Commit graph

4525 commits

Author SHA1 Message Date
Jeff Mitchell 5a48611a62 Add test for both paths in backend 2016-08-08 18:32:18 -04:00
Jeff Mitchell 56b7f595aa Fix parsing optional URL param 2016-08-08 18:08:25 -04:00
Jeff Mitchell c33ad71d7e changelog++ 2016-08-08 18:04:07 -04:00
Jeff Mitchell 8cbee06dff Merge pull request #1701 from hashicorp/auth-backends-noroot
Don't allow root from authentication backends either.
2016-08-08 18:01:50 -04:00
Jeff Mitchell ab71b981ad Add ability to specify renew lease ID in POST body. 2016-08-08 18:00:44 -04:00
Jeff Mitchell 13b7d37a0b Remove change to naming return values 2016-08-08 17:56:14 -04:00
Jeff Mitchell a583f8a3f8 Use policyutil sanitizing 2016-08-08 17:42:25 -04:00
Jeff Mitchell 4f0310ed96 Don't allow root from authentication backends either.
We've disabled this in the token store, but it makes no sense to have
that disabled but have it enabled elsewhere. It's the same issue across
all, so simply remove the ability altogether.
2016-08-08 17:32:37 -04:00
Jeff Mitchell 796c93a8b0 Add sys/renew to default policy 2016-08-08 17:32:30 -04:00
Jeff Mitchell b69ed7ea93 Fix build 2016-08-08 17:00:59 -04:00
Jeff Mitchell d7f6218869 Move checking non-assignable policies above the actual token creation 2016-08-08 16:44:29 -04:00
Jeff Mitchell be39df9887 Update upgrade docs 2016-08-08 16:44:13 -04:00
Jeff Mitchell 96fb06cd27 changelog++ 2016-08-08 16:42:20 -04:00
Jeff Mitchell 616d0e8ed0 changelog++ 2016-08-08 16:40:34 -04:00
Jeff Mitchell 7f6c58b807 Address review feedback 2016-08-08 16:30:48 -04:00
Jeff Mitchell 529e36636c Rename mounttune.go 2016-08-08 16:22:28 -04:00
Jeff Mitchell 3c2aae215c Fix tests and update mapstructure 2016-08-08 16:00:31 -04:00
Vishal Nayak 77cac79725 Merge pull request #1700 from hashicorp/sethvargo/link
Update links to serf
2016-08-08 13:16:05 -04:00
Seth Vargo 80f5b8281a
Update links to serf 2016-08-08 12:47:14 -04:00
Jeff Mitchell 3e6b48cca3 Initial dataonly work. 2016-08-08 11:55:24 -04:00
Jeff Mitchell 0a67bcb5bd Merge pull request #1696 from hashicorp/transit-convergent-specify-nonce
Require nonce specification for more flexibility
2016-08-08 11:41:10 -04:00
Jeff Mitchell 015b6d2890 Bump Go version for building 2016-08-08 11:01:05 -04:00
Laura Bennett da615642f5 Merge pull request #1687 from hashicorp/token-store-update
Minor update to token-store
2016-08-08 10:25:05 -04:00
Jeff Mitchell 2c02f78144 Merge pull request #1698 from hashicorp/issue-1263
Return warning about ACLing the LDAP configuration endpoint.
2016-08-08 10:19:30 -04:00
Jeff Mitchell 1f198e9256 Return warning about ACLing the LDAP configuration endpoint.
Fixes #1263
2016-08-08 10:18:36 -04:00
Jeff Mitchell b5eb8061a3 changelog++ 2016-08-08 10:03:10 -04:00
Jeff Mitchell 72bfce0ec3 Merge pull request #1697 from hashicorp/issue-1695
Make `capabilities-self` part of the default policy.
2016-08-08 10:00:45 -04:00
Jeff Mitchell ac62b18d56 Make capabilities-self part of the default policy.
Fixes #1695
2016-08-08 10:00:01 -04:00
Jeff Mitchell d60caa2a79 Remove old terraform page 2016-08-08 08:26:05 -04:00
Jeff Mitchell 606ba64e23 Remove context-as-nonce, add docs, and properly support datakey 2016-08-07 15:53:40 -04:00
Jeff Mitchell 1976bc0534 Add unit tests for convergence in non-context mode 2016-08-07 15:16:36 -04:00
vishalnayak e783bfe7e1 Minor changes to test cases 2016-08-05 20:22:07 -04:00
vishalnayak 5ddd1c7223 Fix broken test case 2016-08-05 20:07:18 -04:00
Laura Bennett 02911c0e01 full updates based on feedback 2016-08-05 18:57:35 -04:00
Laura Bennett 52623a2395 test updates based on feedback 2016-08-05 18:56:22 -04:00
Laura Bennett 405eb0075a fix an error, tests still broken 2016-08-05 17:58:48 -04:00
Jeff Mitchell 8b1d47037e Refactor convergent encryption to make specifying a nonce in addition to context possible 2016-08-05 17:52:44 -04:00
Jeff Mitchell 69c1121d29 Fix generate-root synopsis 2016-08-05 16:35:03 -04:00
Jeff Mitchell 8c209dd0d6 changelog++ 2016-08-05 11:17:01 -04:00
Jeff Mitchell 687993bbb4 Merge pull request #1692 from hashicorp/ttl0-not-renewable
Don't mark never-expiring root tokens as renewable
2016-08-05 11:16:00 -04:00
Jeff Mitchell 82b3d136e6 Don't mark never-expiring root tokens as renewable 2016-08-05 11:15:25 -04:00
Laura Bennett 68d351c70c addresses feedback, but tests broken 2016-08-05 10:04:02 -04:00
Jeff Mitchell 21e39bfea6 Remove erroneous information about some endpoints being root-protected 2016-08-04 16:08:54 -04:00
Jeff Mitchell 00c76ff5b3 Merge pull request #1691 from hashicorp/docs-secret-aws-iam-role
~secret/aws: env variable and IAM role usage
2016-08-04 16:05:06 -04:00
Cameron Stokes 0b60375952 ~secret/aws: env variable and IAM role usage 2016-08-04 13:02:07 -07:00
Jeff Mitchell 4b2b5363d4 Switch some errors that ought to be 500 to 500 2016-08-04 09:11:24 -04:00
Jeff Mitchell 1e85d24889 changelog++ 2016-08-04 09:01:29 -04:00
Jeff Mitchell 2012b95911 Merge pull request #1688 from vbatoufflet/pki-email-fix
Fix PKI logical backend email alt_names
2016-08-04 06:59:54 -04:00
Vincent Batoufflet 0b73c2ff9a Fix PKI logical backend email alt_names 2016-08-04 12:10:34 +02:00
Jeff Mitchell 1b0c9afc43 Update DB docs with new SQL specification options 2016-08-03 15:45:56 -04:00