Jeff Mitchell
30ba5b7887
Merge pull request #1291 from mmickan/ssh-keyinstall-perms
...
Ensure authorized_keys file is readable when uninstalling an ssh key
2016-04-25 14:00:37 -04:00
Adam Shannon
fb07d07ad9
all: Cleanup from running go vet
2016-04-13 14:38:29 -05:00
vishalnayak
06eeaecef6
Skip acceptance tests if VAULT_ACC is not set
2016-04-11 20:00:15 -04:00
Jeff Mitchell
d92b960f7a
Add list support to userpass users. Remove some unneeded existence
...
checks. Remove paths from requiring root.
Fixes #911
2016-04-09 18:28:55 -04:00
vishalnayak
e3a1ee92b5
Utility Enhancements
2016-04-05 20:32:59 -04:00
vishalnayak
fd8b023655
s/TF_ACC/VAULT_ACC
2016-04-05 15:24:59 -04:00
vishalnayak
95abdebb06
Added AcceptanceTest boolean to logical.TestCase
2016-04-05 15:10:44 -04:00
Mark Mickan
a55124f0b6
Ensure authorized_keys file is readable when uninstalling an ssh key
...
Without this change, if the user running the ssh key install script doesn't
have read access to the authorized_keys file when uninstalling a key, all
keys will be deleted from the authorized_keys file.
Fixes GH #1285
2016-04-05 17:26:21 +09:30
Jeff Mitchell
7df3ec46b0
Some fixups around error/warning in LDAP
2016-04-02 13:33:00 -04:00
Jeff Mitchell
40325b8042
If no group DN is configured, still look for policies on local users and
...
return a warning, rather than just trying to do an LDAP search on an
empty string.
2016-04-02 13:11:36 -04:00
Jeff Mitchell
7fd5a679ca
Fix potential error scoping issue.
...
Ping #1262
2016-03-30 19:48:23 -04:00
Jeff Mitchell
3cfcd4ddf1
Check for nil connection back from go-ldap, which apparently can happen even with no error
...
Ping #1262
2016-03-29 10:00:04 -04:00
Jeff Mitchell
17613f5fcf
Removing debugging comment
2016-03-24 09:48:13 -04:00
Jeff Mitchell
4c4a65ebd0
Properly check for policy equivalency during renewal.
...
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.
Fixes #1256
2016-03-24 09:41:51 -04:00
Jeff Mitchell
dfc5a745ee
Remove check for using CSR values with non-CA certificate.
...
The endpoint enforces whether the certificate is a CA or not anyways, so
this ends up not actually providing benefit and causing a bug.
Fixes #1250
2016-03-23 10:05:38 -04:00
Jeff Mitchell
3e3621841d
Merge pull request #1227 from hashicorp/issue-477
...
Don't renew cert-based tokens if the policies have changed.
2016-03-17 18:25:39 -04:00
Jeff Mitchell
1951a01998
Add ability to exclude adding the CN to SANs.
...
Fixes #1220
2016-03-17 16:28:40 -04:00
Jeff Mitchell
a8dd6aa4f1
Don't renew cert-based tokens if the policies have changed.
...
Also, add cert renewal testing.
Fixes #477
2016-03-17 14:22:24 -04:00
Jeff Mitchell
77e4ee76bb
Normalize userpass errors around bad user/pass
2016-03-16 15:19:55 -04:00
Jeff Mitchell
8a3f1ad13e
Use 400 instead of 500 for failing to provide a userpass password.
2016-03-16 15:14:28 -04:00
Vishal Nayak
2c0c901eac
Merge pull request #1216 from hashicorp/userpass-update
...
Userpass: Update the password and policies associated to user
2016-03-16 14:58:28 -04:00
vishalnayak
f9b1fc3aa0
Add comments to existence functions
2016-03-16 14:53:53 -04:00
vishalnayak
1951159b25
Addessing review comments
2016-03-16 14:21:14 -04:00
vishalnayak
239ad4ad7e
Refactor updating user values
2016-03-16 13:42:02 -04:00
vishalnayak
533b136fe7
Reduce the visibility of setUser
2016-03-16 11:39:52 -04:00
vishalnayak
2914ff7502
Use helper for existence check. Avoid panic by fetching default values for field data
2016-03-16 11:26:33 -04:00
Vishal Nayak
7db7b47fdd
Merge pull request #1210 from hashicorp/audit-id-path
...
Rename id to path and path to file_path, print audit backend paths
2016-03-15 20:13:21 -04:00
vishalnayak
39a0c8e91f
Read from 'path' to retain backward compatibility
2016-03-15 20:05:51 -04:00
vishalnayak
1e889bc08c
Input validations and field renaming
2016-03-15 17:47:13 -04:00
vishalnayak
a0958c9359
Refactor updating and creating userEntry into a helper function
2016-03-15 17:32:39 -04:00
vishalnayak
acd545f1ed
Fetch and store UserEntry to properly handle both create and update
2016-03-15 17:05:23 -04:00
vishalnayak
9609fe151b
Change path structure of password and policies endpoints in userpass
2016-03-15 16:46:12 -04:00
vishalnayak
8be36b6925
Reuse the variable instead of fetching 'name' again
2016-03-15 16:21:47 -04:00
vishalnayak
61b4cac458
Added paths to update policies and password
2016-03-15 16:12:55 -04:00
vishalnayak
731bb97db5
Tests for updating password and policies in userpass backend
2016-03-15 16:09:23 -04:00
vishalnayak
b7eb0a97e5
Userpass: Support updating policies and password
2016-03-15 15:18:21 -04:00
Jeff Mitchell
8aaf29b78d
Add forgotten test
2016-03-15 14:18:35 -04:00
Jeff Mitchell
8bf935bc2b
Add list support to certs in cert auth backend.
...
Fixes #1212
2016-03-15 14:07:40 -04:00
vishalnayak
71fc07833f
Rename id to path and path to file_path, print audit backend paths
2016-03-14 17:15:07 -04:00
Jeff Mitchell
d648306d52
Add the ability to specify the app-id in the login path.
...
This makes it easier to use prefix revocation for tokens.
Ping #424
2016-03-14 16:24:01 -04:00
Jeff Mitchell
9bfd24cd69
s/hash_accessor/hmac_accessor/g
2016-03-14 14:52:29 -04:00
vishalnayak
ea108fba18
Use accessor being set as the condition to restore non-hashed values
2016-03-14 11:23:30 -04:00
vishalnayak
e09819fedc
Added hash_accessor option to audit backends
2016-03-11 19:28:06 -05:00
Vishal Nayak
343e6f1671
Merge pull request #998 from chrishoffman/mssql
...
Sql Server (mssql) secret backend
2016-03-10 22:30:24 -05:00
Chris Hoffman
b1703fb18d
Cleaning up lease and lease duration vars and params
2016-03-10 21:15:18 -05:00
Chris Hoffman
ba94451875
Removing root protected endpoints
2016-03-10 21:08:39 -05:00
Chris Hoffman
dc7da4f4e8
Changing DROP USER query to a more compatible version
2016-03-10 21:06:50 -05:00
Chris Hoffman
5af33afd90
Adding verify_connection to config, docs updates, misc cleanup
2016-03-09 23:08:05 -05:00
Vishal Nayak
a6d8fc9d98
Merge pull request #1190 from grunzwei/master
...
fix github tests to use the provided GITHUB_ORG environment variable
2016-03-09 09:51:28 -05:00
Nathan Grunzweig
ae469cc796
fix github tests to use the provided GITHUB_ORG environment variable
...
(tests fail for non hashicorp people)
2016-03-09 15:34:03 +02:00