luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
4,605 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

4605 Commits

Author SHA1 Message Date
Jim Weber e0ea497cfe Getting role name from the creds path used in revocation 2016-09-23 16:57:08 -04:00
Jim Weber 8709406eb3 secretCredsRevoke command no longer uses hardcoded query 
The removal of a user from the db is now handled similar to the
creation. The SQL is read out of a key from the role and then executed
with values substituted for username.
 2016-09-23 16:05:49 -04:00
Jim Weber 1bed6bfc2c Added support for a revokeSQL key value pair to the role 2016-09-23 16:00:23 -04:00
Jeff Mitchell d65da5613c Add missing dep 2016-09-21 14:02:35 -04:00
Jeff Mitchell 226ef5d78c Make HA in etcd off by default. (#1909) 
Fixes #1908

(Doesn't really "fix" it but someone from the community needs to step up
if they want to see this fixed.)
 2016-09-21 14:01:36 -04:00
Jeff Mitchell 5c9bd9adcb changelog++ 2016-09-21 13:50:07 -04:00
Jeff Mitchell 676e7e0f07 Ensure upgrades have a valid HMAC key 2016-09-21 11:10:57 -04:00
Jeff Mitchell 0ff76e16d2 Transit and audit enhancements 2016-09-21 10:49:26 -04:00
Jeff Mitchell 982f151722 Update docs to reflect that there is more than one constraint for EC2 now 2016-09-20 16:11:32 -04:00
Jeff Mitchell bbe87db913 Force tls_disable on scada connection inside outer TLS connection as it's not currently supported anyways 2016-09-20 14:56:16 -04:00
Chris Hoffman 5c241d31e7 Renaming ttl_max -> max_ttl in mssql backend (#1905) 2016-09-20 12:39:02 -04:00
Carlo Cabanilla f6239cf0c0 fix shell quoting (#1904) 
$() doesnt get evaluated in single quotes, so you need to break out of it first
 2016-09-19 17:11:16 -04:00
Jeff Mitchell 27782238a1 changelog++ 2016-09-19 13:03:03 -04:00
Jeff Mitchell 69c4452344 Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2016-09-19 13:02:30 -04:00
Jeff Mitchell f3ab4971a6 Follow Vault convention on `DELETE` being idempotent (#1903) 
* Follow Vault convention on `DELETE` being idempotent with
audit/auth/mounts deletes (a.k.a. disabling/unmounting).
 2016-09-19 13:02:25 -04:00
Jeff Mitchell 7f3041d6a5 Fix formatting 2016-09-19 13:00:50 -04:00
Jeff Mitchell 6e40d606d4 Bump to newer middleman-hashicorp 2016-09-19 12:42:35 -04:00
Jeff Mitchell 85c51fd861 Update website docs to indicate sudo being required for auth/audit 
endpoints.
 2016-09-19 12:10:08 -04:00
Vishal Nayak 97dc0e9f64 Merge pull request #1897 from hashicorp/secret-id-accessor-locks 
Safely manipulate secret id accessors
 2016-09-19 11:37:38 -04:00
Jeff Mitchell 86c83c3a98 changelog++ 2016-09-19 09:41:01 -04:00
vishalnayak fefd3a6c0b s/GetOctalFormatted/GetHexFormatted 2016-09-16 17:47:15 -04:00
Jeff Mitchell f7b3937c77 Fix website display of tune paths 2016-09-16 12:03:50 -04:00
Jeff Mitchell 897d3c6d2c Rename GetOctalFormatted and add serial number to ParsedCertBundle. Basically a noop. 2016-09-16 11:05:43 -04:00
vishalnayak 271ab5a4bd changelog++ 2016-09-16 10:59:59 -04:00
Vishal Nayak 47a9c45189 Merge pull request #1899 from hashicorp/format-yml 
Add yml alias for yaml
 2016-09-16 10:56:01 -04:00
vishalnayak e123f33a91 Add yml alias for yaml 2016-09-16 10:43:23 -04:00
vishalnayak ba72e7887a Safely manipulate secret id accessors 2016-09-15 18:13:50 -04:00
Vishal Nayak 61664bc653 Merge pull request #1886 from hashicorp/approle-upgrade-notes 
upgrade notes entry for approle constraint and warning on role read
 2016-09-15 12:14:01 -04:00
vishalnayak 5597156886 check for nil role 2016-09-15 12:10:40 -04:00
Vishal Nayak 4f33e8d713 Merge pull request #1892 from hashicorp/role-tag-defaults 
Specify that role tags are not tied to an instance by default
 2016-09-15 12:04:41 -04:00
vishalnayak 6a0f788dee changelog++ 2016-09-15 12:03:48 -04:00
Vishal Nayak 464f479ff0 Merge pull request #1889 from hashicorp/configurable-nonce 
aws-ec2: generate the client nonce by default during first login attempt
 2016-09-15 11:49:38 -04:00
vishalnayak 92986bb2a0 Address review feedback 2016-09-15 11:41:52 -04:00
vishalnayak a1de742dce s/disableReauthenticationNonce/reauthentication-disabled-nonce 2016-09-15 11:29:02 -04:00
vishalnayak 9bca127631 Updated docs with nonce usage 2016-09-14 19:31:09 -04:00
vishalnayak 857f921d76 Added comment 2016-09-14 18:27:35 -04:00
vishalnayak 39796e8801 Disable reauthentication if nonce is explicitly set to empty 2016-09-14 17:58:00 -04:00
vishalnayak 2639ca4d4f Address review feedback 2016-09-14 16:06:38 -04:00
James Pearson Hughes f598c78d98 DynamoDB: fix log typo (#1891) 2016-09-14 15:16:24 -04:00
vishalnayak dcddaa8094 Address review feedback 2016-09-14 15:13:54 -04:00
Jeff Mitchell bd4584c346 Make bootstrap use -u to ensure up-to-date versions of tools, as that's 
what we build with.

Fixes #1890
 2016-09-14 15:10:02 -04:00
vishalnayak d5cc763b8d Clarify that tags can be used on all instances that satisfies constraints 2016-09-14 14:55:09 -04:00
vishalnayak 03fc7b517f Specify that role tags are not tied to an instance by default 2016-09-14 14:49:18 -04:00
vishalnayak d0e4d77fce address review feedback 2016-09-14 14:28:02 -04:00
vishalnayak d7ce69c5eb Remove the client nonce being empty check 2016-09-14 14:28:02 -04:00
vishalnayak 53c919b1d0 Generate the nonce by default 2016-09-14 14:28:02 -04:00
Vishal Nayak eece4e047b Merge pull request #1887 from hashicorp/ec2-nonce-constant-compare 
Use constant time comparisons for client nonce
 2016-09-14 12:40:17 -04:00
vishalnayak 455a4ae055 address review feedback 2016-09-14 12:08:35 -04:00
vishalnayak b1392567d1 Use constant time comparisons for client nonce 2016-09-13 20:12:43 -04:00
Jeff Mitchell 74a0bfadb8 changelog++ 2016-09-13 18:42:56 -04:00