Commit graph

8286 commits

Author SHA1 Message Date
Jeff Mitchell 04ad8c7eb3
Fix swallowed err from gcs close calls (#4706) 2018-06-05 15:27:02 -04:00
Jeff Mitchell e294e8666b
Fix panic if passing "rules" via sys/policies/acl (#4705) 2018-06-05 13:01:55 -04:00
LeSuisse 809079cac2 Update usage of deprecated commands rekey and rotate in the documentation (#4703) 2018-06-05 12:37:26 -04:00
Martin 515b4cc4cc Make travis file usable by forks (#4702) 2018-06-05 12:36:46 -04:00
madalynrose 08c7cddef9 trim extensions from filename when uploading a policy file (#4693) 2018-06-05 10:30:32 -05:00
Jeff Mitchell d499eeac51 changelog++ 2018-06-05 11:23:52 -04:00
Jeff Mitchell 0138351ea4
Return generic messages if pre-login ldap operations fail (#4700)
This avoids leaking any information about valid usernames.
2018-06-05 11:23:10 -04:00
Eli Oxman 68ce3bed34 Add async python client to docs (#4698) 2018-06-05 10:23:56 -04:00
Nándor István Krácser a36f91101a Fix VAULT_LOG_LEVEL in docs (#4696) 2018-06-05 10:23:32 -04:00
Jeff Mitchell 8e39515754 changelog++ 2018-06-04 23:19:22 -04:00
Marcin Wielgoszewski 9316c96364 Add support for x.509 Name Serial Number attribute in subject of certificates (#4694) 2018-06-04 23:18:39 -04:00
Becca Petrin 6cafb12ff4 be more explicit about names (#4695) 2018-06-04 21:34:17 -04:00
Jeff Mitchell 9ded5f57fe changelog++ 2018-06-04 19:42:19 -04:00
Jeff Mitchell 3993f126e5
Do some best-effort cleanup in file backend (#4684)
* Do some best-effort cleanup in file backend

If put results in an encoding error and after the file is closed we
detect it's zero bytes, it could be caused by an out of space error on
the disk since file info is often stored in filesystem metadata with
reserved space. This tries to detect that scenario and perform
best-effort cleanup. We only do this on zero length files to ensure that
if an encode fails to write but the system hasn't already performed
truncation, we leave the existing data alone.

Vault should never write a zero-byte file (as opposed to a zero-byte
value in the encoded JSON) so if this case is hit it's always an error.

* Also run a check on Get
2018-06-04 19:41:36 -04:00
Becca Petrin 2e8a3e6d59 update ad dependency (#4692) 2018-06-04 15:09:41 -04:00
Matthew Irish 32fd7be4ac fix route name (#4690) 2018-06-04 14:38:35 -04:00
Chris Hoffman 5344b7c5ae
adding option go_package to protos (#4687)
* adding option go_package to protos

* switching proto output dir to relative paths
2018-06-04 10:19:26 -04:00
Chris Hoffman c4a902dfa1
changelog++ 2018-06-03 20:50:57 -04:00
Chris Hoffman 09f3a62be9
Add entity information request to system view (#4681)
* Add entity information request to system view

* fixing a few comments

* sharing types between plugin and logical

* sharing types between plugin and logical

* fixing output directory for proto

* removing extra replacement

* adding mount type lookup

* empty entities return nil instead of error

* adding some comments
2018-06-03 20:48:12 -04:00
Jeff Mitchell f465c18a59
Update CHANGELOG.md 2018-06-03 19:33:00 -04:00
Becca Petrin b558b388ce strip checking cidrs on renewals (#4682) 2018-06-03 09:22:54 -04:00
Matthew Irish c2f34dcc79
put modal over the nav (#4685) 2018-06-02 21:34:50 -05:00
Jim Kalafut 0a4a54c5e4
Add TypeLowerCaseString (#4683) 2018-06-01 18:30:59 -07:00
Brian Kassouf 0d76ae874c
Update CHANGELOG.md 2018-06-01 15:33:06 -07:00
Matthew Irish a2fb9ae331
UI - console refresh (#4679)
* add router service polyfill
* add refresh command
* move async code into ember-concurrency task and implement refresh that way
* use ember-concurrency derived state to show a loading spinner when the task is running
* scroll after appending to log too
2018-06-01 17:18:31 -05:00
Calvin Leung Huang 36db9818ab
Use same handlers for sys policy and policies endpoints (#4677)
* Use same handlers for sys policy and policies endpoints

