Brian Kassouf
ab3b625a3b
Add API methods for creating a DR Operation Token and make generate root accept strategy types ( #3565 )
...
* Add API and Command code for generating a DR Operation Token
* Update generate root to accept different token strategies
2017-11-10 10:19:42 -08:00
Jeff Mitchell
c3b382d010
If kv entry is sealwrapped and is response-wrapped ensure it carries through
2017-11-10 12:56:31 -05:00
Brian Shumate
a7af6c4cb7
Debug level logging of socket audit backend config at startup ( #3560 )
2017-11-10 12:08:36 -05:00
vishalnayak
e1a55161a8
changelog++
2017-11-10 11:39:20 -05:00
Vishal Nayak
61d617df81
Avoid race conditions in AppRole ( #3561 )
...
* avoid race conditions in approle
* return a warning from role read if secondary index is missing
* Create a role ID index if a role is missing one
* Fix locking in approle read and add test
* address review feedback
2017-11-10 11:32:04 -05:00
Vishal Nayak
645c068011
transit doc update ( #3564 )
2017-11-09 16:17:54 -05:00
Jeff Mitchell
18f76d0909
Change test cluster to request client cert rather than verify if given
2017-11-09 15:55:23 -05:00
Jeff Mitchell
fdaed84e82
Add ability to send seal wrap response info into cubbyhole request. ( #3562 )
...
Ref 84f80db4bf499ce7345615cc2def77e7d48bc690
2017-11-09 12:47:42 -05:00
Jeff Mitchell
922ac56222
Seal wrap requesting in logical.Request wrapinfo ( #3559 )
2017-11-09 10:32:49 -05:00
Jeff Mitchell
6b72b90efa
Remove allow_base_domain from PKI role output.
...
It was never used in a release, in favor of allow_bare_domains.
Fixes #1452 (again)
2017-11-09 10:24:36 -05:00
James Soubry
f2a98cc662
Fix curl commands ( #3558 )
...
Curl commands require HCL within JSON to work.
2017-11-09 10:16:09 -05:00
Vishal Nayak
660c9ab382
Merge identity alias lookups into either entity or group lookup endpoints ( #3538 )
...
* merge identity alias lookups into either entity or group lookups
* Address review feedback
* address review feedback
2017-11-09 01:29:19 -05:00
Jeff Mitchell
3555a17d52
Don't read out an internal role member in PKI
2017-11-08 18:20:53 -05:00
Chris Hoffman
a7f510c9b4
converting identity metadata to use TypeKVPairs ( #3549 )
2017-11-08 14:51:40 -05:00
Calvin Leung Huang
b7deec2bec
Add docs for /sys/rekey-recovery-key ( #3520 )
2017-11-08 14:22:30 -05:00
Calvin Leung Huang
882f85740b
Move HA-related config values to top level ( #3550 )
...
* Move HA-related config values to top level
* Add config2.hcl test-fixture
2017-11-08 14:19:41 -05:00
Jeff Mitchell
dd551eb12f
Put back original test cluster client redirect behavior
2017-11-08 10:15:56 -05:00
Bharath B
ab9111827d
Remove symbols from vault binary ( #3369 )
2017-11-08 07:53:08 -05:00
Jeff Mitchell
0c9e692414
Minor mount logic updates ( #3553 )
2017-11-07 20:30:02 -05:00
Calvin Leung Huang
6aa12999aa
Use RFC3339Nano for AuditRequestEntry.Time ( #3551 )
2017-11-07 18:09:54 -05:00
Paul Pieralde
01ff6293e0
Doc fix for Create/Update Token API ( #3548 )
...
`orphan` is intended to be default to False. Docs indicate this
is default to True. Simple change to update the docs only.
