Commit graph

2806 commits

Author SHA1 Message Date
Jeff Mitchell 02cd4d7bf6 Merge pull request #979 from hashicorp/transit-locking
Implement locking in the transit backend.
2016-01-29 14:40:32 -05:00
Jeff Mitchell 073e755aa6 Update error return strings 2016-01-29 14:40:13 -05:00
Jeff Mitchell 3396b42c6c Address final review feedback 2016-01-29 14:33:51 -05:00
Jeff Mitchell 2712a10750 Return 2 for sealed instead of 1 to match the new init -check behavior 2016-01-29 10:55:31 -05:00
Jeff Mitchell 7cf93c0e37 Don't return 1 when flags don't parse for status command, as all other errors return 2; 1 is for when the vault is sealed 2016-01-29 10:53:56 -05:00
Jeff Mitchell b8ca0cccb8 changelog++ 2016-01-29 10:36:37 -05:00
Jeff Mitchell 68dc0e2dd3 Merge pull request #945 from quixoten/postgres_physical
Add support for PostgreSQL as a physical backend
2016-01-29 10:35:38 -05:00
Jeff Mitchell 4ac568bdfa changelog++ 2016-01-29 10:32:12 -05:00
Jeff Mitchell 401ef10211 Merge pull request #989 from hashicorp/pki-key-usages
Only specify cert sign / CRL sign for CAs and only specify extended key
2016-01-29 10:28:06 -05:00
Jeff Mitchell cb1928451b Only specify cert sign / CRL sign for CAs and only specify extended key
usages for clients.

This will hopefully fully get rid of the various incompatible ways that
various browsers/libraries deal with key usages.

Fixes #987
2016-01-29 10:26:35 -05:00
Jeff Mitchell ad00131735 changelog++ 2016-01-28 15:18:54 -05:00
Jeff Mitchell 91b2ab3725 Merge pull request #985 from hashicorp/pki-role-listing
Add listing of roles to PKI
2016-01-28 15:18:30 -05:00
Jeff Mitchell 2015118958 Add listing of roles to PKI 2016-01-28 15:18:07 -05:00
Jeff Mitchell 63c6172c17 Add list documentationf for mysql 2016-01-28 15:06:52 -05:00
Jeff Mitchell 5d36d27d0c changelog++ 2016-01-28 15:05:59 -05:00
Jeff Mitchell 1c84497981 Merge pull request #984 from hashicorp/mysql-role-list
Add list support for mysql roles
2016-01-28 15:04:59 -05:00
Jeff Mitchell f8a375777b Add list support for mysql roles 2016-01-28 15:04:25 -05:00
Jeff Mitchell 62e3ac83f8 Add list support for postgres roles 2016-01-28 14:41:50 -05:00
Jeff Mitchell 904e2b36b6 Update SSH documentation with list 2016-01-28 14:41:43 -05:00
Jeff Mitchell 7be090b185 Fix postgres backend test SQL for user priv checking 2016-01-28 14:41:13 -05:00
Jeff Mitchell 12bd2f430b Ensure generatePolicy checks disk, not just the cache, now that we aren't eager loading 2016-01-28 13:10:59 -05:00
Jeff Mitchell 059640c33a changelog++ 2016-01-28 12:49:25 -05:00
Jeff Mitchell 28c2db5ca2 Merge pull request #983 from hashicorp/list-ssh-roles
Add listing of roles to ssh backend
2016-01-28 12:48:33 -05:00
Jeff Mitchell dd57a3f55d Add listing of roles to ssh backend 2016-01-28 12:48:00 -05:00
Jeff Mitchell dcf844027b Show entry path in log, not internal view path 2016-01-28 12:34:49 -05:00
Jeff Mitchell 63d891f36f changelog++ 2016-01-28 08:59:57 -05:00
Jeff Mitchell 0c1caad503 Merge pull request #981 from tanuck/master
Docs typo in server command
2016-01-28 08:59:38 -05:00
Jeff Mitchell dd1b94fbd6 Remove eager loading 2016-01-28 08:59:05 -05:00
Raja Nadar e4438d9705 fixed the return type of /ssh/lookup api 2016-01-28 01:04:35 -08:00
Raja Nadar b8fa5c6fd4 fix return type of post /ssh/creds
added sample json for both otp and dynamic credentials
2016-01-28 00:56:59 -08:00
James Tancock 5d7537ff85 Docs typo in server command 2016-01-28 08:26:49 +00:00
Raja Nadar 7aabad7808 better description 2016-01-27 21:58:54 -08:00
Raja Nadar 67da86eeab fixing the return type of verify otp
it seems to be 200 on valid OTP and 204 on invalid OTP. (i think it should be an error.. 400 or 404)
but for the moment, fixing the docs to match the existing behavior.
2016-01-27 20:04:11 -08:00
Jeff Mitchell be83340b14 Embed the cache directly 2016-01-27 21:59:20 -05:00
Devin Christensen 737df30939 Improve naming
Hopefully this naming scheme will be more straightforward.
2016-01-27 17:15:48 -07:00
Jeff Mitchell ccd10668f0 changelog++ 2016-01-27 17:27:53 -05:00
Jeff Mitchell 1ebae324ce Merge pull request #942 from wikiwi/fix-ssh-open-con
Cleanly close SSH connections
2016-01-27 17:18:54 -05:00
Jeff Mitchell 7776aebdfc changelog++ 2016-01-27 17:18:17 -05:00
Jeff Mitchell b7a49922a9 Update etcd sync option to be a string.
Ping #921
2016-01-27 17:15:52 -05:00
Jeff Mitchell b0bd06f5a4 Merge pull request #921 from faradayio/hosted-etcd-support
Load-balanced etcd support
2016-01-27 17:09:43 -05:00
Jeff Mitchell 0279c60d9e changelog++ 2016-01-27 17:07:54 -05:00
Jeff Mitchell 01102f0d06 Merge pull request #975 from vetinari/ldapbind
Implement LDAP username/password binding support, as well as anonymous search.
2016-01-27 17:06:45 -05:00
Jeff Mitchell 48c9f79896 Implement locking in the transit backend.
This ensures that we can safely rotate and modify configuration
parameters with multiple requests in flight.

As a side effect we also get a cache, which should provide a nice
speedup since we don't need to decrypt/deserialize constantly, which
would happen even with the physical LRU.
2016-01-27 17:03:21 -05:00
Jeff Mitchell df4469cc4e Update contribution guide 2016-01-27 15:17:11 -05:00
Armon Dadgar 9dc9264629 Merge pull request #791 from hashicorp/contributing-guide
Adds a CONTRIBUTING guide
2016-01-27 11:52:16 -08:00
Jeff Mitchell 92a0fae392 Changelog formatting 2016-01-27 14:33:41 -05:00
Jeff Mitchell 6d21bb7b98 Changelog formatting 2016-01-27 14:05:20 -05:00
Jeff Mitchell dd89018511 changelog++ 2016-01-27 13:43:53 -05:00
Jeff Mitchell b7a8d529fe Merge pull request #977 from hashicorp/transit-key-archiving
Transit key archiving
2016-01-27 13:42:30 -05:00
Jeff Mitchell d1b2bf3183 Move archive location; also detect first load of a policy after archive
is added and cause the keys to be copied to the archive.
2016-01-27 13:41:37 -05:00