Commit graph

12238 commits

Author SHA1 Message Date
Alexander Bezobchuk 378ec869db
Merge PR #9060: Support reading Raft TLS flags from file 2020-05-23 11:09:55 -04:00
Jeff Mitchell 7e5d68a73e
Bump go-kms-wrapping to remove proto warning, and vendor (#9066) 2020-05-22 10:48:50 -04:00
Jim Kalafut a9d7d34ede
Update release notes (#9064) 2020-05-21 18:51:19 -07:00
Noelle Daley cf25427e6c
update deps for security (#9039)
* update deps for security

* upgrade deps

* ugrade ember-engines and ember-auto-import
2020-05-21 16:12:31 -07:00
Lauren Voswinkel 4d98430964
Use parameters when executing prepared statements rather than fmt.Sprintf (#9013)
* Don't use string formatting to prepare queries.

We should, when possible, use the built-in params and ? format when
preparing and executing a query. This is done to prevent SQL Injection
attacks.

* Revert some changes due to failing tests, update mssql go driver

* Add docker container startup for some MSSQL tests

* Remove acceptance test flagging, add more SQL injection protection

* Refactor MSSQL prepareTestContainer to a test helper

Also, remove all ? references and convert them to @p*
2020-05-21 16:07:18 -07:00
Meggie 5c0faa5367
changelog++
Updated with CVE numbers for 1.4.2 and 1.3.6.
2020-05-21 17:21:48 -04:00
Josh Black 0e13f46581
changelog++ 2020-05-21 13:40:16 -07:00
Josh Black 1c2b365158
changelog++ 2020-05-21 13:38:06 -07:00
Mike Jarmy 95055d7409
update website for 1.4.2 (#9063) 2020-05-21 16:34:03 -04:00
Josh Black 6e92c8cbd2
Add a new "vault monitor" command (#8477)
Add a new "vault monitor" command

Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2020-05-21 13:07:50 -07:00
Meggie 8e85844938
changelog++
Dates for 1.3.6 & 1.4.2
2020-05-21 15:44:39 -04:00
Jim Kalafut 7f2404ab28
changelog++ 2020-05-21 12:00:06 -07:00
Jim Kalafut 210c6ab1b3
changelog++ 2020-05-21 11:54:14 -07:00
Mark Gritter 71b3de0450
Switch expiration manager's pending map to a sync.Map. (#8589) 2020-05-21 12:41:03 -05:00
Jeff Escalante 8eed94b072
🌷 Docs Website Maintenance (#8985)
* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code
2020-05-21 13:18:17 -04:00
Jim Kalafut 023948e9ec
changelog++ 2020-05-21 10:03:14 -07:00
Chelsea Shaw 0662288f6a
changelog+- 2020-05-21 11:53:39 -05:00
ncabatoff ae1ec3f701
changelog++ 2020-05-21 12:36:58 -04:00
ncabatoff 22ed4ca7d2
changelog++ 2020-05-21 12:34:57 -04:00
Lauren Voswinkel 8fc08f8c91
Require TLS or plaintext flagging in MySQL configuration (#9012)
* Adds a safety switch to configuration files.

This requires a user to either use TLS, or acknowledge that they are sending
credentials over plaintext.

* Warn if plaintext credentials will be passed

* Add true/false support to the plaintext transmission ack

* Updated website docs and ensured ToLower is used for true comparison
2020-05-21 09:09:37 -07:00
ncabatoff 64549f147d
changelog++ 2020-05-21 10:25:30 -04:00
Jason O'Donnell 4b2a72c616
doc: clarify token helper intro (#9058) 2020-05-21 10:11:32 -04:00
ncabatoff 5376e87360
Don't audit replication status requests or responses. (#8877) 2020-05-21 09:20:05 -04:00
Jeff Mitchell 0b3923c289
Add cors bits into configutil listener (#9054)
* Add cors config to configutil listener parsing

