8b0b0d5922
Add cluster information to 'vault status'
2016-07-29 14:13:53 -04:00
e5e0431393
Added Vault version informationto the 'status' command
2016-07-28 17:37:35 -04:00
4d9c909ae4
Merge pull request #1650 from hashicorp/request-uuid
...
Added unique identifier to each request. Closes hashicorp/vault#1617
2016-07-27 09:40:48 -04:00
c17534d527
Fix request_id test failures
2016-07-26 18:30:13 -04:00
9d4a1b03bc
Fix broken tests
2016-07-26 16:53:59 -04:00
67801bcf64
uncomment
2016-07-26 16:44:50 -04:00
fb1b032040
fixing id in buildLogicalRequest
2016-07-26 15:50:37 -04:00
86446ff67e
Error out if cluster information is nil when Vault is unsealed
2016-07-26 15:30:38 -04:00
6145bed088
Added omitempty to ClusterName and ClusterID
2016-07-26 14:11:32 -04:00
669bbdfa48
Address review feedback from @jefferai
2016-07-26 14:05:27 -04:00
ad66bd7502
fixes based proper interpretation of comments
2016-07-26 12:20:27 -04:00
a3e6400697
Remove global name/id. Make only cluster name configurable.
2016-07-26 10:01:35 -04:00
c7dabe4def
Storing local and global cluster name/id to storage and returning them in health status
2016-07-26 02:32:42 -04:00
6c393cf17a
Fix tests
2016-07-25 17:05:54 -04:00
8d52a96df5
moving id to http/logical
2016-07-25 15:24:10 -04:00
43d352a942
Add version information to health status
2016-07-22 18:28:16 -04:00
c14235b206
Merge branch 'master-oss' into json-use-number
...
Conflicts:
http/handler.go
logical/framework/field_data.go
logical/framework/wal.go
vault/logical_passthrough.go
2016-07-15 19:21:55 -04:00
9f1e6c7b26
Merge pull request #1607 from hashicorp/standardize-time
...
Remove redundant invocations of UTC() call on `time.Time` objects
2016-07-13 10:19:23 -06:00
8269f323d3
Revert 'risky' changes
2016-07-12 16:38:07 -04:00
5b210b2a1f
Return a duration instead and port a few other places to use it
2016-07-11 18:19:35 +00:00
e09b40e155
Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC
2016-07-08 18:30:18 -04:00
ad7cb2c8f1
Added JSON Decode and Encode helpers.
...
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
2016-07-06 12:25:40 -04:00
889ff24ccf
Fix up error detection regression to return correct status codes
2016-06-22 17:47:05 -04:00
0bdeea3a33
Fix the test cases
2016-06-20 18:56:19 -04:00
e925987cb6
Add token accessor to wrap information if one exists
2016-06-13 23:58:17 +00:00
1de6140d5c
Fix mah broken tests
2016-06-10 14:03:56 -04:00
9f6c5bc02a
cubbyhole-response-wrapping -> response-wrapping
2016-06-10 13:48:46 -04:00
8b1da1a105
Support HEAD requests to /v1/sys/health
...
Some load balancers send HTTP HEAD requests to extract the status code.
2016-06-09 18:16:28 +02:00
401456ea50
Add creation time to returned wrapped token info
...
This makes it easier to understand the expected lifetime without a
lookup call that uses the single use left on the token.
This also adds a couple of safety checks and for JSON uses int, rather
than int64, for the TTL for the wrapped token.
2016-06-07 15:00:35 -04:00
05b0e0a866
Enable audit-logging of seal and step-down commands.
...
This pulls the logical request building code into its own function so
that it's accessible from other HTTP handlers, then uses that with some
added logic to the Seal() and StepDown() commands to have meaningful
audit log entries.
