luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
4,781 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

4781 Commits

Author SHA1 Message Date
Jeff Mitchell 60abb3d991
Cut version 0.6.2 2016-10-05 14:31:35 -04:00
Jeff Mitchell 70a9fc47b4 Don't use quoted identifier for the username 2016-10-05 14:31:19 -04:00
Jeff Mitchell d580bb1c27 Update upgrade guide 2016-10-05 14:10:27 -04:00
Jeff Mitchell fa515accf9 changelog++ 2016-10-05 14:08:31 -04:00
Jeff Mitchell 7f9a88d8db Postgres revocation sql, beta mode (#1972) 2016-10-05 13:52:59 -04:00
Jeff Mitchell 83b85dea1c Prep for 0.6.2 2016-10-05 08:23:31 -04:00
Paweł Rozlach 33b4683dfd Post-review fixes for file/zk recursive empty prefix delete 2016-10-05 08:08:00 -04:00
Jeff Mitchell bab1471345 changelog++ 2016-10-04 23:17:29 -04:00
vishalnayak cf7f93a7b4 changelog++ 2016-10-04 22:53:15 -04:00
Vishal Nayak 80a523b199 Merge pull request #1964 from mesosphere/prozlach/nested_secrets_handling_fix 
Nested secrets handling fix for zookeeper and file based backend.
 2016-10-04 22:45:37 -04:00
Jeff Mitchell 6b0f886756 Update website with breaking change information 2016-10-04 22:35:56 -04:00
Jeff Mitchell 22db55f847 changelog++ 2016-10-04 22:15:14 -04:00
Jeff Mitchell 1890a97eba changelog++ 2016-10-04 22:07:06 -04:00
Jeff Mitchell 2a646f74b3 changelog++ 2016-10-04 21:57:10 -04:00
Vishal Nayak 6e9bffade5 Merge pull request #1967 from hashicorp/mysql-revoke-sql 
Refactor mysql's revoke SQL
 2016-10-04 20:01:54 -04:00
vishalnayak 2b760d5bb7 changelog++ 2016-10-04 19:47:37 -04:00
vishalnayak de5dec6b15 Refactor mysql's revoke SQL 2016-10-04 19:30:25 -04:00
Vishal Nayak 1ab7023483 Merge pull request #1914 from jpweber/mysql-revoke 
Mysql revoke with non-wildcard hosts
 2016-10-04 17:44:15 -04:00
Jim Weber 87f206b536 removed an unused ok variable. Added warning and force use for default queries if role is nil 2016-10-04 17:15:29 -04:00
vishalnayak 40f4b4647f changelog++ 2016-10-04 16:18:47 -04:00
Pawel Rozlach 41ade15f73 Fix file backend so that it properly removes nested secrets. 
This patch makes file backend properly remove nested secrets, without leaving
empty directory artifacts, no matter how nested directories were.
 2016-10-04 21:56:12 +02:00
Pawel Rozlach 44b4704cfa Fix zookeeper backend so that properly deletes/lists secrets. 
This patch fixes two bugs in Zookeeper backends:
 * backend was determining if the node is a leaf or not basing on the number
   of the childer given node has. This is incorrect if you consider the fact
   that deleteing nested node can leave empty prefixes/dirs behind which have
   neither children nor data inside. The fix changes this situation by testing
   if the node has any data set - if not then it is not a leaf.
 * zookeeper does not delete nodes that do not have childern just like consul
   does and this leads to leaving empty nodes behind. In order to fix it, we
   scan the logical path of a secret being deleted for empty dirs/prefixes and
   remove them up until first non-empty one.
 2016-10-04 21:56:12 +02:00
Pawel Rozlach 68fc52958d Add tests for nested/prefixed secrets removal. 
Current tests were not checking if backends are properly removing
nested secrets. We follow here the behaviour of Consul backend, where
empty "directories/prefixes" are automatically removed by Consul itself.
 2016-10-04 21:55:33 +02:00
Vishal Nayak 661a8a4734 Merge pull request #1961 from hashicorp/aws-ec2-auth-rsa-signature 
aws-ec2-auth using identity doc and RSA digest
 2016-10-04 15:45:12 -04:00
vishalnayak 0f8c132ede Minor doc updates 2016-10-04 15:46:09 -04:00
vishalnayak 2e1aa80f31 Address review feedback 2 2016-10-04 15:30:42 -04:00
vishalnayak 59475d7f14 Address review feedback 2016-10-04 15:05:44 -04:00
Vishal Nayak 4141b632fa Merge pull request #1957 from hashicorp/website-list-userpass 
Added user listing endpoint to userpass docs
 2016-10-04 14:10:49 -04:00
Jim Weber cc38f3253a fixed an incorrect assignment 2016-10-03 21:51:40 -04:00
vishalnayak 348a09e05f Add only relevant certificates 2016-10-03 20:34:28 -04:00
vishalnayak dbd364453e aws-ec2 config endpoints support type option to distinguish certs 2016-10-03 20:25:07 -04:00
Jim Weber ac78ddc178 More resilient around cases of missing role names and using the default when needed. 2016-10-03 20:20:00 -04:00
vishalnayak b105f8ccf3 Authenticate aws-ec2 instances using identity document and its RSA signature 2016-10-03 18:57:41 -04:00
Vishal Nayak 5fb6758538 Merge pull request #1960 from hashicorp/atlas-listener-docs 
document the atlas listener
 2016-10-03 16:13:32 -04:00
Matthew Irish 61975f4265 add documentation for cluster_name and link atlas listener docs 2016-10-03 15:04:33 -05:00
Jim Weber 0a7f1089ca Refactored logic some to make sure we can always fall back to default revoke statments 
Changed rolename to role
made default sql revoke statments a const
 2016-10-03 15:59:56 -04:00
Jim Weber 704fccaf2e fixed some more issues I had with the tests. 2016-10-03 15:58:09 -04:00
Jim Weber a2d6624a69 renamed rolname to role 2016-10-03 15:57:47 -04:00
Jim Weber 7ab1092c7c Removed file that should not have been added in the first place. 2016-10-03 14:53:22 -04:00
Jim Weber bfb0c2d3ff Reduced duplicated code and fixed comments and simple variable name mistakes 2016-10-03 14:53:05 -04:00
Matthew Irish 34a6abcbb6 document the atlas listener 2016-10-03 10:41:50 -05:00
Jim Weber bb70ecc5a7 Added test for revoking mysql user with wild card host and non-wildcard host 2016-10-02 22:28:54 -04:00
Jim Weber dbb00534d9 saving role name to the Secret Internal data. Default revoke query added 
The rolename is now saved to the secret internal data for fetching
later during the user revocation process. No longer deriving the role
name from request path

