Releases: Tongsuo-Project/RustyVault
Releases · Tongsuo-Project/RustyVault
v0.3.1
What's Changed
- feat: add sqlx-based MySQL storage backend by @wa5i in b500883
- feat: add CryptoKey, EncryptedBox, SealBox by @wa5i in ab1d0fe
- feat: add inited interface for RustyVault by @wa5i in 4a50e9f
- feat: add unseal_once for UnsealBox to improve security by @wa5i in fc30c3e
- feat: add unseal_once to improve security by @wa5i in a292e61
- opt: optimize MountsMonitor thread exit to avoid long wait by @wa5i in 2957bc2
- docs(server): 修正配置文件路径参数 by @zredb in #142
- refactor: make backend storage interface async by @wa5i in 75e0c8d
- refactor: use DashMap instead of RwLock by @wa5i in cb5ecfe
- refactor: optimize the api of RustyVault by @wa5i in 2b5544a
New Contributors
Full Changelog: v0.3.0...v0.3.1
Contributors
wa5i and zredb
Assets 2
v0.3.0
What's Changed
- fix: test case errors in mysql backend. by @wa5i in #134
- Implemented distributed deployment functionality: by @wa5i in #135
- Implemented CLI commands for secrets and it's subcommands. by @wa5i in #136
- Add interface: /internal/ui/mounts by @wa5i in #137
- refactor: optimize code, remove Core's RwLock, and add entry structure RustyVault by @wa5i in #138
Compatibility Notes
- Due to the removal of RwLock from Core, the usage of Core is not compatible with version v0.2 and earlier versions.
- The HTTP interface remains compatible with previous versions.
New Contributors
- @wsjswy made their first contribution in #98
- @yihong0618 made their first contribution in #113
Full Changelog: v0.2.2...v0.3.0
Contributors
wa5i, yihong0618, and wsjswy
Assets 2
v0.2.2
Contributors
wa5i
Assets 2
v0.2.1
What's Changed
- delete keys check by @wsjswy in #98
- Fixed an issue where post_config could not modify the core data structure by @wa5i in #99
- Fix the issue of the default functions exiting in the pre_auth and post_auth phases. by @wa5i in #101
- Bugfix by @wa5i in #102
- Change version to 0.2.1 by @InfoHunter in #103
New Contributors
Full Changelog: v0.2.0...v0.2.1
Contributors
InfoHunter, wa5i, and wsjswy
Assets 2
v0.2.0 - Wrong versioning, use v0.2.1 instead
0.2.0
December 30, 2024
CHANGES:
- Support authentication methods such as approle, userpass, and cert for login.
- Support the CLI (Command Line Interface). The supported commands are: server, status, operator [init|seal|unseal], login, auth [list|enable|disable|move], read, list, write, delete.
- Support MySQL backend storage.
- Added the functions of issuing SM2 certificates and managing SM2 and SM4 keys.
- Added the function of RSA asymmetric encryption/decryption.
- Added the Prometheus function.
- Added the function that the crypto module at compile time can be switched to use Tongsuo or OpenSSL according to your own needs.
- Added two request processing phases: pre_auth and post_post. Users can implement their own token verification logic and their own ACL (Access Control List) logic.
- A request can be bound to a Handler. If a request is bound to its own Handler, only its own handler will be called during the request processing phase, and other handlers will not be called.
- Added Context to the request data structure. Users can save their own context information between request processing phases.
IMPROVEMENTS:
- The request processing phase handlers have been changed to asynchronous functions to improve performance.
- Removed the read-write locks for barrier encryption/decryption to improve performance.
- Perform path verification when encrypting/decrypting barriers to prevent paths from accessing encrypted data that does not belong to them.
- Added an HMAC verification value to MountEntry to prevent MountEntry data from being tampered with.
- Added the implementation of the test case framework.
- Added the implementation of environment variables and request headers that are compatible with Vault.
BUG FIXES:
- Fixed the bug that reported an error when remounting the auth path.
- Fixed the bug where the TLS client authentication failed.