open-vault/vault
Michael Gaffney 6b1e1909e9
core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493)
Seal keys can be rotated. When this happens, the barrier and recovery
keys should be re-encrypted with the new seal key. This change
automatically re-encrypts the barrier and recovery keys with the latest
seal key on the active node during the 'postUnseal' phase.
2019-10-03 16:40:18 -04:00
..
cluster Add a missing lock to cluster handler 2019-07-09 03:46:08 -04:00
external_tests sys: add pprof endpoint (#7473) 2019-09-19 13:44:37 -07:00
replication Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
seal core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493) 2019-10-03 16:40:18 -04:00
acl.go Check nil parameter value when processing an ACL. 2019-04-26 15:57:00 -07:00
acl_test.go Check nil parameter value when processing an ACL. 2019-04-26 15:57:00 -07:00
acl_util.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
audit.go Allow plugins to submit audit requests/responses via extended SystemView (#6777) 2019-05-22 18:52:53 -04:00
audit_broker.go Allow plugins to submit audit requests/responses via extended SystemView (#6777) 2019-05-22 18:52:53 -04:00
audit_test.go audit: log invalid wrapping token request/response (#6541) 2019-07-05 14:15:14 -07:00
audited_headers.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
audited_headers_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
auth.go Bind entry to initalize locally 2019-07-05 18:37:10 -07:00
auth_test.go AWS upgrade role entries (#7025) 2019-07-05 16:55:40 -07:00
barrier.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_access.go Fix compile 2018-01-19 05:31:55 -05:00
barrier_aes_gcm.go Clear the Barrier AEAD cache on keyring reload (#6870) 2019-06-12 08:56:16 -07:00
barrier_aes_gcm_test.go Clear the Barrier AEAD cache on keyring reload (#6870) 2019-06-12 08:56:16 -07:00
barrier_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_view.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_view_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_view_util.go The big one (#5346) 2018-09-17 23:03:00 -04:00
capabilities.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
capabilities_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
cluster.go http: add handleLogicalNoForward handler for local-only requests (#7482) 2019-09-16 17:50:28 -07:00
cluster_test.go Make clusterListener an atomic.Value to avoid races with getGRPCDialer. (#7408) 2019-09-03 11:59:56 -04:00
core.go core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493) 2019-10-03 16:40:18 -04:00
core_test.go audit: log invalid wrapping token request/response (#6541) 2019-07-05 14:15:14 -07:00
core_util.go Close and flush perf standby conns/cache when sealing. (#7183) 2019-07-24 16:32:57 -04:00
cors.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
counters.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
counters_test.go Add code for writing and reading request counters to storage. (#5918) 2019-03-05 14:55:07 -05:00
dynamic_system_view.go Move SudoPrivilege out of SystemView (#7266) 2019-08-26 10:23:46 -04:00
expiration.go Return a useful error on attempts to renew a token via sys/leases/renew (#7298) 2019-10-02 10:55:20 -04:00
expiration_integ_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
expiration_test.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
expiration_util.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
generate_root.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
generate_root_test.go Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
ha.go core: Don't shutdown if key upgrades fail due to canceled context (#7070) 2019-07-05 14:19:15 -07:00
identity_lookup.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
identity_lookup_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
identity_store.go Fix identity case sensitivity loading in secondary cluster (#7327) 2019-09-30 10:27:25 -04:00
identity_store_aliases.go Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
identity_store_aliases_test.go Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
identity_store_entities.go Change regexes for reading entity/group names (#7055) 2019-07-03 08:56:01 -04:00
identity_store_entities_test.go Storage packer V1 updates (#6531) 2019-05-07 15:29:51 -04:00
identity_store_group_aliases.go Update group alias handling to better protect against namespace differences 2019-06-18 16:43:30 -04:00
identity_store_group_aliases_test.go Update group alias handling to better protect against namespace differences 2019-06-18 16:43:30 -04:00
identity_store_groups.go Remove 512 entity limit for groups (#7317) 2019-08-14 13:47:11 -04:00
identity_store_groups_test.go Fix some tests 2019-06-17 17:02:34 -04:00
identity_store_oidc.go Add response_types_supported to OIDC configuration (#7533) 2019-10-02 08:59:57 -07:00
identity_store_oidc_test.go also flush nilNamespace when a namespace is flushed in the identity/oidc backend (#7203) 2019-07-26 19:53:40 -07:00
identity_store_oidc_util.go Remove unneeded context parameter (#7057) 2019-07-03 07:12:46 -07:00
identity_store_schema.go Storage packer V1 updates (#6531) 2019-05-07 15:29:51 -04:00
identity_store_structs.go Fix identity case sensitivity loading in secondary cluster (#7327) 2019-09-30 10:27:25 -04:00
identity_store_test.go Storage packer V1 updates (#6531) 2019-05-07 15:29:51 -04:00