* Remove fmt.Println
2018-06-01 12:11:33 -04:00
Jeff Mitchell 21a9b06983
Show mount accessors in normal secrets/auth list commands (#4676)
This makes them significantly easier to find/consume
2018-06-01 10:20:09 -04:00
Jeff Mitchell 6eb183dee0 changelog++ 2018-06-01 09:57:30 -04:00
Michael Russell 1b555b6d4c Only append the UserKnownHostsFile ssh flag when required (#4674)
Don't set a default value for the UserKnownHostsFile flag.
Only append `-o UserKnownHostsFile` to the ssh command if it
has been specified by the user or vault ssh has set it based on another
flag (such as flagHostKeyMountPoint)

Fixes https://github.com/hashicorp/vault/issues/4672
2018-06-01 09:56:22 -04:00
Jeff Mitchell c8bc434441 changelog++ 2018-06-01 09:16:49 -04:00
Michael Russell 4d1669938c Use hostname instead of the IP when running the actual ssh command (#4673)
This is implementing the same fix that was added for the CA mode for vault
ssh in https://github.com/hashicorp/vault/pull/3922
Using the IP address caused `Host` entries in the ssh_config to not
match anymore meaning you would need to hardcode all of your IP
addresses in your ssh config instead of using DNS to connect to hosts
2018-06-01 09:16:12 -04:00
Jeff Mitchell ffdd6dd62b changelog++ 2018-06-01 09:14:57 -04:00
Alex Ionescu 7c31dacea2 Custom extended key usage for PKI. (#4667)
Custom extended key usage for PKI
2018-06-01 09:13:54 -04:00
Jeff Mitchell c7981e6417
Clean up request logic and use retryable's more efficient handling (#4670) 2018-06-01 09:12:43 -04:00
Matthew Irish 4d5713d090
UI - don't re-throw error when fetching features (#4669) 2018-05-31 16:22:49 -05:00
Jeff Mitchell b9ea7ae7cd Bump retryablehttp dep 2018-05-31 17:14:04 -04:00
Brian Kassouf 80580b82f3
UI: Trim trailing slashes to avoid redirects (#4668) 2018-05-31 12:52:43 -07:00
Jim Kalafut 2528a261bf
Add gzip compression to UI static content responses (#4664) 2018-05-31 09:42:08 -07:00
vishalnayak 07688b0de1 changelog++ 2018-05-31 10:20:33 -04:00
Vishal Nayak 9aca33487e
Passthrough EntityID to backends (#4663)
* passthrough entity id

* address review feedback
2018-05-31 10:18:34 -04:00
Brian Kassouf 05b46def62
Cleanup core.go and break out HA functionality (#4661) 2018-05-30 17:30:50 -07:00
Matthew Irish 3fca27ae2e
changelog++ 2018-05-30 12:29:42 -05:00
Matthew Irish 85d7412107
UI access sidebar (#4658)
* add error template to access so that we can see the sidebar even if you don't have permissions

* identity template cleanup

* make the token expiry warning friendlier and style it
2018-05-30 12:26:54 -05:00
Jeff Mitchell 53c6ffcb75 Update kv plugin 2018-05-30 09:07:19 -04:00
Jeff Mitchell bee49b1150 Fix Travis again 2018-05-30 08:56:14 -04:00
Jeff Mitchell 3f5d254111 Try another way for building Travis independently 2018-05-30 08:52:50 -04:00
Jeff Mitchell c4b53bc805 Block travis from running ldap tests as the test server is often failing 2018-05-30 08:46:25 -04:00
Jeff Mitchell 52ab8f50ea Give the token store revoke-self test more breathing room as Travis timings are too tight 2018-05-30 08:41:55 -04:00
Jeff Mitchell 9e7f381fca Sync over changes to config.go 2018-05-30 08:34:46 -04:00
amcbarnett 55eb4a997d Update mount-filter.html.md (#4656) 2018-05-30 08:28:51 -04:00