Commit graph

42 commits

Author SHA1 Message Date
Jeff Mitchell 5341cb69cc Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell 10c307763e Add list capability, which will work with the generic and cubbyhole
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
2016-01-22 10:07:32 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Nicki Watt 442d538deb Make token-lookup functionality available via Vault CLI 2015-12-29 20:18:59 +00:00
Jeff Mitchell 1a324cf347 Make TokenHelper an interface and split exisiting functionality
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.

Fixes #850 among others
2015-12-22 10:23:30 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup.
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell af27a99bb7 Remove JWT for the 0.3 release; it needs a lot of rework. 2015-09-24 16:23:44 -04:00
Jeff Mitchell 488d33c70a Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
vishalnayak 93dfa67039 Merging changes from master 2015-08-12 09:28:16 -07:00
Erik Kristensen 2233f993ae initial pass at JWT secret backend 2015-08-06 17:49:44 -06:00
Vishal Nayak d691a95531 Vault SSH: PR review rework - 1 2015-07-01 11:58:49 -04:00
Vishal Nayak 8627f3c360 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-30 18:33:37 -04:00
Armon Dadgar 3c58773598 Merge pull request #380 from kgutwin/cert-cli
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Jeff Mitchell fccbc587c6 A Cassandra secrets backend.
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
Vishal Nayak f39df58eef Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-24 18:13:26 -04:00
Jeff Mitchell e086879fa3 Merge remote-tracking branch 'upstream/master' into f-pki 2015-06-19 13:01:26 -04:00
Vishal Nayak 90605c6079 merging with master 2015-06-18 20:51:11 -04:00
Armon Dadgar c54868120a command/path-help: rename command, better error if sealed. Fixes #234 2015-06-18 15:56:42 -07:00
Armon Dadgar 6bc2b06de4 server: graceful shutdown for fast failover. Fixes #308 2015-06-17 18:24:56 -07:00
Vishal Nayak 3ed73d98c2 Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect 2015-06-17 12:39:49 -04:00
Vishal Nayak 08c921c75e Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 16:58:54 -04:00
Jeff Mitchell 0d832de65d Initial PKI backend implementation.
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Armon Dadgar 9a162191cd command/rekey: first pass at rekey 2015-05-28 15:08:09 -07:00
Armon Dadgar 42b91fe411 command/rotate: Adding new rotate command 2015-05-28 10:16:33 -07:00
Armon Dadgar 388022bac1 command/key-status: Adding new key-status command 2015-05-27 18:17:02 -07:00
Mitchell Hashimoto 91a852e259 cli: should be != 2015-05-11 11:45:48 -07:00
Mitchell Hashimoto fbc051a941 cli: typo 2015-05-11 11:45:02 -07:00
Mitchell Hashimoto a641510ed8 cli: fix dev on version flga 2015-05-11 11:44:44 -07:00
Giovanni Bajo 7492c5712a Initial implementation of the LDAP credential backend 2015-05-09 22:04:19 +02:00
Armon Dadgar bb1dd509d7 audit/syslog: first pass 2015-04-27 15:56:40 -07:00
Armon Dadgar 57d54c2e94 commands: enable the mysql secret backend 2015-04-25 12:06:08 -07:00
Armon Dadgar f30c9c1509 Enable the credential backend 2015-04-23 21:46:30 -07:00
Armon Dadgar f76e5b2fc5 command: Rename seal-status to status 2015-04-20 12:11:21 -07:00
Mitchell Hashimoto 9ab464e518 cli: add token-renew 2015-04-19 18:04:24 -07:00
Mitchell Hashimoto 0ebf2508e0 command/policy-delete 2015-04-19 16:36:11 -07:00
Mitchell Hashimoto 0b7e7190b5 credentials/userpass: integrate into auth cli 2015-04-19 15:17:24 -07:00
Mitchell Hashimoto 4109218635 cli: add postgresql 2015-04-18 18:44:23 -07:00
Armon Dadgar 07bffafbbd Adding transit logical backend 2015-04-15 17:08:12 -07:00
Mitchell Hashimoto 0cc0fb066b command/renew 2015-04-13 20:42:07 -07:00
Mitchell Hashimoto fdf964d17e cli: make commands more customizable 2015-04-12 17:19:26 -07:00
Mitchell Hashimoto 57be8bcc09 move the cli to the cli/ package so enterprising individuals can call it 2015-04-12 16:58:45 -07:00
Renamed from commands.go (Browse further)