Jeff Mitchell
36c84df326
Large update to request forwarding handling. ( #2426 )
2017-03-02 10:03:49 -05:00
Jeff Mitchell
90389323a2
Some more forwarding client cleanup
2017-03-01 20:59:20 -05:00
Jeff Mitchell
b1c2a930fe
Clean up request forwarding logic
2017-03-01 18:17:06 -05:00
Jeff Mitchell
00cfaf7f64
Rejig signature of last remote wal
2017-03-01 12:42:10 -05:00
Jeff Mitchell
6ebb2cc958
Add last remote WAL bits
2017-03-01 12:40:36 -05:00
Jeff Mitchell
f2282247ef
Add seal cache purging back into postUnseal
2017-02-28 18:36:28 -05:00
Jeff Mitchell
09543dceeb
Rejig core standby logic to check validity of barrier during active transition
2017-02-28 18:17:30 -05:00
Jeff Mitchell
b29861f7bb
Do some porting to make diffing easier
2017-02-24 10:45:29 -05:00
Brian Kassouf
f992103615
Merge branch 'master' into acl-parameters-permission
2017-02-21 14:46:06 -08:00
Jeff Mitchell
494b4c844b
More porting from rep ( #2389 )
...
* More porting from rep
* Address feedback
2017-02-16 20:13:19 -05:00
Jeff Mitchell
0c39b613c8
Port some replication bits to OSS ( #2386 )
2017-02-16 15:15:02 -05:00
Jeff Mitchell
0a9a6d3343
Move ReplicationState to consts
2017-02-16 13:37:21 -05:00
Jeff Mitchell
2fd59ad308
Merge branch 'master-oss' into acl-parameters-permission
2017-02-08 01:59:52 -05:00
Jeff Mitchell
67f96bc64e
Rejig check for HA/Sealed in Leader to check for sealed first. ( #2342 )
...
Fixes #2334
2017-02-06 18:29:56 -05:00
Brian Kassouf
6701ba8a10
Configure the request headers that are output to the audit log ( #2321 )
...
* Add /sys/config/audited-headers endpoint for configuring the headers that will be audited
* Remove some debug lines
* Add a persistant layer and refactor a bit
* update the api endpoints to be more restful
* Add comments and clean up a few functions
* Remove unneeded hash structure functionaility
* Fix existing tests
* Add tests
* Add test for Applying the header config
* Add Benchmark for the ApplyConfig method
* ResetTimer on the benchmark:
* Update the headers comment
* Add test for audit broker
* Use hyphens instead of camel case
* Add size paramater to the allocation of the result map
* Fix the tests for the audit broker
* PR feedback
* update the path and permissions on config/* paths
* Add docs file
* Fix TestSystemBackend_RootPaths test
2017-02-02 11:49:20 -08:00
Jeff Mitchell
69eb5066dd
Multi value test seal ( #2281 )
2017-01-17 15:43:10 -05:00
Jeff Mitchell
dd0e44ca10
Add nonce to unseal to allow seeing if the operation has reset ( #2276 )
2017-01-17 11:47:06 -05:00
Brian Kassouf
ae116ada25
Merge branch 'master' into acl-parameters-permission
2017-01-13 16:44:10 -08:00
Jeff Mitchell
252e1f1e84
Port over some work to make the system views a bit nicer
2017-01-13 14:51:27 -05:00
Jeff Mitchell
9923c753d0
Set c.standby true in non-HA context. ( #2259 )
...
This value is the key for some checks in core logic. In a non-HA
environment, if the core was sealed it would never be set back to true.
