2374129c33
Consolidate mlock calls into one place
...
In theory Android and NaCL could build Vault now, too.
List of targets derived from: `go tool dist list`
2016-04-05 13:57:29 -07:00
a8943aeaa2
Add a changelog entry for BSD mlock support
2016-04-05 12:35:28 -07:00
47c3202811
Unconditionally warn on systems w/o mlock support
...
If someone begins using Vault on Windows in dev mode, always hint so that this isn't a surprise when they get to production.
2016-04-05 12:32:53 -07:00
308057a4a9
Switch Linux over to using the `x/sys/unix` package
...
Same syscall interface, but the `x/sys/unix` package is not frozen. No functional change from this commit.
2016-04-05 12:19:46 -07:00
dcde117bcb
`go fmt` was here, no functional change
2016-04-05 12:18:45 -07:00
087e7c94d3
Add Vault support for the *BSDs, including Darwin
...
The `syscall` package has been frozen in favor of `x/sys`. As a result, all of the BSDs are supported and do have `mlockall(2)` support in current versions of Go.
2016-04-05 12:18:19 -07:00
348be0e50b
Remove RevokePrefix from the API too as we simply do not support it any
...
longer.
2016-04-05 11:00:12 -04:00
ebfc8c3fb1
Merge pull request #1293 from gliptak/patch-2
...
Correct typo in base64 parameters
2016-04-05 09:38:00 -04:00
9108ed7eca
Merge pull request #1292 from gliptak/patch-1
...
Update transit read key output
2016-04-05 09:37:41 -04:00
ce2dd5d869
Correct typo in base64 parameters
2016-04-05 09:20:43 -04:00
a8edba907f
Update transit read key output
2016-04-05 09:16:47 -04:00
d72e462686
Merge pull request #1290 from steve-jansen/patch-2
...
Adds note on GH-1102 fix to secret/aws doc
2016-04-05 08:37:39 -04:00
38ecad683a
Merge pull request #1289 from steve-jansen/patch-1
...
Fix typo in iam permission for STS
2016-04-05 08:37:12 -04:00
d2b3d924ca
Adds note on GH-1102 fix to secret/aws doc
...
Add note related to #1102 , which leads to a non-obvious AWS error message on 0.5.0 or earlier.
2016-04-04 21:30:41 -04:00
89c7f312e4
Fix typo in iam permission for STS
2016-04-04 21:20:26 -04:00
9102b994aa
Sync some seal stuff
2016-04-04 13:46:33 -04:00
afae46feb7
SealInterface
2016-04-04 10:44:22 -04:00
b47d6dc64f
changelog++
2016-04-02 13:34:05 -04:00
7df3ec46b0
Some fixups around error/warning in LDAP
2016-04-02 13:33:00 -04:00
2e1b12112a
Merge pull request #1283 from hashicorp/ldap-nogroupdn-warn
...
If no group DN is configured, still look for policies on local users and
2016-04-02 13:13:27 -04:00
40325b8042
If no group DN is configured, still look for policies on local users and
...
return a warning, rather than just trying to do an LDAP search on an
empty string.
2016-04-02 13:11:36 -04:00
1b7335cf4e
Fix up the meta common options text function to not strip leading space and fix up commands
2016-04-01 16:50:12 -04:00
b0888e8af1
Remove config from Meta; it's only used right now with the token helper.
2016-04-01 16:02:18 -04:00
a137081241
Move token helper out of meta
2016-04-01 14:23:15 -04:00
133d9c1008
Move meta into its own package
2016-04-01 13:16:05 -04:00
18c8b6eba8
Update 0.6 upgrade info
2016-04-01 10:11:32 -04:00
121a5b37f2
Add revoke-prefix changelog/website info
2016-04-01 10:06:29 -04:00
7d20380c42
Merge pull request #1280 from hashicorp/remove-ts-revoke-prefix
...
Remove auth/token/revoke-prefix in favor of sys/revoke-prefix.
2016-04-01 09:48:52 -04:00
9a992f93f7
changelog++
2016-03-31 20:17:30 -04:00
2b2541e13f
Merge pull request #1277 from hashicorp/suprious-revoke-timer-logs
...
Keep the expiration manager from keeping old token entries.
2016-03-31 20:16:31 -04:00
2efaf5272c
Documentation update
2016-03-31 18:07:43 -04:00
2fd02b8dca
Remove auth/token/revoke-prefix in favor of sys/revoke-prefix.
2016-03-31 18:04:05 -04:00
7a6df4a8ab
changelog++
2016-03-31 17:43:44 -04:00
86ba95e1b2
Merge pull request #1278 from hashicorp/ts-prefix-checkpath
...
Check for auth/ in the path of the prefix for revoke-prefix in the token
2016-03-31 16:41:18 -04:00
7442867d53
Check for auth/ in the path of the prefix for revoke-prefix in the token
...
store.
2016-03-31 16:21:56 -04:00
25b2320899
changelog++
2016-03-31 15:38:21 -04:00
75650ec1ad
Keep the expiration manager from keeping old token entries.
...
The expiration manager would never be poked to remove token entries upon
token revocation, if that revocation was initiated in the token store
itself. It might have been to avoid deadlock, since during revocation of
tokens the expiration manager is called, which then calls back into the
token store, and so on.
This adds a way to skip that last call back into the token store if we
know that we're on the revocation path because we're in the middle of
revoking a token. That way the lease is cleaned up. This both prevents
log entries appearing for already-revoked tokens, and it also releases
timer/memory resources since we're not keeping the leases around.
2016-03-31 15:10:25 -04:00
1915582a24
Merge pull request #1276 from hashicorp/token-roles-blank-policies
...
Two items:
2016-03-31 15:09:32 -04:00
ddce1efd0d
Two items:
...
1: Fix path check in core to handle renew paths from the token store
that aren't simply renew/
2: Use token policy logic if token store role policies are empty
2016-03-31 14:52:49 -04:00
36215ab5df
Merge pull request #1275 from gdevos/patch-2
...
Update index.html.md
2016-03-31 14:35:06 +02:00
eadf2faf83
Update index.html.md
...
According to the source it is expecting a description. log_raw is one of the options.
2016-03-31 14:19:03 +02:00
cdf6e5d1ee
Merge pull request #1274 from gdevos/patch-1
...
Update index.html.md
2016-03-31 14:07:27 +02:00
13763203b6
Update index.html.md
...
description -> log_raw
2016-03-31 14:06:19 +02:00
7fd5a679ca
Fix potential error scoping issue.
...
Ping #1262
2016-03-30 19:48:23 -04:00
1be69ae235
Sort infokeys on startup and add more padding
2016-03-30 12:31:47 -04:00
e6d20d1356
Merge pull request #1271 from jangie/patch-1
...
Update consul.html.md
2016-03-30 10:14:29 -04:00
36d22a0c8d
Update consul.html.md
2016-03-30 09:57:14 -04:00
9932efea08
Merge pull request #1268 from hashicorp/fix-audit-doc
...
Fix audit docs
2016-03-30 00:55:39 -04:00
7a34cea28d
Fix audit docs
2016-03-30 00:54:40 -04:00
3cfcd4ddf1
Check for nil connection back from go-ldap, which apparently can happen even with no error
...
Ping #1262
2016-03-29 10:00:04 -04:00
Sean Chittenden