2017-11-07 18:06:44 -05:00
Jeff Mitchell
febda30382
Fix potential panic reading local mount tables ( #3552 )
2017-11-07 18:04:37 -05:00
Jeff Mitchell
98dc8e9bea
Fix regression involving cluster listener
2017-11-07 17:27:13 -05:00
Jeff Mitchell
a2db5671c5
Add logbridge for testing
2017-11-07 15:50:09 -05:00
Brian Shumate
0773031985
Update README to fix horizontal rule Markdown ( #3534 )
2017-11-07 15:29:02 -05:00
Calvin Leung Huang
d9eaacf5de
Barrier unseal using recovery keys ( #3541 )
...
* Barrier unseal using recovery keys
* Remove tests
2017-11-07 15:15:39 -05:00
Jeff Mitchell
07dfc1da27
Bump deps
2017-11-07 11:57:05 -05:00
Chris Hoffman
fe52ce1115
Add TypeKVPairs field type ( #3535 )
2017-11-07 11:11:49 -05:00
Vishal Nayak
2b8d8f77d2
Handle 'not supplied' case for field type TypeNameString ( #3546 )
...
* Fix panic if value is not supplied for variables of TypeNameString
* Add tests for 'not supplied' case of all field types
2017-11-07 10:59:57 -05:00
Chris Hoffman
210fe50b68
adding ttl to secret, refactoring for consistency
2017-11-07 09:58:19 -05:00
Calvin Leung Huang
9ffe6421c5
Fix deprecated cassandra backend tests ( #3543 )
2017-11-06 17:15:45 -05:00
Jeff Mitchell
5d50abf2f6
changelog++
2017-11-06 17:13:28 -05:00
Joel Thompson
2c8cd19e14
auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive ( #3291 )
2017-11-06 17:12:07 -05:00
Chris Hoffman
1b387f75e3
minor cleanup
2017-11-06 16:36:37 -05:00
Chris Hoffman
de8c0dce99
minor cleanup
2017-11-06 16:34:20 -05:00
Jeff Mitchell
5220ee452f
changelog++
2017-11-06 15:30:12 -05:00
Jonathan Freedman
4109473134
More Mount Conflict Detection ( #2919 )
2017-11-06 15:29:09 -05:00
Lars Lehtonen
8ccdaa1860
Fix swallowed errors in TestRollbackManager_Join() ( #3327 )
2017-11-06 14:34:27 -05:00
Jeff Mitchell
71b5aa22e5
changelog++
2017-11-06 13:32:30 -05:00
Gregory Reshetniak
57c9afa357
added AWS enpoint handling ( #3416 )
2017-11-06 13:31:38 -05:00
Jeff Mitchell
119607dcb7
Seal wrap all root tokens and their leases ( #3540 )
2017-11-06 13:10:36 -05:00
Vishal Nayak
2af5b9274f
Return group memberships of entity during read ( #3526 )
...
* return group memberships of entity during read
* Add implied group memberships to read response of entity
* distinguish between all, direct and inherited group IDs of an entity
* address review feedback
* address review feedback
* s/implied/inherited in tests
2017-11-06 13:01:48 -05:00
Calvin Leung Huang
d7305a4681
Add note on support for using rec keys on /sys/rekey ( #3517 )
2017-11-06 12:18:15 -05:00
Jason Antman
af649c60d0
Add third party tools list to website ( #3488 )
2017-11-06 12:11:02 -05:00
Jeff Mitchell
7e80b4b7ad
Minor client refactoring ( #3539 )
2017-11-06 12:06:19 -05:00
Jeff Mitchell
5f254f0245
changelog++
2017-11-06 12:05:44 -05:00
Jeff Mitchell
17310654a1
Add PKCS8 marshaling to PKI ( #3518 )
2017-11-06 12:05:07 -05:00
Nicolas Corrarello
5a317a1a32
Updated documentation
2017-11-06 15:13:50 +00:00
Nicolas Corrarello
c70bfff23a
Refactored Lease into the Backend configuration
2017-11-06 15:09:56 +00:00
Nicolas Corrarello
6dc8edf09f
Attaching secretToken to backend
2017-11-06 14:28:30 +00:00