identity_store_upgrade.go Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
identity_store_util.go Update group alias handling to better protect against namespace differences 2019-06-18 16:43:30 -04:00
init.go storage/raft: Support storage migration to raft storage (#7207) 2019-07-29 13:05:43 -07:00
init_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
keyring.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
keyring_test.go Spelling (#4119) 2018-03-20 14:54:10 -04:00
logical_cubbyhole.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
logical_cubbyhole_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
logical_passthrough.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
logical_passthrough_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
logical_system.go sys: add host-info endpoint (#7330) 2019-10-03 09:43:52 -07:00
logical_system_helpers.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
logical_system_integ_test.go Add maximum amount of random entropy requested (#7144) 2019-07-24 18:22:23 -07:00
logical_system_paths.go sys: add host-info endpoint (#7330) 2019-10-03 09:43:52 -07:00
logical_system_pprof.go sys: add pprof endpoint (#7473) 2019-09-19 13:44:37 -07:00
logical_system_raft.go logical/request: store the entire http.Request object instead (#7412) 2019-09-06 12:40:15 -07:00
logical_system_test.go Add maximum amount of random entropy requested (#7144) 2019-07-24 18:22:23 -07:00
mount.go Move SudoPrivilege out of SystemView (#7266) 2019-08-26 10:23:46 -04:00
mount_test.go AWS upgrade role entries (#7025) 2019-07-05 16:55:40 -07:00
mount_util.go Add new license callback init step for logical backends. (#6887) 2019-06-17 14:11:35 -04:00
namespaces.go The big one (#5346) 2018-09-17 23:03:00 -04:00
plugin_catalog.go Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
plugin_catalog_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
plugin_reload.go Sync plugin reload file 2019-04-23 10:22:56 -04:00
policy.go Add OIDC token generation to Identity (#6900) 2019-06-21 10:23:39 -07:00
policy_store.go Add maximum amount of random entropy requested (#7144) 2019-07-24 18:22:23 -07:00
policy_store_test.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
policy_store_util.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
policy_test.go Fix hasMountPath for segment wildcard mounts; introduce priority order (#6532) 2019-04-10 17:46:17 -04:00
policy_util.go The big one (#5346) 2018-09-17 23:03:00 -04:00
raft.go Make clusterListener an atomic.Value to avoid races with getGRPCDialer. (#7408) 2019-09-03 11:59:56 -04:00
rekey.go Raft Storage Backend (#6888) 2019-06-20 12:14:58 -07:00
rekey_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
request_forwarding.go Make clusterListener an atomic.Value to avoid races with getGRPCDialer. (#7408) 2019-09-03 11:59:56 -04:00
request_forwarding_rpc.go Fixed a bunch of typos (#7146) 2019-07-18 21:10:15 -04:00
request_forwarding_rpc_util.go The big one (#5346) 2018-09-17 23:03:00 -04:00
request_forwarding_service.pb.go Rerun proto gen as some got gen'd with old proto version (#7090) 2019-07-09 01:02:20 +02:00
request_forwarding_service.proto Raft Storage Backend (#6888) 2019-06-20 12:14:58 -07:00
request_handling.go Fix various read only storage errors 2019-07-05 18:13:49 -04:00
request_handling_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
request_handling_util.go Fix various read only storage errors 2019-07-05 18:13:49 -04:00
rollback.go Fixed a bunch of typos (#7146) 2019-07-18 21:10:15 -04:00
rollback_test.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
router.go Fix batch token test (#7047) 2019-07-02 22:16:43 -04:00
router_access.go The big one (#5346) 2018-09-17 23:03:00 -04:00
router_test.go Fix a deadlock if a panic happens during request handling (#6920) 2019-06-19 09:40:57 -04:00
router_testing.go AWS upgrade role entries (#7025) 2019-07-05 16:55:40 -07:00
seal.go Raft Storage Backend (#6888) 2019-06-20 12:14:58 -07:00
seal_access.go Send initialized information via sys/seal-status (#5424) 2018-09-27 14:03:37 -07:00
seal_autoseal.go core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493) 2019-10-03 16:40:18 -04:00
seal_autoseal_test.go core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493) 2019-10-03 16:40:18 -04:00
seal_test.go Raft Storage Backend (#6888) 2019-06-20 12:14:58 -07:00
seal_testing.go Raft Storage Backend (#6888) 2019-06-20 12:14:58 -07:00
seal_testing_util.go Fix test 2019-06-23 23:05:51 -04:00
sealunwrapper.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
sealunwrapper_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
testing.go testing: set MetricsHelper if it not provided through base config (#7480) 2019-09-16 17:50:51 -07:00
testing_util.go Fix leader info repopulation (#6167) 2019-02-05 21:01:18 -05:00
token_store.go Move SudoPrivilege out of SystemView (#7266) 2019-08-26 10:23:46 -04:00
token_store_test.go Fix token_store_test.go (#7490) 2019-09-18 14:18:08 -07:00
token_store_util.go The big one (#5346) 2018-09-17 23:03:00 -04:00
ui.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
ui_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
util.go Removed unused methods 2017-01-03 12:51:35 -05:00
util_test.go Utility Enhancements 2016-04-05 20:32:59 -04:00
wrapping.go Fix nil pointer panic in wrapping validation (#7077) 2019-07-05 22:31:03 -04:00
wrapping_util.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00