Commit graph

10468 commits

Author SHA1 Message Date
Jeff Mitchell 3f1c510bc9
Fix a deadlock if a panic happens during request handling (#6920)
* Fix a deadlock if a panic happens during request handling

During request handling, if a panic is created, deferred functions are
run but otherwise execution stops. #5889 changed some locks to
non-defers but had the side effect of causing the read lock to not be
released if the request panicked. This fixes that and addresses a few
other potential places where things could go wrong:

1) In sealInitCommon we always now defer a function that unlocks the
read lock if it hasn't been unlocked already
2) In StepDown we defer the RUnlock but we also had two error cases that
were calling it manually. These are unlikely to be hit but if they were
I believe would cause a panic.

* Add panic recovery test
2019-06-19 09:40:57 -04:00
Jim Kalafut 8217548bc1
changelog++ 2019-06-18 17:14:20 -07:00
Calvin Leung Huang 89cf760e47
changelog++ 2019-06-18 15:57:19 -07:00
Calvin Leung Huang 76cc52f48c
auth/aws: guard against malformed assumed role ARNs (#6917)
* auth/aws: guard against malformed assumed role ARNs

* revert helper func changes
2019-06-18 15:51:40 -07:00
Becca Petrin 3c9c47f97d
Update CHANGELOG.md 2019-06-18 14:34:30 -07:00
Becca Petrin 500df379fd
Merge pull request #6916 from hashicorp/fix-es-db-plugin-compilation
Fix TestPluginCatalog_List
2019-06-18 14:16:41 -07:00
Becca Petrin f6703c3630 fix test 2019-06-18 14:04:08 -07:00
Jeff Mitchell 630380700b changelog++ 2019-06-18 16:44:19 -04:00
Jeff Mitchell 8603573611 Update group alias handling to better protect against namespace differences
Also, allow canonical ID to be switched
2019-06-18 16:43:30 -04:00
Yoko ba82b04b15
Added a note about JWT (#6899) 2019-06-18 12:36:51 -07:00
Jeff Mitchell 659f97a0b7 Update api and sdk to remove direct gogo dep 2019-06-18 14:51:13 -04:00
Jeff Mitchell 1a7fee63e3 Update sdk in api/ 2019-06-18 14:50:21 -04:00
Jeff Mitchell 2ff5380179 Remove gogo proto from where it snuck in 2019-06-18 14:45:42 -04:00
Becca Petrin 2451fa8fd7
Merge pull request #6911 from hashicorp/fix-aws-region-test
Fix failing AWS region test
2019-06-18 10:14:04 -07:00
Becca Petrin 63f38d0fd4 fix failing region test 2019-06-18 09:50:38 -07:00
Becca Petrin 50b2439b2b
Merge pull request #6908 from hashicorp/fix-test-predict-plugins
Fix test predict plugins
2019-06-18 09:39:25 -07:00
Becca Petrin 1034e564f1 fix test 2019-06-18 09:36:25 -07:00
Jeff Mitchell 1e5398efb3 Update api/sdk in main repo 2019-06-18 12:24:15 -04:00
Jeff Mitchell c466791207 Bump API's SDK version 2019-06-18 12:23:16 -04:00
Jeff Mitchell fde6a90edc Return integers, not floats, when reading token params 2019-06-18 12:22:12 -04:00
Jeff Mitchell 8ae4149703 Update description field for some token store role values to be accurate 2019-06-18 11:33:56 -04:00
Jeff Mitchell 6ddac3ad33 Bump api/sdk dep 2019-06-18 11:19:15 -04:00
Jeff Mitchell 49ca5cec91 Bump api against latest sdk 2019-06-18 11:18:22 -04:00
Jeff Mitchell c0db3df73d Update go-plugin dep 2019-06-18 10:53:38 -04:00
Jeff Mitchell 334efe4743 changelog++ 2019-06-18 10:29:51 -04:00
