Mitchell Hashimoto
742923452b
http: generic read/write endpoint for secrets
2015-03-15 19:35:04 -07:00
captainill
fb6e1c578e
update tagline margin
2015-03-15 19:17:16 -07:00
captainill
4727a91fd1
update logo-lockup and add css dots
2015-03-15 19:16:00 -07:00
Armon Dadgar
ca358f64dd
vault: Merge conflict
2015-03-15 18:06:19 -07:00
Armon Dadgar
b96ac9f95f
vault: Assign renew time
2015-03-15 18:05:31 -07:00
Mitchell Hashimoto
9f0d59d03f
vault: system using the framework
2015-03-15 17:35:59 -07:00
Mitchell Hashimoto
ab722a5ec2
fix all tests
2015-03-15 17:10:33 -07:00
Mitchell Hashimoto
edd13a5d24
vault: passthrough backend uses logical/framework
2015-03-15 17:07:54 -07:00
Mitchell Hashimoto
5fbe17e8df
logical/testing: acceptance testttttttt
2015-03-15 16:52:19 -07:00
Mitchell Hashimoto
11f8423b4f
logical/framework, logical/testing
2015-03-15 16:39:49 -07:00
Mitchell Hashimoto
d4f54be927
vault: can pass in the backends
2015-03-15 16:25:38 -07:00
Mitchell Hashimoto
a0232eedd7
helper/backend: use logical package
2015-03-15 14:57:19 -07:00
Mitchell Hashimoto
ece0be434e
vault: rename SystemBackend2 to SystemBackend
2015-03-15 14:54:49 -07:00
Mitchell Hashimoto
d1d1929192
vault: convert to logical.Request and friends
2015-03-15 14:53:41 -07:00
Mitchell Hashimoto
5ffcd02b7a
vault: convert system to logical.Backend
2015-03-15 14:42:05 -07:00
Mitchell Hashimoto
c3ae1b59a1
vault: Passthrough backend uses logical.Backend
2015-03-15 14:27:06 -07:00
Mitchell Hashimoto
c7e901ce45
vault: incremental change to get closer to logical structs
2015-03-15 14:27:06 -07:00
Mitchell Hashimoto
63a9eb321a
logical: put structs here, vault uses them
2015-03-15 14:27:06 -07:00
JT
1837991454
update hero
2015-03-15 14:16:58 -07:00
Mitchell Hashimoto
92910d18d1
vault: make mount functions private again, going to try something else
2015-03-14 18:31:31 -07:00
Mitchell Hashimoto
9d84e7bacc
vault: don't copy the key so it can be zeroed, document, add helper
2015-03-14 18:25:55 -07:00
captainill
29adca9afa
Merge branch 'master' of github.com:hashicorp/vault
2015-03-14 18:17:18 -07:00
captainill
77bbbb18f3
docs sidebar new animation/cleanup
2015-03-14 18:16:58 -07:00
Mitchell Hashimoto
866b91d858
vault: public TestCoreUnsealed, don't modify key in Unseal
...
/cc @armon - I do a key copy within Unseal now. It tripped me up for
quite awhile that that method actually modifies the param in-place and I
can't think of any scenario that is good for the user. Do you see any
issues here?
2015-03-14 17:47:11 -07:00
captainill
c2bcd6092f
fix js
2015-03-14 17:37:22 -07:00
Mitchell Hashimoto
b2af154fb4
vault: make Mount related core functions public
...
/cc @armon - So I know the conversation we had related to this about
auth, but I think we still need to export these and do auth only at the
external API layer. If you're writing to the internal API, then all bets
are off.
The reason is simply that if you have access to the code, you can
already work around it anyways (you can disable auth or w/e), so a
compromised Vault source/binary is already a failure, and that is the
only thing that our previous unexported methods were protecting against.
If you write an external tool to access a Vault, it still needs to be
unsealed so _that_ is the primary security mechanism from an API
perspective. Once it is unsealed then the core API has full access to
the Vault, and identity/auth is only done at the external API layer, not
at the internal API layer.
The benefits of this approach is that it lets us still treat the "sys"
mount specially but at least have sys adopt helper/backend and use that
machinery and it can still be the only backend which actually has a
reference to *vault.Core to do core things (a key difference). So, an
AWS backend still will never be able to muck with things it can't, but
we're explicitly giving Sys (via struct initialization in Go itself)
a reference to *vault.Core.
2015-03-14 17:26:59 -07:00
Mitchell Hashimoto
857e00bcdc
helper/backend: start acceptance test framework
2015-03-14 17:18:19 -07:00
Mitchell Hashimoto
accd8c29ca
helper/backend: auto-generate help route
2015-03-14 10:12:50 -07:00
Mitchell Hashimoto
e8e55ef8b1
helper/backend: one callback per operation
2015-03-14 00:19:25 -07:00
Mitchell Hashimoto
7f87d9ea6f
helper/backend: HandleRequest works
2015-03-13 23:58:20 -07:00
Mitchell Hashimoto
d17c3d87d3
helper/backend: store captures for a path
2015-03-13 23:48:49 -07:00
Mitchell Hashimoto
c4e35ffb7d
helper/backend: cache route regexps (98% speedup)
...
benchmark old ns/op new ns/op delta
BenchmarkBackendRoute 49144 589 -98.80%
2015-03-13 23:25:17 -07:00
Mitchell Hashimoto
e5871abf77
helper/backend: benchmark route
2015-03-13 23:22:48 -07:00
Mitchell Hashimoto
0751c5db12
helper/backend: basic path routing (naive)
2015-03-13 23:17:25 -07:00
Mitchell Hashimoto
a68eb1a994
helper/backend: add default values
2015-03-13 21:15:20 -07:00
Mitchell Hashimoto
33a08fbfa0
helper/backend: start this thing
2015-03-13 21:11:19 -07:00
Mitchell Hashimoto
fd8f84e00e
command/unseal: tests
2015-03-13 20:17:55 -07:00
Mitchell Hashimoto
e473c655ac
website: imageoptim
2015-03-13 12:58:21 -07:00
Mitchell Hashimoto
c84a9bcaed
command/seal-status
2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
5c2915ba52
command/init: tests
2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
1bd0772986
http: make TestServer public
2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
f43a0290cf
vault: public testing methods
2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
5c8a2812fe
command/init: make the output a little nicer
2015-03-13 12:53:09 -07:00
Mitchell Hashimoto
3c3e96575f
command/init
2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
c0ede206bb
api: use /v1 prefix
2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
f71f29b801
command/server: initial working
2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
cb3e91b338
command/sever: copy the TCP keep alive listener
2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
393c6c6c20
command/server: support TLS
2015-03-13 12:53:08 -07:00
Mitchell Hashimoto
61224ce312
command/server: tcp listener
2015-03-13 12:53:08 -07:00
Armon Dadgar
9d5db1286d
vault: Track the renew time
2015-03-13 11:36:24 -07:00