Added support for default revoke SQL statements that will provide the
same functionality as before. If not revoke SQL statements are provided
the default statements are used.

Cleaned up personal ignores from the .gitignore file
 2016-10-02 18:53:16 -04:00
Jeff Mitchell 8cfcbd7943 changelog++ 2016-10-02 14:55:48 -04:00
Jeff Mitchell 2c85fdfeb9 Switch default case of disable cluster. (#1959) 2016-10-02 14:54:01 -04:00
Jeff Mitchell 86b9349d2b changelog++ 2016-10-02 13:29:52 -04:00
vishalnayak aef1a88de4 Added docs for reading and deleting username 2016-09-30 16:13:57 -04:00
vishalnayak 2ad698ec0b Added user listing endpoint to userpass docs 2016-09-30 15:47:33 -04:00
Jeff Mitchell 606d717ad9 Update changelog and website for GH-1958 2016-09-30 15:08:38 -04:00
Jeff Mitchell 6d00f0c483 Adds HUP support for audit log files to close and reopen. (#1953) 
Adds HUP support for audit log files to close and reopen. This makes it
much easier to deal with normal log rotation methods.

As part of testing this I noticed that HUP and other items that come out
of command/server.go are going to stderr, which is where our normal log
lines go. This isn't so much problematic with our normal output but as
we officially move to supporting other formats this can cause
interleaving issues, so I moved those to stdout instead.
 2016-09-30 12:04:50 -07:00