Commit graph

3819 commits

Author SHA1 Message Date
Jeff Mitchell ed574d63fe Merge pull request #1416 from shomron/list_ldap_group_mappings
Support listing ldap group to policy mappings
2016-05-16 16:22:13 -04:00
Jeff Mitchell 72cfd19078 Add some comments to sanitize 2016-05-16 16:12:45 -04:00
Jeff Mitchell c4431a7e30 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell 4c67a739b9 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-16 12:14:40 -04:00
Jeff Mitchell 35ff423e09 Merge pull request #1420 from hashicorp/revert-1419-f-path-cleanup
Revert "Remove a few assumptions regarding bash(1) being located in /bin."
2016-05-15 15:22:28 -04:00
Jeff Mitchell 60975bf76e Revert "Remove a few assumptions regarding bash(1) being located in /bin." 2016-05-15 15:22:21 -04:00
Sean Chittenden f535e749f1 Merge pull request #1419 from hashicorp/f-path-cleanup
Remove a few assumptions regarding bash(1) being located in /bin.  Rename `Makefile` to `GNUmakefile` inline with the same change made in Consul and Nomad.
2016-05-15 11:52:59 -07:00
Sean Chittenden f91114fef5
Remove a few assumptions regarding bash(1) being located in /bin.
Use sh(1) where appropriate.
2016-05-15 11:41:14 -07:00
Sean Chittenden 792950e16c Merge pull request #1417 from hashicorp/b-pki-expire-ttl-unset
Set entry's TTL before writing out the storage entry's config
2016-05-15 10:02:03 -07:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Sean Chittenden b0bba6d271
Store clamped TTLs back in the role's config 2016-05-15 08:13:56 -07:00
vishalnayak ab86b60b19 changelog++ 2016-05-15 10:41:13 -04:00
Sean Chittenden af4e2feda7
When testing, increase the time we wait for the stepdown to occur.
2s -> 5s, no functional change.
2016-05-15 07:30:40 -07:00
Sean Chittenden 539475714d
Set entry's TTL before writing out the storage entry's config 2016-05-15 07:06:33 -07:00
Oren Shomron b8840ab9eb Support listing ldap group to policy mappings (Fixes #1270) 2016-05-14 20:00:40 -04:00
Vishal Nayak 53fc941761 Merge pull request #1300 from hashicorp/aws-auth-backend
AWS EC2 instances authentication backend
2016-05-14 19:42:03 -04:00
vishalnayak 6f65d9293a Fix framework rollback manager tests 2016-05-14 19:35:36 -04:00
vishalnayak 4122ed860b Rename 'role_name' to 'role' 2016-05-13 14:31:13 -04:00
Jeff Mitchell b850f876a7 Merge pull request #1407 from z00m1n/patch-1
fix PostgreSQL sample code
2016-05-12 17:07:48 -07:00
Jeff Mitchell 73fc616590 Merge pull request #1408 from cmclaughlin/patch-1
Document configuring listener to use a CA cert
2016-05-12 16:08:43 -07:00
cmclaughlin cdf715b94a Document configuring listener to use a CA cert 2016-05-12 15:34:47 -07:00
Steven Samuel Cole e3bb3a4efb fix PostgreSQL sample code
The current sample configuration line fails with `Error initializing backend of type postgresql: failed to check for native upsert: pq: unsupported sslmode "disabled"; only "require" (default), "verify-full", "verify-ca", and "disable" supported`.
2016-05-12 23:22:41 +02:00
vishalnayak 9147f99c43 Remove unused param from checkForValidChain 2016-05-12 15:07:10 -04:00
Jeff Mitchell 560e9c30a3 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-12 14:59:12 -04:00
Jeff Mitchell 9cf43d9c50 changelog++ 2016-05-12 14:58:59 -04:00
Vishal Nayak 215118dbf6 Merge pull request #1404 from hashicorp/non-ca-crl-check
Perform CRL checking for non-CA registered certs
2016-05-12 14:50:59 -04:00
Sean Chittenden 99a5213f0b Merge pull request #1355 from hashicorp/f-vault-service
Vault/Consul Service refinement
2016-05-12 11:48:29 -07:00
vishalnayak 85d9523f98 Perform CRL checking for non-CA registered certs 2016-05-12 14:37:07 -04:00
Vishal Nayak f444faf4a8 Merge pull request #1403 from hashicorp/fix-mount-tune
Fix mount tune bounds checking
2016-05-12 12:26:49 -04:00
vishalnayak be88306f92 Name the files based on changed path patterns 2016-05-12 11:52:07 -04:00
vishalnayak 7e8a2d55d0 Update docs and path names to the new patterns 2016-05-12 11:45:10 -04:00
vishalnayak af222a945a Fix mount tune bounds checking 2016-05-12 07:22:00 -04:00
Jeff Mitchell ce5614bf9b Merge branch 'master-oss' into cubbyhole-the-world 2016-05-11 19:29:52 -04:00
Jeff Mitchell e3f2020437 changelog++ 2016-05-11 19:28:01 -04:00
Jeff Mitchell 8a83c19304 Merge pull request #1399 from hashicorp/explicit-max-ttl
Add explicit maximum TTLs to token store roles.
2016-05-11 16:25:02 -07:00
Jeff Mitchell 35d285219d Merge branch 'master-oss' into cubbyhole-the-world 2016-05-11 19:09:51 -04:00
Jeff Mitchell 6ec1ca05c8 Fix bug around disallowing explicit max greater than sysview max 2016-05-11 18:46:55 -04:00
Jeff Mitchell aecc3ad824 Add explicit maximum TTLs to token store roles. 2016-05-11 16:51:18 -04:00
Sean Chittenden ae702f17da Merge pull request #1395 from hashicorp/b-remove-mlock-netbsd
Don't build mlock for NetBSD
2016-05-10 23:33:08 -07:00
vishalnayak 269432ffb2 Merge branch 'master-oss' into pr-1300 2016-05-10 20:47:07 -04:00
Sean Chittenden 8c9dadf82b
Don't build mlock for NetBSD
NetBSD doesn't have the right symbols defined in Go for mlockall support.  The OS supports it just fine, but the definitions aren't present in Go.  If someone wanted to they could add support XOR the values from `sys/mman.h` for `MCL_CURRENT | MCL_FUTURE` which is almost certainly `0x01 | 0x02` but we're not going to do that in code due to the maintenance of a one-off just for NetBSD.  PR's welcome.
2016-05-10 16:39:54 -07:00
Vishal Nayak 95421182ba Merge pull request #1394 from joehillen/patch-1
Fix default etcd address
2016-05-10 15:52:37 -04:00
Joe Hillenbrand 3b14f5043f Fix default etcd address
Should be `127.0.0.1`, not `128.0.0.1`
2016-05-10 12:50:11 -07:00
vishalnayak ddcaf26396 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
Jeff Mitchell 965efae798 Add dev-dynamic makefile target 2016-05-09 23:17:38 -04:00
vishalnayak d09748a135 Fix the acceptance tests 2016-05-09 22:07:51 -04:00
vishalnayak 95f3f08d29 Call client config internal from the locking method 2016-05-09 21:01:57 -04:00
Jeff Mitchell c3a3802b6c changelog++ 2016-05-09 20:01:12 -04:00
Jeff Mitchell 7afc80ae71 Merge pull request #1390 from hashicorp/dont-revoke-ca-certs
Don't revoke CA certificates with leases.
2016-05-09 16:54:40 -07:00
Jeff Mitchell d899f9d411 Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00