vishalnayak
|
dc4f97b61b
|
Vault SSH: Zeroaddress roles and CIDR overlap check
|
2015-08-29 15:24:15 -04:00 |
Jeff Mitchell
|
5fa76b5640
|
Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572.
|
2015-08-28 06:28:43 -07:00 |
Vishal Nayak
|
d4609dea28
|
Merge pull request #578 from hashicorp/exclude-cidr-list
Vault SSH: Added exclude_cidr_list option to role
|
2015-08-28 07:59:46 -04:00 |
vishalnayak
|
b12a2f0013
|
Vault SSH: Added exclude_cidr_list option to role
|
2015-08-27 23:19:55 -04:00 |
Jeff Mitchell
|
a4fc4a8e90
|
Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470.
|
2015-08-27 12:24:37 -07:00 |
Jeff Mitchell
|
eed9b6da7f
|
Merge pull request #576 from hashicorp/system-config-to-logical
Plumb system config to logical
|
2015-08-27 15:15:12 -04:00 |
Jeff Mitchell
|
9e5e8a8a4d
|
Whitespace fix
|
2015-08-27 12:14:51 -07:00 |
Jeff Mitchell
|
cdabe6350e
|
SystemConfig -> SystemView
|
2015-08-27 11:38:05 -07:00 |
Jeff Mitchell
|
b74fa8c888
|
Make DefaultSystemView StaticSystemView with statically-configured information. Export this from Framework to make it easy to override for testing.
|
2015-08-27 11:25:07 -07:00 |
Jeff Mitchell
|
7c2bbe4c7f
|
Use a SystemView interface and turn SystemConfig into DefaultSystemView
|
2015-08-27 10:36:44 -07:00 |
Vishal Nayak
|
47a6ec0b1f
|
Merge pull request #577 from hashicorp/default-cidr
Vault SSH: Default CIDR for roles
|
2015-08-27 13:17:58 -04:00 |
vishalnayak
|
fbff20d9ab
|
Vault SSH: Docs for default CIDR value
|
2015-08-27 13:10:15 -04:00 |
vishalnayak
|
5063a0608b
|
Vault SSH: Default CIDR for roles
|
2015-08-27 13:04:15 -04:00 |
Jeff Mitchell
|
e58553e7d5
|
Plumb the system configuration information up into framework
|
2015-08-27 09:41:03 -07:00 |
Jeff Mitchell
|
2e07106c4b
|
Add some documentation to SystemConfig
|
2015-08-27 09:14:03 -07:00 |
Jeff Mitchell
|
992e357d07
|
Add some plumbing to allow specified system configuration information to
be retrieved by logical backends. First implemented is default/max TTL.
|
2015-08-27 08:51:35 -07:00 |
Vishal Nayak
|
2cdee69501
|
Merge pull request #575 from hashicorp/fix-option-specs
Key option specifications as optional parameter to Dynamic key type
|
2015-08-27 11:48:42 -04:00 |
vishalnayak
|
702a869010
|
Vault SSH: Provide key option specifications for dynamic keys
|
2015-08-27 11:41:29 -04:00 |
Jeff Mitchell
|
3f45f3f41b
|
Rename config lease_duration parameters to lease_ttl in line with current standardization efforts
|
2015-08-27 07:50:24 -07:00 |
vishalnayak
|
d5a3ff1c49
|
Merge branch 'master' of https://github.com/hashicorp/vault
|
2015-08-27 08:47:56 -04:00 |
vishalnayak
|
5b08e01bb1
|
Vault SSH: Create .ssh directory if not present. Closes #573
|
2015-08-27 08:45:34 -04:00 |
Jeff Mitchell
|
d6f64ab368
|
Merge pull request #574 from msample/master
corrected two typos
|
2015-08-27 08:08:58 -04:00 |
Mike Sample
|
e847fbd596
|
corrected two typos
|
2015-08-27 00:05:19 -07:00 |
Jeff Mitchell
|
6bc86cfee1
|
Use logical passthrough for renew API calls
|
2015-08-26 13:22:16 -07:00 |
Jeff Mitchell
|
ec57e983f7
|
Don't allow duplicate x parts in Shamir. Add unit test for verification.