2017-01-11 11:13:09 -05:00
Jeff Mitchell
681e36c4af
Split Unseal into Unseal and unsealInternal
2017-01-06 16:30:43 -05:00
Jeff Mitchell
9e5d1eaac9
Port some updates
2017-01-06 15:42:18 -05:00
Jeff Mitchell
0391475c70
Add read locks to LookupToken/ValidateWrappingToken ( #2232 )
2017-01-04 16:52:03 -05:00
Jeff Mitchell
3129187dc2
JWT wrapping tokens ( #2172 )
2017-01-04 16:44:03 -05:00
mwoolsey
3e72e50fa5
Merge remote-tracking branch 'upstream/master'
2016-11-20 18:31:55 -08:00
Jeff Mitchell
e84a015487
Add extra logic around listener handling. ( #2089 )
2016-11-11 16:43:33 -05:00
Vishal Nayak
b3c805e662
Audit the client token accessors ( #2037 )
2016-10-29 17:01:49 -04:00
ChaseLEngel
c2b512cf46
Changed AllowOperation to take logical.Request
2016-10-16 16:29:52 -07:00
Jeff Mitchell
85315ff188
Rejig where the reload functions live
2016-09-30 00:07:22 -04:00
Jeff Mitchell
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
Jeff Mitchell
2ce4397deb
Plumb through the ability to set the storage read cache size. ( #1784 )
...
Plumb through the ability to set the storage read cache size.
Fixes #1772
2016-08-26 10:27:06 -04:00
Jeff Mitchell
b89073f7e6
Error when an invalid (as opposed to incorrect) unseal key is given. ( #1782 )
...
Fixes #1777
2016-08-24 14:15:25 -04:00
Jeff Mitchell
58b32e5432
Convert to logxi
2016-08-21 18:13:37 -04:00
Jeff Mitchell
2bb8adcbde
Cleanup and avoid unnecessary advertisement parsing in leader check
2016-08-19 14:49:11 -04:00
Jeff Mitchell
b7acf5b5ab
Rename proto service stuff and change log levels for some messages
2016-08-19 11:49:25 -04:00
Jeff Mitchell
bdcfe05517
Clustering enhancements ( #1747 )
2016-08-19 11:03:53 -04:00
vishalnayak
87c42a796b
s/advertisement/redirect
2016-08-19 10:52:14 -04:00
Jeff Mitchell
62c69f8e19
Provide base64 keys in addition to hex encoded. ( #1734 )
...
* Provide base64 keys in addition to hex encoded.
Accept these at unseal/rekey time.
Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
Jeff Mitchell
37320f8798
Request forwarding ( #1721 )
...
Add request forwarding.
2016-08-15 09:42:42 -04:00
vishalnayak
cff7aada7a
Fix invalid input getting marked as internal error
2016-07-28 16:23:11 -04:00
vishalnayak
a3e6400697
Remove global name/id. Make only cluster name configurable.
2016-07-26 10:01:35 -04:00
vishalnayak
c7dabe4def
Storing local and global cluster name/id to storage and returning them in health status
2016-07-26 02:32:42 -04:00
Jeff Mitchell
df621911d7
Merge pull request #1624 from hashicorp/dynamodb-ha-off-default
...
Turn off DynamoDB HA by default.
2016-07-18 13:54:26 -04:00
Jeff Mitchell
028d024345
Add metrics around leadership
...
This can be helpful for detecting flapping.
Fixes #1544
2016-07-18 13:38:44 -04:00
Jeff Mitchell
a3ce0dcb0c
Turn off DynamoDB HA by default.
...
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
2016-07-18 13:19:58 -04:00
Jeff Mitchell
05b0e0a866
Enable audit-logging of seal and step-down commands.
...
This pulls the logical request building code into its own function so
that it's accessible from other HTTP handlers, then uses that with some
added logic to the Seal() and StepDown() commands to have meaningful
audit log entries.
2016-05-20 17:03:54 +00:00
Jeff Mitchell
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
Jeff Mitchell
560e9c30a3
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-12 14:59:12 -04:00
Sean Chittenden
99a5213f0b
Merge pull request #1355 from hashicorp/f-vault-service
...
Vault/Consul Service refinement
2016-05-12 11:48:29 -07:00
Jeff Mitchell
c52d352332
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-07 16:40:04 -04:00