Affected by GO-2022-0618
and 11 other vulnerabilities
GO-2022-0618 : Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2022-0632 : Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault in github.com/hashicorp/vault
GO-2023-1708 : HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault
GO-2023-1849 : Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault
GO-2023-1897 : HashiCorp Vault's revocation list not respected in github.com/hashicorp/vault
GO-2023-1900 : Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault
GO-2023-1986 : HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2088 : Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault
GO-2023-2329 : HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2617 : Authentication bypass in github.com/hashicorp/vault
GO-2024-2690 : HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-3191 : Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
Discover Packages
github.com/hashicorp/vault
helper
mfa
package
Version:
v0.6.1-rc3
Opens a new window with list of versions in this module.
Published: Aug 15, 2016
License: MPL-2.0
Opens a new window with license information.
Imports: 3
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
Documentation
¶
Package mfa provides wrappers to add multi-factor authentication
to any auth backend.
To add MFA to a backend, replace its login path with the
paths returned by MFAPaths and add the additional root
paths returned by MFARootPaths. The backend provides
the username to the MFA wrapper in Auth.Metadata['username'].
To add an additional MFA type, create a subpackage that
implements [Type]Paths, [Type]RootPaths, and [Type]Handler
functions and add them to MFAPaths, MFARootPaths, and
handlers respectively.
MFAPaths returns paths to wrap the original login path and configure MFA.
When adding MFA to a backend, these paths should be included instead of
the login path in Backend.Paths.
MFARootPaths returns path strings used to configure MFA. When adding MFA
to a backend, these paths should be included in
Backend.PathsSpecial.Root.
HandlerFunc is the callback called to handle MFA for a login request.
type MFAConfig struct {
Type string `json:"type"`
}
Source Files
¶
Directories
¶
Package duo provides a Duo MFA handler to authenticate users with Duo.
Package duo provides a Duo MFA handler to authenticate users with Duo.
Click to show internal directories.
Click to hide internal directories.