Jeff Mitchell
0451adc28f
Merge pull request #1107 from vanhalt/fixing_auth-enable_help
...
Fixing auth-enable help text
2016-02-21 16:14:29 -05:00
vanhalt
d0489e16c1
Fixing auth-enable help text
...
auth-enable command help in the "Auth Enable Options" is suggesting
the usage of a non-existing command called 'auth-list' instead of
the correct one "auth -methods"
2016-02-21 14:54:50 -06:00
Jeff Mitchell
fc3d828c9d
changelog++
2016-02-21 15:35:43 -05:00
Jeff Mitchell
f30ea2dc0a
Merge pull request #1106 from hashicorp/issue-468
...
Remove root requirement for certs/ and crls/ in TLS auth backend.
2016-02-21 15:34:26 -05:00
Jeff Mitchell
fab2d8687a
Remove root requirement for certs/ and crls/ in TLS auth backend.
...
Fixes #468
2016-02-21 15:33:33 -05:00
Jeff Mitchell
7165be0cf3
changelog++
2016-02-19 21:43:37 -05:00
Jeff Mitchell
2bff5716bf
changelog++
2016-02-19 21:42:50 -05:00
Jeff Mitchell
5d5c6527dc
Merge pull request #1104 from hashicorp/check-role-keybits
...
Check role key type and bits when signing CSR.
2016-02-19 21:41:27 -05:00
Jeff Mitchell
58432c5d57
Add tests for minimum key size checking. (This will also verify that the
...
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
2016-02-19 21:39:40 -05:00
Jeff Mitchell
c57b646848
Check role key type and bits when signing CSR.
...
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
2016-02-19 20:50:49 -05:00
vishalnayak
6a14786660
changelog++
2016-02-19 18:34:23 -05:00
vishalnayak
c4abe72075
Cap the length midString in IAM user's username to 42
2016-02-19 18:31:10 -05:00
Vishal Nayak
773de69796
Merge pull request #1102 from hashicorp/shorten-aws-usernames
...
Set limits on generated IAM user and STS token names.
2016-02-19 18:25:29 -05:00
vishalnayak
a43bd9131b
changelog++
2016-02-19 16:52:19 -05:00
Jeff Mitchell
574542b683
Some minor changes in mysql commenting and names
2016-02-19 16:44:52 -05:00
Jeff Mitchell
25b9f9b4a6
Set limits on generated IAM user and STS token names.
...
Fixes #1031
Fixes #1063
2016-02-19 16:35:06 -05:00
Vishal Nayak
4c9b4ee93b
Merge pull request #1096 from hashicorp/iss1076-allow-verification
...
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:28:41 -05:00
vishalnayak
a16055c809
mysql: fix error message
2016-02-19 16:07:06 -05:00
vishalnayak
38b55bd8b1
Don't deprecate value field yet
2016-02-19 16:07:06 -05:00
vishalnayak
99f4969b20
Removed connectionString.ConnectionString
2016-02-19 16:07:05 -05:00
vishalnayak
380b662c3d
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:07:05 -05:00
Jeff Mitchell
bebcd518a9
Purge fastly when we do a release, in case it's a re-package
...
Fixes #1057
2016-02-19 15:59:52 -05:00
Jeff Mitchell
fef282f078
Some website config updates
2016-02-19 15:27:02 -05:00
Jeff Mitchell
50d3b68c8d
Merge pull request #1078 from eyal-lupu/master
...
ZooKeeper Backend: Authnetication and Authorization support
2016-02-19 15:13:09 -05:00
Jeff Mitchell
5036882353
changelog++
2016-02-19 15:12:05 -05:00
Jeff Mitchell
6df75231b8
Merge pull request #1100 from hashicorp/issue-1030
...
Properly escape filter values in LDAP filters
2016-02-19 14:56:40 -05:00
Jeff Mitchell
be073f8499
Update upgrade website section with information about the 0.5.1 PKI changes
2016-02-19 14:42:59 -05:00
Jeff Mitchell
8bc34acd4e
changelog++
2016-02-19 14:37:42 -05:00
Jeff Mitchell
9ff59c3385
Merge pull request #1095 from hashicorp/pki-1024-bit-warnings
...
Disallow RSA keys < 2048 in PKI backend
2016-02-19 14:34:47 -05:00
Jeff Mitchell
7fc4ee1ed7
Disallow 1024-bit RSA keys.
...
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
2016-02-19 14:33:02 -05:00
Jeff Mitchell
05b5ff69ed
Address some feedback on ldap escaping help text
2016-02-19 13:47:26 -05:00
Jeff Mitchell
d7b40b32db
Properly escape filter values.
...
Fixes #1030
2016-02-19 13:16:52 -05:00
Jeff Mitchell
c67871c36e
Update LDAP documentation with a note on escaping
2016-02-19 13:16:18 -05:00
Vishal Nayak
597ba98895
Merge pull request #1099 from hashicorp/fix-ssh-cli
...
ssh: use resolved IP address while executing ssh command
2016-02-19 13:02:34 -05:00
Jeff Mitchell
28857cb419
Fix mixed whitespacing in ssh help text
2016-02-19 12:47:58 -05:00
vishalnayak
bccbf2b87e
ssh: use resolved IP address while executing ssh command
2016-02-19 12:19:10 -05:00
Jeff Mitchell
d3f3122307
Add tests to ldap using the discover capability
2016-02-19 11:46:59 -05:00
Jeff Mitchell
154c326060
Add ldap tests that use a bind dn and bind password
2016-02-19 11:38:27 -05:00
Eyal Lupu
e5fac90902
Merge branch 'master' of github.com:eyal-lupu/vault
2016-02-19 13:29:21 +00:00
Eyal Lupu
a6e9820e8d
typo in comment
2016-02-19 13:28:02 +00:00
Eyal Lupu
23303429c0
'Eagerly' parse ZK authentication and authorization to fast-fail bad configuration
2016-02-19 13:24:57 +00:00
Eyal Lupu
c7fe99b1e9
1. gofmt
...
2. Change if expr syntax to be consist with the rest of Vault code
3. More details on error message
2016-02-19 12:19:01 +00:00
Jeff Mitchell
520d71668d
Update .gitignore to remove overzealous application of 'pkg' shadowing
...
vendor dir.
Also update Travis to stop doing bad things.
2016-02-18 21:51:04 -05:00
Jeff Mitchell
0cf0d4d265
Makefile whitespacing
2016-02-18 21:26:28 -05:00
Jeff Mitchell
df3527c0eb
Add travis building of travis-testing branch and make dev to install
2016-02-18 21:23:40 -05:00
Jeff Mitchell
d6df4fa43e
Remove godep from Travis; we're using Go 1.6 vendoring now
2016-02-18 18:25:21 -05:00
Jeff Mitchell
af22880425
Update travis to use Go 1.6
2016-02-18 18:09:21 -05:00
vishalnayak
84d9b6c6b2
changelog++
2016-02-18 17:11:50 -05:00
Jeff Mitchell
88d486c9c1
Merge pull request #1094 from hashicorp/sanitize-ttl-emptystring
...
Make SanitizeTTL treat an empty string the same as a "0" string.
2016-02-18 16:59:23 -05:00
Jeff Mitchell
f9fb20bbe4
Make SanitizeTTL treat an empty string the same as a "0" string.
...
This causes a 0 TTL to be returned for the value, which is a clue to
other parts of Vault to use appropriate defaults. However, this makes
the defaults be used at lease allocation or extension time instead of
when parsing parameters.
2016-02-18 16:51:36 -05:00