2016-05-20 17:03:54 +00:00
c9aaabe235
Fix missing return after respondError in handleLogical
2016-05-20 15:49:48 +00:00
caf77109ba
Add cubbyhole wrapping documentation
2016-05-19 13:33:51 -04:00
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
ce5614bf9b
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-11 19:29:52 -04:00
aecc3ad824
Add explicit maximum TTLs to token store roles.
2016-05-11 16:51:18 -04:00
c5008bcaac
Add more tests
2016-05-07 21:08:13 -04:00
2295cadbf4
Make WrapInfo a pointer to match secret/auth in response
2016-05-07 19:17:51 -04:00
09f06554cb
Address some review feedback
2016-05-04 16:03:53 -04:00
99a5b4402d
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-04 14:42:14 -04:00
7e462e566b
Check nil keys and respond internal error if it can't be cast to a []string
2016-05-02 20:00:46 -04:00
16b717022b
In a list response, if there are no keys, 404 to be consistent with GET
...
and with different backend conditions
Fixes #1365
2016-05-02 19:38:06 -04:00
aba689a877
Add wrapping through core and change to use TTL instead of Duration.
2016-05-02 00:47:35 -04:00
d81806b446
Add:
...
* Request/Response field extension
* Parsing of header into request object
* Handling of duration/mount point within router
* Tests of router WrapDuration handling
2016-05-02 00:24:32 -04:00
aeea7628d6
Add a *log.Logger argument to physical.Factory
...
Logging in the backend is a good thing. This is a noisy interface change but should be a functional noop.
2016-04-25 20:10:32 -07:00
98d09b0dc6
Add seal tests and update generate-root and others to handle dualseal.
2016-04-25 19:39:04 +00:00
a4ff72841e
Check for seal status when initing and change logic order to avoid defer
2016-04-14 01:13:59 +00:00
afae46feb7
SealInterface
2016-04-04 10:44:22 -04:00
d959ffc301
Rename PrepareRequest to PrepareRequestFunc
2016-03-18 10:37:49 -04:00
fbfe72f286
Removed http/sys_capabilties_test.go
2016-03-18 09:48:45 -04:00
55f03b5d25
Add separate path for capabilities-self to enable ACL
2016-03-17 22:52:03 -04:00
a70d4d5c9f
Deleted http/sys_capabilities.go since the requests are directly going to system backend
2016-03-17 22:44:48 -04:00
4e6dcfd6d0
Enable callbacks for handling logical.Request changes before processing requests
2016-03-17 22:29:53 -04:00
f1feee9b53
Fix http capabilities tests
2016-03-17 21:03:32 -04:00
68367f60c8
Fix broken testcases
2016-03-17 21:03:32 -04:00
d348735322
Fix help descriptions
2016-03-17 21:03:32 -04:00
f275cd2e9c
Fixed capabilities API to receive logical response
2016-03-17 21:03:32 -04:00
a5d79d587a
Refactoring the capabilities function
2016-03-17 21:03:32 -04:00
dcb7f00bcc
Move sys/capabilities to logical_system along with business logic from core
2016-03-17 21:03:32 -04:00
2b712bc778
Move capabilities accessor logic to logical_system
2016-03-17 21:03:32 -04:00
dd94e8e689
Fix broken test case
2016-03-14 18:44:13 -04:00
ba50a14736
Refactor fetching sys/health parameters
2016-03-11 09:52:31 -05:00
77b90c6745
Add query parameters to `/sys/health` to specify return codes.
...
