82
Add revoke-self endpoint.
...
Fixes #620 .
2015-09-17 13:22:30 -04:00
047ba90a44
Restrict orphan revocation to root tokens
2015-09-16 09:22:15 -04:00
e7d5a18e94
Directly pass the cubbyhole backend to the token store and bypass logic in router
2015-09-15 13:50:37 -04:00
849b78daee
Move more cubby logic outside of router into auth setup
2015-09-15 13:50:37 -04:00
bdb8cf128d
Cleanup; remove everything but double-salting from the router and give
...
the token store cubby backend information for direct calling.
2015-09-15 13:50:37 -04:00
b50f7ec1b5
Remove noop checks in unmount/remount and restore previous behavior
2015-09-15 13:50:37 -04:00
77e7379ab5
Implement the cubbyhole backend
...
In order to implement this efficiently, I have introduced the concept of
"singleton" backends -- currently, 'sys' and 'cubbyhole'. There isn't
much reason to allow sys to be mounted at multiple places, and there
isn't much reason you'd need multiple per-token storage areas. By
restricting it to just one, I can store that particular mount instead of
iterating through them in order to call the appropriate revoke function.
Additionally, because revocation on the backend needs to be triggered by
the token store, the token store's salt is kept in the router and
client tokens going to the cubbyhole backend are double-salted by the
router. This allows the token store to drive when revocation happens
using its salted tokens.
2015-09-15 13:50:37 -04:00
104b29ab04
Rename View to StorageView to make it more distinct from SystemView
2015-09-15 13:50:37 -04:00
699e12a1c6
When there is one use left and a Secret is being returned, instead
...
return a descriptive error indicating that the Secret cannot be returned
because when the token was revoked the secret was too. This prevents
confusion where credentials come back but cannot be used.
Fixes #615
2015-09-14 11:07:27 -04:00
142cb563a6
Improve documentation of token renewal
2015-09-11 21:08:32 -04:00
d3aec0ba31
Cleanup routines should now use routeEntry instead of mountEntry.
2015-09-11 13:40:31 +03:00
fb07cf9f53
Implement clean up routine to backend as some backends may require
...
e.g closing database connections on unmount to avoud connection
stacking.
2015-09-11 11:45:58 +03:00
39cfcccdac
Remove error returns from sysview TTL calls
2015-09-10 15:09:54 -04:00
65ceb3439d
Be consistent as both are the same pointer here
2015-09-10 15:09:54 -04:00
5de736e69c
Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views
2015-09-10 15:09:54 -04:00
ace611d56d
Address items from feedback. Make MountConfig use values rather than
...
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
c460ff10ca
Push a lot of logic into Router to make a bunch of it nicer and enable a
...
lot of cleanup. Plumb config and calls to framework.Backend.Setup() into
logical_system and elsewhere, including tests.
2015-09-10 15:09:54 -04:00
eff1c331ad
Add more unit tests against backend TTLs, and fix two bugs found by them
...
(yay unit tests!)
2015-09-10 15:09:54 -04:00
86ccae7bd5
Fix mount config test by proxying mounts/ in addition to mounts
2015-09-10 15:09:54 -04:00
775dfe38a2
A couple bug fixes + most unit tests
2015-09-10 15:09:54 -04:00
488d33c70a
Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation
2015-09-10 15:09:54 -04:00
4239f9d243
Add DynamicSystemView. This uses a pointer to a pointer to always have
...
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.
Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
d435048d9e
Switch StaticSystemView values to pointers, to support updating
2015-09-10 15:09:54 -04:00
696d0c7b1d
Plumb per-mount config options through API
2015-09-10 15:09:53 -04:00
893d2d9b00
Minor cleanup of MountConfig
2015-09-10 15:09:53 -04:00
17c60d3e78
Add logic to core to fetch a SystemView for a given mount entry and use those values for default/max TTL. The SystemView will reflect system defaults if not set for that mount.
2015-09-10 15:09:53 -04:00
98d0d23d70
Ensure token store is available when looking up token
2015-09-01 08:21:47 -04:00
b74fa8c888
Make DefaultSystemView StaticSystemView with statically-configured information. Export this from Framework to make it easy to override for testing.
2015-08-27 11:25:07 -07:00
7c2bbe4c7f
Use a SystemView interface and turn SystemConfig into DefaultSystemView
2015-08-27 10:36:44 -07:00
e58553e7d5
Plumb the system configuration information up into framework
2015-08-27 09:41:03 -07:00
992e357d07
Add some plumbing to allow specified system configuration information to
...
be retrieved by logical backends. First implemented is default/max TTL.
2015-08-27 08:51:35 -07:00
3f45f3f41b
Rename config lease_duration parameters to lease_ttl in line with current standardization efforts
2015-08-27 07:50:24 -07:00
cc232e6f79
Address comments from review.
2015-08-25 15:33:58 -07:00
c887df93cc
Add support for pgp-keys argument to rekey, as well as tests, plus
...
refactor common bits out of init.
2015-08-25 14:52:13 -07:00
f57e7892e7
Don't store the given public keys in the seal config
2015-08-25 14:52:13 -07:00
2f3e245b0b
Add support for "pgp-tokens" parameters to init.
...
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
2015-08-25 14:52:13 -07:00
ea9fbb90bc
Rejig Lease terminology internally; also, put a few JSON names back to their original values
2015-08-20 22:27:01 -07:00
93ef9a54bd
Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod
2015-08-20 18:00:51 -07:00
0fa783f850
Update help text for TTL values in generic backend
2015-08-20 17:59:30 -07:00
b57ce8e5c2
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4.
...
Fixes #528 .
2015-08-20 16:41:25 -07:00
15f57082e0
Begin factoring out sys paths into logical routes. Also, standardize on 307 as redirect code.
2015-08-20 13:20:35 -07:00
46d06144a8
Merge pull request #552 from hashicorp/fix-uselimit-decrement
...
Fix #461 properly by defering potential revocation of a token until a…
2015-08-20 10:39:24 -07:00
db79dd8c22
Don't defer revocation when sealing, and clear out response/auth if there is a token use error
2015-08-20 10:37:42 -07:00
0e8e3660ff
Fix #461 properly by defering potential revocation of a token until after the request is fully handled.
2015-08-20 10:14:13 -07:00
1f5062a6e1
Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
2015-08-19 12:16:37 -07:00
fe8c1c514d
Add -no-verify option to CLI auth command, to avoid decrementing the token use count during auth.
2015-08-18 19:22:17 -07:00
Jeff Mitchell