Versions in this module Expand all Collapse all v0 v0.1.1 May 2, 2015 v0.1.0 Apr 28, 2015 Changes in this version + const PathPolicyDeny + const PathPolicyRead + const PathPolicySudo + const PathPolicyWrite + var ErrAlreadyInit = errors.New("Vault is already initialized") + var ErrBarrierAlreadyInit = errors.New("Vault is already initialized") + var ErrBarrierInvalidKey = errors.New("Unseal failed, invalid key") + var ErrBarrierNotInit = errors.New("Vault is not initialized") + var ErrBarrierSealed = errors.New("Vault is sealed") + var ErrHANotEnabled = errors.New("Vault is not configured for highly-available mode") + var ErrInternalError = errors.New("internal error") + var ErrNotInit = errors.New("Vault is not initialized") + var ErrSealed = errors.New("Vault is sealed") + var ErrStandby = errors.New("Vault is in standby mode") + func ClearView(view *BarrierView) error + func CollectKeys(view *BarrierView) ([]string, error) + func LockMemory() error — darwin/amd64, linux/amd64, windows/amd64 + func NewSystemBackend(core *Core) logical.Backend + func PassthroughBackendFactory(map[string]string) (logical.Backend, error) + func ScanView(view *BarrierView, cb func(path string)) error + func TestCoreInit(t *testing.T, core *Core) ([]byte, string) + func TestKeyCopy(key []byte) []byte + type ACL struct + func NewACL(policies []*Policy) (*ACL, error) + func (a *ACL) AllowOperation(op logical.Operation, path string) bool + func (a *ACL) RootPrivilege(path string) bool + type AESGCMBarrier struct + func NewAESGCMBarrier(physical physical.Backend) (*AESGCMBarrier, error) + func (b *AESGCMBarrier) Delete(key string) error + func (b *AESGCMBarrier) GenerateKey() ([]byte, error) + func (b *AESGCMBarrier) Get(key string) (*Entry, error) + func (b *AESGCMBarrier) Initialize(key []byte) error + func (b *AESGCMBarrier) Initialized() (bool, error) + func (b *AESGCMBarrier) KeyLength() (int, int) + func (b *AESGCMBarrier) List(prefix string) ([]string, error) + func (b *AESGCMBarrier) Put(entry *Entry) error + func (b *AESGCMBarrier) Seal() error + func (b *AESGCMBarrier) Sealed() (bool, error) + func (b *AESGCMBarrier) Unseal(key []byte) error + type AuditBroker struct + func NewAuditBroker(log *log.Logger) *AuditBroker + func (a *AuditBroker) Deregister(name string) + func (a *AuditBroker) IsRegistered(name string) bool + func (a *AuditBroker) LogRequest(auth *logical.Auth, req *logical.Request) error + func (a *AuditBroker) LogResponse(auth *logical.Auth, req *logical.Request, resp *logical.Response, err error) error + func (a *AuditBroker) Register(name string, b audit.Backend, v *BarrierView) + type BarrierStorage interface + Delete func(key string) error + Get func(key string) (*Entry, error) + List func(prefix string) ([]string, error) + Put func(entry *Entry) error + type BarrierView struct + func NewBarrierView(barrier BarrierStorage, prefix string) *BarrierView + func (v *BarrierView) Delete(key string) error + func (v *BarrierView) Get(key string) (*logical.StorageEntry, error) + func (v *BarrierView) List(prefix string) ([]string, error) + func (v *BarrierView) Put(entry *logical.StorageEntry) error + func (v *BarrierView) SubView(prefix string) *BarrierView + type Core struct + func NewCore(conf *CoreConfig) (*Core, error) + func TestCore(t *testing.T) *Core + func TestCoreUnsealed(t *testing.T) (*Core, []byte, string) + func (c *Core) HandleRequest(req *logical.Request) (*logical.Response, error) + func (c *Core) Initialize(config *SealConfig) (*InitResult, error) + func (c *Core) Initialized() (bool, error) + func (c *Core) Leader() (bool, string, error) + func (c *Core) Seal(token string) error + func (c *Core) SealConfig() (*SealConfig, error) + func (c *Core) Sealed() (bool, error) + func (c *Core) SecretProgress() int + func (c *Core) Standby() (bool, error) + func (c *Core) Unseal(key []byte) (bool, error) + type CoreConfig struct + AdvertiseAddr string + AuditBackends map[string]audit.Factory + CacheSize int + CredentialBackends map[string]logical.Factory + DisableCache bool + DisableMlock bool + Logger *log.Logger + LogicalBackends