Fixes #1199
2016-03-11 00:41:25 -05:00
fa2ba47a5c
Merge branch 'master' into token-roles
2016-03-09 17:23:34 -05:00
f478cc57e0
fix all the broken tests
2016-03-09 13:45:36 -05:00
c4a2c5b56e
Added tests for 'sys/capabilities-accessor' endpoint
2016-03-09 11:29:09 -05:00
151c932875
AccessorID --> Accessor, accessor_id --> accessor
2016-03-09 06:23:31 -05:00
62777c9f7e
ErrUserInput --> StatusBadRequest
2016-03-08 21:47:24 -05:00
8117996378
Implemented /sys/capabilities-accessor and a way for setting HTTP error code in all the responses
2016-03-08 19:14:29 -05:00
2737c81b39
Lay the foundation for returning proper HTTP status codes
2016-03-08 18:27:03 -05:00
301776012f
Introduced AccessorID in TokenEntry and returning it along with token
2016-03-08 14:06:10 -05:00
08c40c9bba
Introduced ErrUserInput to distinguish user error from server error
2016-03-07 22:16:09 -05:00
3b463c2d4e
use errwrap to check the type of error message, fix typos
2016-03-07 18:36:26 -05:00
cc1f5207b3
Merge branch 'master' into token-roles
2016-03-07 10:03:54 -05:00
aab24113b0
test cases for capabilities endpoint
2016-03-05 00:03:55 -05:00
9946a2d8b5
refactoring changes due to acl.Capabilities
2016-03-04 18:55:48 -05:00
7fe871e60a
Removing the 'Message' field
2016-03-04 10:36:03 -05:00
b67ab8ab7c
Test files for capabilities endpoint
2016-03-04 10:36:03 -05:00
816f1f8631
self review rework
2016-03-04 10:36:03 -05:00
286e63a648
Handled root token use case
2016-03-04 10:36:03 -05:00
07f9486ecb
Added capabilities and capabilities-self endpoints to http muxer
2016-03-04 10:36:03 -05:00
a885f9e8d2
Refactor http/sys_capabilities.go
2016-03-04 10:36:03 -05:00
5749a6718c
Added sys/capabililties endpoint
2016-03-04 10:36:02 -05:00
3e7bca82a1
Merge pull request #1146 from hashicorp/step-down
...
Provide 'sys/step-down' and 'vault step-down'
2016-03-03 12:30:08 -05:00
6ed5d10580
Remove proxy function as it's unneeded now
2016-03-02 14:55:51 -05:00
9c47b8c0a7
Remove sys_policy from special handling as it's implemented in
...
logical_system too. Clean up the mux handlers.
2016-03-02 14:16:54 -05:00
7b4478faba
Add a sleep in the RedirectStandby test to try to fix raciness
2016-03-02 12:06:16 -05:00
df2e337e4c
Update tests to add expected role parameters
2016-03-01 12:41:40 -05:00
11ddd2290b
Provide 'sys/step-down' and 'vault step-down'
...
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.
Fixes #1093
2016-02-26 19:43:55 -05:00
434962c632
We treat put/post the same, so allow init to use POST
2016-02-22 20:22:31 -05:00
76923aa28a
Add the server's time in UTC to the health response.
2016-02-22 19:51:18 -05:00
8510dbad05
Verify that nonces are non-empty in tests
2016-02-12 15:35:26 -05:00
5f5542cb91
Return status for rekey/root generation at init time. This mitigates a
...
(very unlikely) potential timing attack between init-ing and fetching
status.
Fixes #1054
2016-02-12 14:24:36 -05:00
ff3adce39e
Make "ttl" reflect the actual TTL of the token in lookup calls.
...
Add a new value "creation_ttl" which holds the value at creation time.
Fixes #986
2016-02-01 11:16:32 -05:00
88310ca538
Fix up unit tests to expect new values
2016-01-29 19:36:56 -05:00
7d1d003ba0
Update documentation and use ParseBool for list query param checking
2016-01-22 10:07:32 -05:00
455931873a
Address some review feedback
2016-01-22 10:07:32 -05:00
5341cb69cc
Updates and documentation
2016-01-22 10:07:32 -05:00
9042315973
Add handling of LIST verb to logical router
2016-01-22 10:07:32 -05:00
973c888833
RootGeneration->GenerateRoot
2016-01-19 18:28:10 -05:00
3b994dbc7f
Add the ability to generate root tokens via unseal keys.
2016-01-19 18:28:10 -05:00
vishalnayak