Jeff Mitchell
291352fd99
changelog++
2016-02-22 19:52:48 -05:00
Jeff Mitchell
84d87b171b
Merge pull request #1117 from hashicorp/add-time-to-responses
...
Add the server's time in UTC to the health response.
2016-02-22 19:52:03 -05:00
Jeff Mitchell
76923aa28a
Add the server's time in UTC to the health response.
2016-02-22 19:51:18 -05:00
Jeff Mitchell
f56e4a604d
Merge pull request #1114 from hashicorp/dont-delete-certs
...
Do not delete certs (or revocation information)
2016-02-22 16:11:13 -05:00
Jeff Mitchell
4514192145
Address review feedback
2016-02-22 16:11:01 -05:00
Jeff Mitchell
9a1ddf6d5f
changelog++
2016-02-22 13:40:27 -05:00
Jeff Mitchell
f43ab6a25d
Remove extra debugging from PKI tests
2016-02-22 13:39:05 -05:00
Jeff Mitchell
f27eab1d28
Do not delete certs (or revocation information) to avoid potential
...
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
2016-02-22 13:36:17 -05:00
Jeff Mitchell
51ced69bf8
Fix issue where leftover values after cn tests could trigger errors in ipsan tests
2016-02-22 13:35:57 -05:00
vishalnayak
e2e15376dd
changelog++
2016-02-22 11:41:13 -05:00
Vishal Nayak
949f8a6b69
Merge pull request #1112 from hashicorp/1089-postgres-connection-url
...
postgres: connection_url fix
2016-02-22 11:36:04 -05:00
Jeff Mitchell
4c327ca4cc
More improvements to PKI tests; allow setting a specific seed, output
...
the seed to the console, and split generated steps to make it
understandable which seed is for which set of steps.
2016-02-22 11:22:52 -05:00
vishalnayak
c9899a5300
postgres: connection_url fix
2016-02-22 11:22:49 -05:00
Vishal Nayak
879db1766a
Merge pull request #1108 from vanhalt/fixing_write_help
...
When writing from a file it must be a JSON file
2016-02-22 11:01:21 -05:00
Jeff Mitchell
8d4c6f4c98
Use more fuzziness in PKI backend tests
2016-02-22 10:59:37 -05:00
vanhalt
a387725e96
help sentence improved
2016-02-22 09:38:30 -06:00
Jeff Mitchell
392a26e9cd
Better handle errors from fetchCertBySerial
2016-02-22 10:36:26 -05:00
vanhalt
31862dc5c2
When writing from a file it must be a JSON file
...
Making clear from write help text that when writing secrets
using @file, the file must be a JSON file.
2016-02-21 19:02:09 -06:00
Jeff Mitchell
0451adc28f
Merge pull request #1107 from vanhalt/fixing_auth-enable_help
...
Fixing auth-enable help text
2016-02-21 16:14:29 -05:00
vanhalt
d0489e16c1
Fixing auth-enable help text
...
auth-enable command help in the "Auth Enable Options" is suggesting
the usage of a non-existing command called 'auth-list' instead of
the correct one "auth -methods"
2016-02-21 14:54:50 -06:00
Jeff Mitchell
fc3d828c9d
changelog++
2016-02-21 15:35:43 -05:00
Jeff Mitchell
f30ea2dc0a
Merge pull request #1106 from hashicorp/issue-468
...
Remove root requirement for certs/ and crls/ in TLS auth backend.
2016-02-21 15:34:26 -05:00
Jeff Mitchell
fab2d8687a
Remove root requirement for certs/ and crls/ in TLS auth backend.
...
Fixes #468
2016-02-21 15:33:33 -05:00
Jeff Mitchell
7165be0cf3
changelog++
2016-02-19 21:43:37 -05:00
Jeff Mitchell
2bff5716bf
changelog++
2016-02-19 21:42:50 -05:00
Jeff Mitchell
5d5c6527dc
Merge pull request #1104 from hashicorp/check-role-keybits
...
Check role key type and bits when signing CSR.
2016-02-19 21:41:27 -05:00
Jeff Mitchell
58432c5d57
Add tests for minimum key size checking. (This will also verify that the
...
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
2016-02-19 21:39:40 -05:00
Jeff Mitchell
c57b646848
Check role key type and bits when signing CSR.
...
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
2016-02-19 20:50:49 -05:00
vishalnayak
6a14786660
changelog++
2016-02-19 18:34:23 -05:00
vishalnayak
c4abe72075
Cap the length midString in IAM user's username to 42
2016-02-19 18:31:10 -05:00
Vishal Nayak
773de69796
Merge pull request #1102 from hashicorp/shorten-aws-usernames
...
Set limits on generated IAM user and STS token names.
2016-02-19 18:25:29 -05:00
vishalnayak
a43bd9131b
changelog++
2016-02-19 16:52:19 -05:00
Jeff Mitchell
574542b683
Some minor changes in mysql commenting and names
2016-02-19 16:44:52 -05:00
Jeff Mitchell
25b9f9b4a6
Set limits on generated IAM user and STS token names.
...
Fixes #1031
Fixes #1063
2016-02-19 16:35:06 -05:00
Vishal Nayak
4c9b4ee93b
Merge pull request #1096 from hashicorp/iss1076-allow-verification
...
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:28:41 -05:00
vishalnayak
a16055c809
mysql: fix error message
2016-02-19 16:07:06 -05:00
vishalnayak
38b55bd8b1
Don't deprecate value field yet
2016-02-19 16:07:06 -05:00
vishalnayak
99f4969b20
Removed connectionString.ConnectionString
2016-02-19 16:07:05 -05:00
vishalnayak
380b662c3d
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:07:05 -05:00
Jeff Mitchell
bebcd518a9
Purge fastly when we do a release, in case it's a re-package
...
Fixes #1057
2016-02-19 15:59:52 -05:00
Jeff Mitchell
fef282f078
Some website config updates
2016-02-19 15:27:02 -05:00
Jeff Mitchell
50d3b68c8d
Merge pull request #1078 from eyal-lupu/master
...
ZooKeeper Backend: Authnetication and Authorization support
2016-02-19 15:13:09 -05:00
Jeff Mitchell
5036882353
changelog++
2016-02-19 15:12:05 -05:00
Jeff Mitchell
6df75231b8
Merge pull request #1100 from hashicorp/issue-1030
...
Properly escape filter values in LDAP filters
2016-02-19 14:56:40 -05:00
Jeff Mitchell
be073f8499
Update upgrade website section with information about the 0.5.1 PKI changes
2016-02-19 14:42:59 -05:00
Jeff Mitchell
8bc34acd4e
changelog++
2016-02-19 14:37:42 -05:00
Jeff Mitchell
9ff59c3385
Merge pull request #1095 from hashicorp/pki-1024-bit-warnings
...
Disallow RSA keys < 2048 in PKI backend
2016-02-19 14:34:47 -05:00
Jeff Mitchell
7fc4ee1ed7
Disallow 1024-bit RSA keys.
...
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
2016-02-19 14:33:02 -05:00
Jeff Mitchell
05b5ff69ed
Address some feedback on ldap escaping help text
2016-02-19 13:47:26 -05:00
Jeff Mitchell
d7b40b32db
Properly escape filter values.
...
Fixes #1030
2016-02-19 13:16:52 -05:00