|
2015-08-26 10:03:44 -07:00 |
Jeff Mitchell
|
9db8a5c744
|
Merge pull request #567 from hobbeswalsh/master
Spaces in displayName break AWS IAM
|
2015-08-26 12:37:52 -04:00 |
Robin Walsh
|
34b84367b5
|
Adding one more test (for no-op case)
|
2015-08-26 09:26:20 -07:00 |
Robin Walsh
|
4b7c2cc114
|
Adding unit test for normalizeDisplayName()
|
2015-08-26 09:23:33 -07:00 |
Jeff Mitchell
|
2098446d47
|
Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550.
|
2015-08-26 09:13:10 -07:00 |
Jeff Mitchell
|
2d8bfff02b
|
Explicitly check for blank leases in AWS, and give a better error message if lease_max cannot be parsed. Fixes #569.
|
2015-08-26 09:04:47 -07:00 |
Jeff Mitchell
|
8669a87fdd
|
When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes.
|
2015-08-26 07:59:50 -07:00 |
Jeff Mitchell
|
17cbd9e1ca
|
If JSON decoding fails, make it clear that the problem is failing to
parse the JSON, rather than returning the possibly confusing error from
the JSON decoder.
Fixes #553.
|
2015-08-26 07:03:33 -07:00 |
Jeff Mitchell
|
b940d214bd
|
Merge pull request #568 from ctennis/add_some_s3_info
Make it clear for physical S3 backend we support instance profiles as well.
|
2015-08-26 09:03:38 -04:00 |
Jeff Mitchell
|
003029938d
|
Merge pull request #570 from hashicorp/pgp-init-keys
PGP keys at init/rekey time
|
2015-08-25 19:41:21 -04:00 |
Jeff Mitchell
|
ea08678189
|
Update godeps
|
2015-08-25 16:24:25 -07:00 |
Jeff Mitchell
|
cc232e6f79
|
Address comments from review.
|
2015-08-25 15:33:58 -07:00 |
Jeff Mitchell
|
0b580d0521
|
Update website documentation for init and rekey with secret_pgp_keys API option
|
2015-08-25 14:52:13 -07:00 |
Jeff Mitchell
|
c887df93cc
|
Add support for pgp-keys argument to rekey, as well as tests, plus
refactor common bits out of init.
|
2015-08-25 14:52:13 -07:00 |
Jeff Mitchell
|
f57e7892e7
|
Don't store the given public keys in the seal config
|
2015-08-25 14:52:13 -07:00 |
Jeff Mitchell
|
a7316f2e24
|
Handle people specifying PGP key files with @ in front
|
2015-08-25 14:52:13 -07:00 |
Jeff Mitchell
|
2f3e245b0b
|
Add support for "pgp-tokens" parameters to init.
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
|
2015-08-25 14:52:13 -07:00 |
Caleb Tennis
|
6c30f9a0f9
|
Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required
|
2015-08-25 06:47:07 -07:00 |
Robin Walsh
|
8530f14fee
|
s/string replacement/regexp replacement
|
2015-08-24 17:00:54 -07:00 |
Robin Walsh
|
69f5abdc91
|
spaces in displayName break AWS IAM
|
2015-08-24 16:12:45 -07:00 |
Vishal Nayak
|
07b4091cae
|
Merge pull request #566 from hashicorp/fix-install-script
Cleanup of public key install script
|
2015-08-24 15:06:28 -04:00 |
vishalnayak
|
c35d78b3cb
|
Vault SSH: Documentation update
|
2015-08-24 14:18:37 -04:00 |
vishalnayak
|
e6987beb61
|
Vault SSH: Replace args with named vars
|
2015-08-24 14:07:07 -04:00 |
vishalnayak
|
eb91a3451b
|
Merging with master
|
2015-08-24 13:55:20 -04:00 |
vishalnayak
|
44c07cff5b
|
Vault SSH: Cleanup of aux files in install script
|
2015-08-24 13:50:46 -04:00 |
Jeff Mitchell
|
025ec5057e
|
Merge pull request #564 from hashicorp/remove-cookie-auth
Remove cookie authentication
|
2015-08-21 19:55:00 -07:00 |