upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-04-29 18:19:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
2495 commits 2875 branches 479 tags 606 MiB
Commit graph

324 commits

Author SHA1 Message Date
Jeff Mitchell
a087e943c7 Fix output of token-create help to use ttl instead of lease 2015-10-09 19:40:30 -04:00
Jeff Mitchell
46a14f6b65 Fix mount-tune CLI output 2015-10-09 16:03:31 -04:00
Jeff Mitchell
843c5353c3 Update CLI help text for init/rekey regarding base64-encoded keys 2015-10-08 11:09:30 -04:00
Jeff Mitchell
41f7cc9406 Adjust warnings message to make it clear they are from the server 2015-10-07 16:18:39 -04:00
Jeff Mitchell
fd2c0f033e Add the ability for warnings to be added to responses. These are 
marshalled into JSON or displayed from the CLI depending on the output
mode. This allows conferring information such as "no such policy exists"
when creating a token -- not an error, but something the user should be
aware of.

Fixes #676
 2015-10-07 16:18:39 -04:00
vishalnayak
02f11cb2da Merge branch 'master' of https://github.com/hashicorp/vault 2015-10-03 00:07:34 -04:00
Jeff Mitchell
5088eb322c Remove use of os/user as it cannot be run with CGO disabled 2015-10-02 18:43:38 -07:00
vishalnayak
25f604f429 Remove format parameter 2015-10-02 14:10:24 -04:00
vishalnayak
bf017d28d1 Github backend: enable auth renewals 2015-10-02 13:33:19 -04:00
Jeff Mitchell
70ce824267 Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend. 2015-09-25 10:41:21 -04:00
Jeff Mitchell
4801922b43 Minor updates to passthrough and additional tests 2015-09-21 16:57:41 -04:00
Jeff Mitchell
7e1c2c62c4 Use 'ttl_seconds' in CLI output so as not to shadow actual 'ttl' parameter 2015-09-21 16:37:37 -04:00
Jeff Mitchell
a782efa308 If there's no lease, output ttl instead of lease_duration 2015-09-21 16:37:37 -04:00
Jeff Mitchell
b0c97f8b8d If lease_duration is not zero, output it even if there is no lease. 2015-09-21 16:37:37 -04:00
Jeff Mitchell
4836e7ca4d Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527 2015-09-18 14:01:28 -04:00
vishalnayak
fee64e16c2 Adding type checking to ensure only BasicUi is affected 2015-09-17 11:37:21 -04:00
vishalnayak
fceaea733e CLI: Avoiding CR when printing specific fields 2015-09-17 10:05:56 -04:00
hendrenj
2925912b6b improve documentation for available log levels 2015-09-16 11:01:33 -06:00
vishalnayak
cd5da08a62 Typo fix 2015-09-11 21:36:20 -04:00
vishalnayak
ec4f6e59b3 Improve documentation of token renewal 2015-09-11 21:08:32 -04:00
Jeff Mitchell
b9a5a137c0 Address items from feedback. Make MountConfig use values rather than 
pointers and change how config is read to compensate.
 2015-09-10 15:09:54 -04:00
Jeff Mitchell
3e713c61ac Push a lot of logic into Router to make a bunch of it nicer and enable a 
lot of cleanup. Plumb config and calls to framework.Backend.Setup() into
logical_system and elsewhere, including tests.
 2015-09-10 15:09:54 -04:00
Jeff Mitchell
0df0df2fcb Fix typo 2015-09-10 15:09:54 -04:00
Jeff Mitchell
dd8ac00daa Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
Jeff Mitchell
aadf039368 Add DynamicSystemView. This uses a pointer to a pointer to always have 
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.