* Set purposeraw to nil after parsing like other params

* Use canonical mime headers
2020-05-20 21:56:12 -04:00
Calvin Leung Huang 34cae3f4e5
changelog++ 2020-05-20 13:56:14 -07:00
Calvin Leung Huang ed264a964f
changelog++ 2020-05-20 13:55:00 -07:00
Clint 39de184f1f
Update vault-plugin-secret-ad dependency (#9025) 2020-05-20 12:47:37 -07:00
ncabatoff af3eff4d29
Restore the original code used for setting userDN based on the result of our query. (#9041) 2020-05-20 14:47:59 -04:00
Jason O'Donnell dd254b08d5
agent/template: update consul-template dep (#9044) 2020-05-20 13:03:33 -04:00
Jim Kalafut 32c81b4c08
changelog++ 2020-05-20 09:46:07 -07:00
Josh Black e53556130c
Fix JSON encoding adding newlines. (#8928)
Fix JSON encoding adding newlines.

This manifested itself when encoding config values, which all map to
strings. An extra new line would get added by json.Encode, which caused
other things to break with confusing error messagges. Switching to
json.Marshal seems to solve the problem.
2020-05-19 16:13:05 -07:00
Mark Gritter a82862a118
Utility for collecting new gauge metrics (#9017) 2020-05-19 17:54:43 -05:00
Jeff Mitchell 623d58deaf Bump api/sdk 2020-05-19 18:19:12 -04:00
Clint c468d84e8d
Update CHANGELOG.md 2020-05-19 17:19:02 -05:00
Jeff Mitchell 7bc65c48de Bump api's sdk 2020-05-19 18:18:38 -04:00
Jeff Mitchell 41d5727d9d
Port encrypted config shared bits to a separate PR (#9037)
* Port encrypted config shared bits to a separate PR

* Address feedback
2020-05-19 18:15:30 -04:00
Clint 8bd8d7dba6
secrets/database: return any error from rotations (#8997) 2020-05-19 12:05:09 -05:00
ncabatoff 6291b40e34
Don't include username or password of proxy env vars when logging them. (#9022) 2020-05-19 10:07:46 -04:00
Clint 638fab75f2
Update CHANGELOG.md 2020-05-19 06:26:45 -05:00
Clint b523d30bd2
Update CHANGELOG
Move note on fixing an OpenLDAP to the `1.4.2` section
2020-05-19 06:25:38 -05:00
Brian Kassouf 89f553f4bf
changelog++ 2020-05-18 18:53:33 -07:00
Brian Kassouf c8dde052f2
storage/raft: Advertise the configured cluster address (#9008)
* storage/raft: Advertise the configured cluster address

* Don't allow raft to start with unspecified IP

* Fix concurrent map write panic

* Add test file

* changelog++

* changelog++

* changelog++

* Update tcp_layer.go

* Update tcp_layer.go

* Only set the adverise addr if set
2020-05-18 18:22:25 -07:00
Brian Kassouf 1bb0bd489d
storage/raft: Add committed and applied indexes to the status output (#9011)
* storage/raft: Add committed and applied indexes to the status output

* Update api vendor

* changelog++

* Update http/sys_leader.go

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-05-18 16:07:27 -07:00
Clint 01b1f0dd42
Update CHANGELOG.md 2020-05-18 16:00:21 -05:00
Clint 86a62130fd
Update to latest version of vault-plugin-secrets-openldap (#9006) 2020-05-18 15:59:11 -05:00
Jason O'Donnell 1845ef6d2e
doc: add environment variable template example (#9019)
* doc: add environment variable template example

* Update website/pages/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-05-18 15:51:17 -04:00
Becca Petrin d7a6011b3e
Fix AWS auth renewals (#8991)
* fix aws auth renewals

* Update builtin/credential/aws/path_login.go

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* debug log missing account_ids

* strip tests and related changes

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-05-18 11:10:36 -07:00
Theron Voran b7a9fb8566
docs: updating helm configuration (#8973)
Added helm configs that were changed/added in vault-helm
0.5.0. Also corrected the data type of a few config parameters.
2020-05-18 11:08:40 -07:00
Jeff Mitchell 6cb26312af
Fix code copied from gogo using a different proto import (#9009) 2020-05-15 13:45:22 -07:00
Calvin Leung Huang d9bb58197e
changelog++ 2020-05-15 11:17:51 -07:00