map[string]logical.Factory + Physical physical.Backend + type Entry struct + Key string + Value []byte + func (e *Entry) Logical() *logical.StorageEntry + type ErrInvalidKey struct + Reason string + func (e *ErrInvalidKey) Error() string + type ExpirationManager struct + func NewExpirationManager(router *Router, view *BarrierView, ts *TokenStore, logger *log.Logger) *ExpirationManager + func (m *ExpirationManager) Register(req *logical.Request, resp *logical.Response) (string, error) + func (m *ExpirationManager) RegisterAuth(source string, auth *logical.Auth) error + func (m *ExpirationManager) Renew(leaseID string, increment time.Duration) (*logical.Response, error) + func (m *ExpirationManager) RenewToken(source string, token string, increment time.Duration) (*logical.Auth, error) + func (m *ExpirationManager) Restore() error + func (m *ExpirationManager) Revoke(leaseID string) error + func (m *ExpirationManager) RevokeByToken(token string) error + func (m *ExpirationManager) RevokePrefix(prefix string) error + func (m *ExpirationManager) Stop() error + type InitResult struct + RootToken string + SecretShares [][]byte + type MountEntry struct + Description string + Options map[string]string + Path string + Tainted bool + Type string + UUID string + func (e *MountEntry) Clone() *MountEntry + type MountTable struct + Entries []*MountEntry + func (t *MountTable) Clone() *MountTable + func (t *MountTable) Find(path string) *MountEntry + func (t *MountTable) Hash() ([]byte, error) + func (t *MountTable) Remove(path string) bool + func (t *MountTable) SetTaint(path string, value bool) bool + type PassthroughBackend struct + type PathPolicy struct + Policy string + Prefix string + type Policy struct + Name string + Paths []*PathPolicy + Raw string + func Parse(rules string) (*Policy, error) + type PolicyStore struct + func NewPolicyStore(view *BarrierView) *PolicyStore + func (ps *PolicyStore) ACL(names ...string) (*ACL, error) + func (ps *PolicyStore) DeletePolicy(name string) error + func (ps *PolicyStore) GetPolicy(name string) (*Policy, error) + func (ps *PolicyStore) ListPolicies() ([]string, error) + func (ps *PolicyStore) SetPolicy(p *Policy) error + type RollbackManager struct + func NewRollbackManager(logger *log.Logger, mounts *MountTable, router *Router) *RollbackManager + func (m *RollbackManager) Rollback(path string) error + func (m *RollbackManager) Start() + func (m *RollbackManager) Stop() + type Router struct + func NewRouter() *Router + func (r *Router) LoginPath(path string) bool + func (r *Router) MatchingMount(path string) string + func (r *Router) MatchingView(path string) *BarrierView + func (r *Router) Mount(backend logical.Backend, prefix, salt string, view *BarrierView) error + func (r *Router) Remount(src, dst string) error + func (r *Router) RootPath(path string) bool + func (r *Router) Route(req *logical.Request) (*logical.Response, error) + func (r *Router) Taint(path string) error + func (r *Router) Unmount(prefix string) error + func (r *Router) Untaint(path string) error + type SealConfig struct + SecretShares int + SecretThreshold int + func (s *SealConfig) Validate() error + type SecurityBarrier interface + GenerateKey func() ([]byte, error) + Initialize func([]byte) error + Initialized func() (bool, error) + KeyLength func() (int, int) + Seal func() error + Sealed func() (bool, error) + Unseal func(key []byte) error + type SystemBackend struct + Core *Core + type TokenEntry struct + DisplayName string + ID string + Meta map[string]string + NumUses int + Parent string + Path string + Policies []string + type TokenStore struct + func NewTokenStore(c *Core) (*TokenStore, error) + func (t *TokenStore) SetExpirationManager(exp *ExpirationManager) + func (ts *TokenStore) Create(entry *TokenEntry) error + func (ts *TokenStore) Lookup(id string) (*TokenEntry, error) + func (ts *TokenStore) Revoke(id string) error + func (ts *TokenStore) RevokeTree(id string) error + func (ts *TokenStore) RootToken() (*TokenEntry, error) + func (ts *TokenStore) SaltID(id string) string + func (ts *TokenStore) UseToken(te *TokenEntry) error