Need specific unit tests for this functionality.
 2015-09-10 15:09:54 -04:00
Jeff Mitchell
dffcf0548e Plumb per-mount config options through API 2015-09-10 15:09:53 -04:00
vishalnayak
140013aebd Vault SSH: Default CIDR for roles 2015-08-27 13:04:15 -04:00
Jeff Mitchell
4c5c82e6f7 Rename config lease_duration parameters to lease_ttl in line with current standardization efforts 2015-08-27 07:50:24 -07:00
Jeff Mitchell
5584a11997 When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes. 2015-08-26 07:59:50 -07:00
Jeff Mitchell
4d877dc4eb Address comments from review. 2015-08-25 15:33:58 -07:00
Jeff Mitchell
e133536b79 Add support for pgp-keys argument to rekey, as well as tests, plus 
refactor common bits out of init.
 2015-08-25 14:52:13 -07:00
Jeff Mitchell
efccbcd23e Don't store the given public keys in the seal config 2015-08-25 14:52:13 -07:00
Jeff Mitchell
ee10f1a565 Handle people specifying PGP key files with @ in front 2015-08-25 14:52:13 -07:00
Jeff Mitchell
d2023234b9 Add support for "pgp-tokens" parameters to init. 
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
 2015-08-25 14:52:13 -07:00
Jeff Mitchell
f1a301922d Remove cookie authentication. 2015-08-21 19:46:23 -07:00
vishalnayak
47464abd08 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-08-19 12:16:37 -07:00
Jeff Mitchell
1f0458ffd5 Add -no-verify option to CLI auth command, to avoid decrementing the token use count during auth. 2015-08-18 19:22:17 -07:00
vishalnayak
d6c5031169 Vault SSH: TLS client creation test 2015-08-18 19:00:27 -07:00
vishalnayak
99736663e2 Vault SSH: verify echo test 2015-08-18 16:48:50 -07:00
vishalnayak
71c039d7cd Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-08-17 18:22:13 -07:00
vishalnayak
d63726b41b Vault SSH: Documentation update and minor refactoring changes. 2015-08-17 18:22:03 -07:00
Armon Dadgar
e659d93163 command: Fixing setup of client certificates 2015-08-17 12:18:14 -07:00
vishalnayak
a98b3befd9 Vault SSH: Website page for SSH backend 2015-08-14 12:41:26 -07:00
vishalnayak
ffaf80167d Vault SSH: CLI embellishments 2015-08-13 16:55:47 -07:00
vishalnayak
f21c64e874 Vault SSH: Renamed path with mountPoint 2015-08-12 10:30:50 -07:00
vishalnayak
6b86811503 Vault SSH: Fixed constructor of SSH api 2015-08-12 09:56:17 -07:00
vishalnayak
2ac3cabf87 Merging changes from master 2015-08-12 09:28:16 -07:00
Michael S. Fischer
3a05fb70a7 command/meta.go: document environment variables 
Document the environment variables which, if set, can provide default
values for configuration options.

