Commit graph

5887 commits

Author SHA1 Message Date
Marc Boudreau 5630b0ad4b Changing the ttl value in the Generate IAM with STS sample to a valid value (#2665) 2017-05-01 14:41:49 -04:00
Chris Hoffman e94c7ef3d1 changelog++ 2017-05-01 12:32:14 -04:00
Calvin Leung Huang 5076701bea Honor statements for RevokeUser on Cassandra backend, add method comments 2017-05-01 11:27:35 -04:00
Jeff Mitchell 0ed210c67f changelog++ 2017-05-01 10:42:41 -04:00
Justin Gerace 403efeb5ae Add globbing support to the PKI backend's allowed_domains list (#2517) 2017-05-01 10:40:18 -04:00
Jeff Mitchell 2b337083f3 changelog++ 2017-05-01 10:37:35 -04:00
vishalnayak 60add30b9d Merge branch 'oss' into sys-tidy-leases 2017-05-01 09:58:58 -04:00
vishalnayak 07e6d4336d changelog++ 2017-04-30 11:40:13 -04:00
Michael Ansel 30b71cbbac Add constraints on the Common Name for certificate-based authentication (#2595)
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
2017-04-30 11:37:10 -04:00
Calvin Leung Huang 71d9de9083 Merge pull request #2660 from hashicorp/version-metadata
Add version metadata
2017-04-28 17:30:45 -04:00
Jeff Mitchell 9a72b3162f Flip back to sstarcher go-okta post-merge 2017-04-28 17:21:49 -04:00
Calvin Leung Huang b2ceaa3aa9 Add version metadata 2017-04-28 16:22:00 -04:00
Cameron Stokes 73867dab92 Add local flag to docs for API endpoints. (#2625) 2017-04-28 14:33:27 -04:00
Ryan Smith-Evans d0d448cfbe Added required header (#2656) 2017-04-28 08:56:14 -04:00
Calvin Leung Huang ff4cf41ebb Add test for ca and crl case 2017-04-28 08:55:28 -04:00
Jeff Mitchell 0f214cc502 Switch to jefferai/go-okta for now to work around Fatal lines in upstream (#2658)
Switch to jefferai/go-okta for now to work around Fatal lines in upstream
2017-04-28 08:39:51 -04:00
Vishal Nayak 8bb6c8caef Return error message for failure to parse CSR (#2657) 2017-04-28 08:30:24 -04:00
greenbrian 90a442ec92 Fix links on Consul storage backend page (#2652) 2017-04-28 07:48:23 -04:00
Chris Hoffman dd3bf25cb2 Randomizing x coordinate in shamir split (#2621) 2017-04-28 07:47:05 -04:00
Brian Kassouf 43cf619871 Update the username length for postgresql 2017-04-27 23:02:33 -07:00
Brian Kassouf 9a07675d86 Update username length for MSSQL 2017-04-27 22:59:22 -07:00
Brian Kassouf c11f2638b9 If user provides a revocation statement for MSSQL plugin honor it 2017-04-27 22:56:06 -07:00
Calvin Leung Huang 802d030506 Refactor cert_util_test 2017-04-27 17:09:59 -04:00
Calvin Leung Huang 785bce7469 Merge pull request #2632 from hashicorp/cassandra-plugin
Add cassandra plugin
2017-04-27 16:28:33 -04:00
vishalnayak 72d05cd8dd Refactor locking code in lease tidy; add ending debug statements 2017-04-27 16:22:19 -04:00
vishalnayak d8e91ef616 refactor lock handling in token tidy function 2017-04-27 13:48:29 -04:00
Calvin Leung Huang b5990321bf Verify update operation was performed on revokeCert 2017-04-27 12:30:44 -04:00
vishalnayak f9c1426ac8 Use an atomic lock for tidy operation in token store 2017-04-27 11:41:33 -04:00
vishalnayak ac8aae36fe Distinguish valid and invalid tokens using bool value in cache 2017-04-27 11:31:42 -04:00
vishalnayak 58967c0bbd Merge branch 'oss' into sys-tidy-leases 2017-04-27 11:23:48 -04:00
vishalnayak 749ec4fab1 Some more logging updates 2017-04-27 11:20:55 -04:00
vishalnayak e64ba93d54 Cache only valid tokens 2017-04-27 11:08:11 -04:00
Calvin Leung Huang fadf6c439f Update New() func signature and its references 2017-04-27 11:07:52 -04:00
vishalnayak d256248095 Fix logging suggestions; put the policyStore nil check back in 2017-04-27 10:56:19 -04:00
Chris Hoffman 1a60fede58 Updating revoke/renew to prefer PUT method (#2646) 2017-04-27 10:47:43 -04:00
Calvin Leung Huang 3b27a9c12c Rename tests, use HandleRequest() for existing paths 2017-04-27 09:47:56 -04:00
Brian Kassouf 53752c3002 Add check to ensure we don't overwrite existing connections 2017-04-26 16:43:42 -07:00
Brian Kassouf 50c0d520e1 Fix revoke tree test 2017-04-26 16:26:48 -07:00
Brian Kassouf 081101c7cf Add an error check to reset a plugin if it is closed 2017-04-26 15:55:34 -07:00
Brian Kassouf d0cad5345a Update to a RWMutex 2017-04-26 15:23:14 -07:00
vishalnayak 3fd019574d Fix logging levels 2017-04-26 17:29:04 -04:00
vishalnayak 7c3e20e9c5 Fix the log statements 2017-04-26 17:17:19 -04:00
vishalnayak 671353810b Added caching of looked up tokens 2017-04-26 16:54:48 -04:00
vishalnayak 9025ef16e4 Added logger to token store and logs to tidy function 2017-04-26 16:11:23 -04:00
Calvin Leung Huang 628e5d594b Add remaining tests 2017-04-26 16:05:58 -04:00
vishalnayak 27dd95156d Revoke lease that has empty token; added logs 2017-04-26 15:48:28 -04:00
vishalnayak b939d049e4 Added atomic lock to ensure a single tidy operation is in progress 2017-04-26 15:07:58 -04:00
vishalnayak 5909d81b7b Merge branch 'oss' into clean-stale-leases 2017-04-26 15:07:27 -04:00
Jeff Mitchell 4a4c981fb2 Update error message to distinguish tree revocation issue from non-tree 2017-04-26 14:06:45 -04:00
Brian Kassouf 6252f48dfe Fix MSSQL test 2017-04-26 10:52:10 -07:00