Skip to content

Releases: Tongsuo-Project/RustyVault

v0.2.1

10 Jan 08:28
@InfoHunter InfoHunter
v0.2.1
8a7b2c5
Compare
Choose a tag to compare
v0.2.1 Latest
Latest

What's Changed

  • delete keys check by @wsjswy in #98
  • Fixed an issue where post_config could not modify the core data structure by @wa5i in #99
  • Fix the issue of the default functions exiting in the pre_auth and post_auth phases. by @wa5i in #101
  • Bugfix by @wa5i in #102
  • Change version to 0.2.1 by @InfoHunter in #103

New Contributors

Full Changelog: v0.2.0...v0.2.1

Contributors

InfoHunter, wa5i, and wsjswy
Assets 2
Loading

v0.2.0 - Wrong versioning, use v0.2.1 instead

30 Dec 15:03
@wa5i wa5i
v0.2.0
4811636
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.0 - Wrong versioning, use v0.2.1 instead

0.2.0

December 30, 2024

CHANGES:

  • Support authentication methods such as approle, userpass, and cert for login.
  • Support the CLI (Command Line Interface). The supported commands are: server, status, operator [init|seal|unseal], login, auth [list|enable|disable|move], read, list, write, delete.
  • Support MySQL backend storage.
  • Added the functions of issuing SM2 certificates and managing SM2 and SM4 keys.
  • Added the function of RSA asymmetric encryption/decryption.
  • Added the Prometheus function.
  • Added the function that the crypto module at compile time can be switched to use Tongsuo or OpenSSL according to your own needs.
  • Added two request processing phases: pre_auth and post_post. Users can implement their own token verification logic and their own ACL (Access Control List) logic.
  • A request can be bound to a Handler. If a request is bound to its own Handler, only its own handler will be called during the request processing phase, and other handlers will not be called.
  • Added Context to the request data structure. Users can save their own context information between request processing phases.

IMPROVEMENTS:

  • The request processing phase handlers have been changed to asynchronous functions to improve performance.
  • Removed the read-write locks for barrier encryption/decryption to improve performance.
  • Perform path verification when encrypting/decrypting barriers to prevent paths from accessing encrypted data that does not belong to them.
  • Added an HMAC verification value to MountEntry to prevent MountEntry data from being tampered with.
  • Added the implementation of the test case framework.
  • Added the implementation of environment variables and request headers that are compatible with Vault.

BUG FIXES:

  • Fixed the bug that reported an error when remounting the auth path.
  • Fixed the bug where the TLS client authentication failed.
Assets 2
Loading