Fixes #476
 2015-08-07 15:13:30 -07:00
Matt Button
907011f8d7 Allow the vault token-create command to specify the token's id 2015-08-07 08:45:34 +00:00
vishalnayak
b5c3624f2e Merging with master 2015-08-06 18:44:40 -04:00
vishalnayak
044a2257e7 Vault SSH: Automate OTP typing if sshpass is installed 2015-08-06 17:00:50 -04:00
vishalnayak
0542fd8389 Vault SSH: uninstall dynamic keys using script 2015-08-06 15:50:12 -04:00
vishalnayak
8dbbb8b8e6 Vault SSH: CRUD test case for OTP Role 2015-07-31 13:24:23 -04:00
Karl Gutwin
1a673ddc0a PR review updates 2015-07-30 13:21:41 -04:00
Karl Gutwin
a87af4e863 Add configuration options for default lease duration and max lease duration. 2015-07-30 09:42:49 -04:00
vishalnayak
9aa02ad560 Vault SSH: Review Rework 2015-07-29 14:21:36 -04:00
Vishal Nayak
11a6c6de12 Vault SSH: Refactoring 2015-07-27 16:42:03 -04:00
Vishal Nayak
6c5548ca7b Vault SSH: Refactoring 2015-07-27 13:02:31 -04:00
Vishal Nayak
0a4854e542 Vault SSH: Dynamic Key test case fix 2015-07-24 12:13:26 -04:00
Vishal Nayak
699862b07a Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-23 17:20:34 -04:00
Vishal Nayak
3a1eaf1869 Vault SSH: Support OTP key type from CLI 2015-07-23 17:20:28 -04:00
Armon Dadgar
676f6d4233 server: import sha512. Fixes #448 2015-07-23 13:51:45 -07:00
Karl Gutwin
04c5596822 Avoid unnecessary abbreviation 2015-07-22 23:28:46 -04:00
Karl Gutwin
3ed4f2f9e1 Allow specifying a TLS minimum version 2015-07-22 23:19:41 -04:00
Nate Brown
ba38ab3a58 Git ignore getting in the way 2015-07-14 15:57:06 -07:00
Nate Brown
e83432adb3 Fix travis build 2015-07-14 15:50:29 -07:00
Nate Brown
8f666b8e60 Telemetry object in config 2015-07-14 15:36:28 -07:00
Nate Brown
693f529ae7 Disable hostname prefix for runtime telemetry 2015-07-13 13:17:57 -07:00
Vishal Nayak
47a9f548fe Vault SSH: Refactoring and fixes 2015-07-10 18:44:31 -06:00
Vishal Nayak
dae996c994 Vault SSH: Added comments to ssh_test 2015-07-10 16:59:32 -06:00
Vishal Nayak
eb0f119491 Vault SSH: Backend and CLI testing 2015-07-10 16:18:02 -06:00
Vishal Nayak
c25525a22a Vault SSH: Test case skeleton 2015-07-10 09:56:14 -06:00
Vishal Nayak
6f86d32089 Vault SSH: Made port number configurable 2015-07-06 16:56:45 -04:00
Vishal Nayak
0a59e84cef Vault SSH: Revoking key after SSH session from CLI 2015-07-06 11:05:02 -04:00
Vishal Nayak
280efd28f6 Vault SSH: PR review rework: Formatting/Refactoring 2015-07-02 19:52:47 -04:00
Vishal Nayak
fbaea45101 Vault SSH: PR review rework 2015-07-02 17:23:09 -04:00
Vishal Nayak
57174693ce Vault SSH: replaced concatenated strings by fmt.Sprintf 2015-07-01 20:35:11 -04:00
Vishal Nayak
13ab7fc40b Vault SSH: PR review rework - 1 2015-07-01 11:58:49 -04:00
Vishal Nayak
b821a8e872 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-30 18:33:37 -04:00
Vishal Nayak
2163818bd6 Input validations, help strings, default_user support 2015-06-30 18:33:17 -04:00
Armon Dadgar
18a23c9bef command: source general options docs from common source 2015-06-30 12:01:23 -07:00
Karl Gutwin
3a5b8789b8 CLI docs 2015-06-30 09:04:57 -04:00
Karl Gutwin
67993efeb0 Better error messages. 2015-06-30 08:59:38 -04:00
Vishal Nayak
756be6976d Refactoring changes 2015-06-29 22:00:08 -04:00
Karl Gutwin
75861c7c3b Initial sketch for client TLS auth 2015-06-29 15:33:16 -04:00
Vishal Nayak
5da639feff Creating SSH keys and removal of files in pure 'go' 2015-06-26 15:43:27 -04:00
Vishal Nayak
7dbad8386c ssh/lookup implementation and refactoring 2015-06-25 21:47:32 -04:00
Vishal Nayak
4b07eba487 POC: Rework. Doing away with policy file. 2015-06-24 18:13:12 -04:00
Vishal Nayak
9d709bd5a9 SSHs to multiple users by registering the respective host keys 2015-06-19 12:59:36 -04:00
Vishal Nayak
5cd9b7a7d8 merging with master 2015-06-18 20:51:11 -04:00
Vishal Nayak
fe5bb20e92 Roles, key renewal handled. End-to-end basic flow working. 2015-06-18 20:48:41 -04:00
Armon Dadgar
f91b91289c command/read: Ensure only a single argument. Fixes #304 2015-06-18 16:00:41 -07:00
Armon Dadgar
48e7531f79 command/path-help: rename command, better error if sealed. Fixes #234 2015-06-18 15:56:42 -07:00
Armon Dadgar
2772807547 command/write: adding force flag for when no data fields are necessary. Fixes #357 2015-06-18 13:51:06 -07:00
Armon Dadgar
57d1230e6c command/server: fixing output weirdness 2015-06-18 13:48:18 -07:00
Armon Dadgar
0696bc47e0 command/auth: warn earlier about VAULT_TOKEN 2015-06-18 13:48:04 -07:00
Armon Dadgar
ee176b2f5d command/auth: warn about the VAULT_TOKEN env var. Fixes #195 2015-06-17 19:19:02 -07:00
Vishal Nayak
f2ace92e98 Implementation for storing and deleting the host information in Vault 2015-06-17 22:10:47 -04:00
Armon Dadgar
0277cedc8a cmomand/read: strip path prefix if necessary. Fixes #343 2015-06-17 18:33:15 -07:00
Armon Dadgar
70ee1866ca server: graceful shutdown for fast failover. Fixes #308 2015-06-17 18:24:56 -07:00