luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
7,715 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

26 Commits

Author SHA1 Message Date
Bharath B 699f9246e6 Config parameter "tls_disable_client_certs" is wrongly evaluated. (#4049) 2018-02-28 10:07:23 -05:00
Chris Hoffman 164849f056
Add support for encrypted TLS key files (#3685) 2017-12-15 17:33:55 -05:00
Jeff Mitchell 17a15cd594 Add option to disable client certificate requesting. (#3373) 
Fixes #3372
 2017-09-25 14:41:46 -04:00
Doyoon Kim 3ffebb7780 Moved PROXY protocol wrap to execute before the TLS wrap (#3195) 2017-08-23 12:00:09 -04:00
Gobin Sougrakpam 8e01c994bf tls_client_ca_file option for verifying client (#3034) 2017-08-03 07:33:06 -04:00
Jeff Mitchell 1bfc6d4fe7 Add a -dev-three-node option for devs. (#3081) 2017-07-31 11:28:06 -04:00
Jeff Mitchell d55d75a79f Convert listener arguments to map[string]interface{} (#2905) 
This allows people to use more natural constructs, e.g. for tls_disable
it can be a bool, int, or string.
 2017-06-22 20:29:53 +01:00
Jeff Mitchell 5d760d4090 Add option to require valid client certificates (#2457) 2017-03-08 10:21:31 -05:00
Roman Vynar 1615280efa Added tls_cipher_suites, tls_prefer_server_ciphers config options to listener (#2293) 2017-01-23 13:48:35 -05:00
Jeff Mitchell 85315ff188 Rejig where the reload functions live 2016-09-30 00:07:22 -04:00
Jeff Mitchell 3ec81debe7 Trim leading/trailing space around PEM bundles. 
Fixes #1634
 2016-07-20 13:57:49 -04:00
vishalnayak f34f0ef503 Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
Jeff Mitchell 0d9ea2a1a1 Initial Atlas listener implementation 2016-06-02 14:05:47 -04:00
Jeff Mitchell 84af6ec8ac Don't generate an ID; use address for the ID. Generally speaking we'll need to sane against what's in the config 2016-03-11 17:28:03 -05:00
Jeff Mitchell 996c584192 Don't inline factory 2016-03-11 17:02:44 -05:00
Jeff Mitchell d75ce9de9b Retool to have reloading logic run in command/server 2016-03-11 16:47:03 -05:00
Jeff Mitchell baf0763b3c Add reload capability for Vault listener certs. No tests (other than 
manual) yet, and no documentation yet.
 2016-03-11 14:05:52 -05:00
Armon Dadgar 985717b428 server: sanity check value for 'tls_disable' 2015-11-25 11:37:57 -08:00
Armon Dadgar ae28087f67 server: import sha512. Fixes #448 2015-07-23 13:51:45 -07:00
Karl Gutwin 1096f5a53e Avoid unnecessary abbreviation 2015-07-22 23:28:46 -04:00
Karl Gutwin 2e81d9047d Allow specifying a TLS minimum version 2015-07-22 23:19:41 -04:00
Armon Dadgar 268db24819 command/listener: Request TLS client cert. Fixes #214 2015-05-20 16:01:40 -07:00
Armon Dadgar 770116b8e9 command: Set minimum TLS version to 1.2 2015-04-13 19:09:44 -07:00
Mitchell Hashimoto afc71d2a7b command/server: cleaner output 2015-04-04 12:06:41 -07:00
Mitchell Hashimoto 393c6c6c20 command/server: support TLS 2015-03-13 12:53:08 -07:00
Mitchell Hashimoto 61224ce312 command/server: tcp listener 2015-03-13 12:53:08 -07:00