Commit graph

3290 commits

Author SHA1 Message Date
Sean Chittenden 087e7c94d3 Add Vault support for the *BSDs, including Darwin
The `syscall` package has been frozen in favor of `x/sys`.  As a result, all of the BSDs are supported and do have `mlockall(2)` support in current versions of Go.
2016-04-05 12:18:19 -07:00
Vishal Nayak afbef78f62 Merge pull request #1295 from hashicorp/acceptance-tests
Added AcceptanceTest boolean to logical.TestCase
2016-04-05 15:16:43 -04:00
vishalnayak 95abdebb06 Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell 348be0e50b Remove RevokePrefix from the API too as we simply do not support it any
longer.
2016-04-05 11:00:12 -04:00
Jeff Mitchell ebfc8c3fb1 Merge pull request #1293 from gliptak/patch-2
Correct typo in base64 parameters
2016-04-05 09:38:00 -04:00
Jeff Mitchell 9108ed7eca Merge pull request #1292 from gliptak/patch-1
Update transit read key output
2016-04-05 09:37:41 -04:00
Gábor Lipták ce2dd5d869 Correct typo in base64 parameters 2016-04-05 09:20:43 -04:00
Gábor Lipták a8edba907f Update transit read key output 2016-04-05 09:16:47 -04:00
Jeff Mitchell d72e462686 Merge pull request #1290 from steve-jansen/patch-2
Adds note on GH-1102 fix to secret/aws doc
2016-04-05 08:37:39 -04:00
Jeff Mitchell 38ecad683a Merge pull request #1289 from steve-jansen/patch-1
Fix typo in iam permission for STS
2016-04-05 08:37:12 -04:00
Steve Jansen d2b3d924ca Adds note on GH-1102 fix to secret/aws doc
Add note related to #1102, which leads to a non-obvious AWS error message on 0.5.0 or earlier.
2016-04-04 21:30:41 -04:00
Steve Jansen 89c7f312e4 Fix typo in iam permission for STS 2016-04-04 21:20:26 -04:00
Jeff Mitchell 9102b994aa Sync some seal stuff 2016-04-04 13:46:33 -04:00
Jeff Mitchell afae46feb7 SealInterface 2016-04-04 10:44:22 -04:00
Jeff Mitchell b47d6dc64f changelog++ 2016-04-02 13:34:05 -04:00
Jeff Mitchell 7df3ec46b0 Some fixups around error/warning in LDAP 2016-04-02 13:33:00 -04:00
Jeff Mitchell 2e1b12112a Merge pull request #1283 from hashicorp/ldap-nogroupdn-warn
If no group DN is configured, still look for policies on local users and
2016-04-02 13:13:27 -04:00
Jeff Mitchell 40325b8042 If no group DN is configured, still look for policies on local users and
return a warning, rather than just trying to do an LDAP search on an
empty string.
2016-04-02 13:11:36 -04:00
Jeff Mitchell 1b7335cf4e Fix up the meta common options text function to not strip leading space and fix up commands 2016-04-01 16:50:12 -04:00
Jeff Mitchell b0888e8af1 Remove config from Meta; it's only used right now with the token helper. 2016-04-01 16:02:18 -04:00
Jeff Mitchell a137081241 Move token helper out of meta 2016-04-01 14:23:15 -04:00
Jeff Mitchell 133d9c1008 Move meta into its own package 2016-04-01 13:16:05 -04:00
Jeff Mitchell 18c8b6eba8 Update 0.6 upgrade info 2016-04-01 10:11:32 -04:00
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 7d20380c42 Merge pull request #1280 from hashicorp/remove-ts-revoke-prefix
Remove auth/token/revoke-prefix in favor of sys/revoke-prefix.
2016-04-01 09:48:52 -04:00
Jeff Mitchell 9a992f93f7 changelog++ 2016-03-31 20:17:30 -04:00
Jeff Mitchell 2b2541e13f Merge pull request #1277 from hashicorp/suprious-revoke-timer-logs
Keep the expiration manager from keeping old token entries.
2016-03-31 20:16:31 -04:00
Jeff Mitchell 2efaf5272c Documentation update 2016-03-31 18:07:43 -04:00
Jeff Mitchell 2fd02b8dca Remove auth/token/revoke-prefix in favor of sys/revoke-prefix. 2016-03-31 18:04:05 -04:00
Jeff Mitchell 7a6df4a8ab changelog++ 2016-03-31 17:43:44 -04:00
Vishal Nayak 86ba95e1b2 Merge pull request #1278 from hashicorp/ts-prefix-checkpath
Check for auth/ in the path of the prefix for revoke-prefix in the token
2016-03-31 16:41:18 -04:00
Jeff Mitchell 7442867d53 Check for auth/ in the path of the prefix for revoke-prefix in the token
store.
2016-03-31 16:21:56 -04:00
Jeff Mitchell 25b2320899 changelog++ 2016-03-31 15:38:21 -04:00
Jeff Mitchell 75650ec1ad Keep the expiration manager from keeping old token entries.
The expiration manager would never be poked to remove token entries upon
token revocation, if that revocation was initiated in the token store
itself. It might have been to avoid deadlock, since during revocation of
tokens the expiration manager is called, which then calls back into the
token store, and so on.

This adds a way to skip that last call back into the token store if we
know that we're on the revocation path because we're in the middle of
revoking a token. That way the lease is cleaned up. This both prevents
log entries appearing for already-revoked tokens, and it also releases
timer/memory resources since we're not keeping the leases around.
2016-03-31 15:10:25 -04:00
Jeff Mitchell 1915582a24 Merge pull request #1276 from hashicorp/token-roles-blank-policies
Two items:
2016-03-31 15:09:32 -04:00
Jeff Mitchell ddce1efd0d Two items:
1: Fix path check in core to handle renew paths from the token store
that aren't simply renew/
2: Use token policy logic if token store role policies are empty
2016-03-31 14:52:49 -04:00
Seth Vargo 36215ab5df Merge pull request #1275 from gdevos/patch-2
Update index.html.md
2016-03-31 14:35:06 +02:00
Gérard de Vos eadf2faf83 Update index.html.md
According to the source it is expecting a description. log_raw is one of the options.
2016-03-31 14:19:03 +02:00
Seth Vargo cdf6e5d1ee Merge pull request #1274 from gdevos/patch-1
Update index.html.md
2016-03-31 14:07:27 +02:00
Gérard de Vos 13763203b6 Update index.html.md
description -> log_raw
2016-03-31 14:06:19 +02:00
Jeff Mitchell 7fd5a679ca Fix potential error scoping issue.
Ping #1262
2016-03-30 19:48:23 -04:00
Jeff Mitchell 1be69ae235 Sort infokeys on startup and add more padding 2016-03-30 12:31:47 -04:00
Jeff Mitchell e6d20d1356 Merge pull request #1271 from jangie/patch-1
Update consul.html.md
2016-03-30 10:14:29 -04:00
Jang-Soo "Bruce" Lee 36d22a0c8d Update consul.html.md 2016-03-30 09:57:14 -04:00
Vishal Nayak 9932efea08 Merge pull request #1268 from hashicorp/fix-audit-doc
Fix audit docs
2016-03-30 00:55:39 -04:00
vishalnayak 7a34cea28d Fix audit docs 2016-03-30 00:54:40 -04:00
Jeff Mitchell 3cfcd4ddf1 Check for nil connection back from go-ldap, which apparently can happen even with no error
Ping #1262
2016-03-29 10:00:04 -04:00
Jeff Mitchell bff4dace78 changelog++ 2016-03-24 10:34:52 -04:00
Jeff Mitchell 37b5697779 Merge pull request #1258 from hashicorp/issue-1256
Properly check for policy equivalency during renewal.
2016-03-24 10:33:56 -04:00
Jeff Mitchell c50276ec17 Fix using wrong var 2016-03-24 10:23:09 -04:00