Jeff Mitchell d65a716b63 Add a force capability to delete in the policy store
This allows us to truly delete policies when we've either invalidated it
(which since they're singletons/default should only happen when we're
doing a namespace delete) or are doing a namespace delete on the local
node.
2019-06-18 10:25:57 -04:00
Becca Petrin 2cc7545351
Merge pull request #6897 from hashicorp/add-es-docs-to-list
Add ElasticSearch docs to sidebars
2019-06-17 15:21:46 -07:00
Jeff Mitchell 1e1e7c9321 Fix some tests 2019-06-17 17:02:34 -04:00
Becca Petrin ca165ffdef add es docs to sidebars 2019-06-17 12:05:57 -07:00
Evan Phoenix 29a287648e Upgrade github.com/lib/pq to pickup SCRAM-SHA-* methods (#6895) 2019-06-17 14:45:27 -04:00
Becca Petrin 7927cc3a43
Update elasticdb.html.md 2019-06-17 11:24:42 -07:00
Becca Petrin 117d28d966
Merge pull request #6857 from hashicorp/add-elasticsearch-auth
Add ElasticSearch database secrets engine
2019-06-17 11:19:01 -07:00
Becca Petrin 17a682da40 Merge branch 'opensource-master' into add-elasticsearch-auth 2019-06-17 11:12:51 -07:00
Becca Petrin fd2e859617 update doc to 7.1.1 2019-06-17 11:12:16 -07:00
ncabatoff 006bab1e49
Add new license callback init step for logical backends. (#6887) 2019-06-17 14:11:35 -04:00
Frederic Hemberger 8c5476fb0c Website(api/secret/identity): Fix whitespace in JSON examples (#6889) 2019-06-16 09:26:37 -04:00
Joshua Ogle f58b79db7f
UI: Remove upgrade modal (#6871)
* Remove upgrade-link component
* Hide enterprrise links from OSS
* Don't show sidebar if they can't use the options
2019-06-14 15:46:18 -06:00
Jeff Mitchell 51f3d3137f Update vendoring and api/sdk 2019-06-14 14:29:16 -04:00
ncabatoff 2cf5009ff5
Fix deadlock in TestPostgreSQLBackend (#6884)
Make lock2's retryInterval smaller so it grabs the lock as soon as lock1's renewer fails to renew in time.  Fix the logic to test if lock1's leader channel gets closed: we don't need a goroutine, and
the logic was broken in that if we timed out we'd never write to the blocking channel we then try to read from.  Moreover the timeout was wrong.
2019-06-14 12:59:24 -04:00
Jeff Mitchell ad2baf9768 changelog++ 2019-06-14 12:54:08 -04:00
Jeff Mitchell 1ea0c0314a
Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
Jeff Mitchell 402ba1b0f0
Tokenhelper v2 (#6662)
This provides an sdk util for common token fields and parsing and plumbs it into token store roles.
2019-06-14 10:17:04 -04:00
Jeff Mitchell 4c9125c4e6 Update vendoring 2019-06-13 13:41:18 -04:00
Jason O'Donnell d2e620ae70
Fix multiline jwt config setup example (#6873) 2019-06-12 13:34:26 -04:00
Brian Kassouf 934b497101
Clear the Barrier AEAD cache on keyring reload (#6870)
* Clear the barrier's AEAD cache on keyring reload

* Update barrier_aes_gcm_test.go
2019-06-12 08:56:16 -07:00
Jeff Mitchell 342c1b57e3 Bump Go version in build Dockerfile 2019-06-12 09:38:35 -04:00
Calvin Leung Huang 5259ec8a30
core: add ForwardGenericRequest to StaticSystemView to satisfy ExtendedSystemView (#6867) 2019-06-11 14:07:04 -07:00
Calvin Leung Huang 08e17cc111
core: add generic request forwarding bits to oss (#6866) 2019-06-11 13:13:03 -07:00
Sam Salisbury e2e5e16ff2 ci: break config into separate files (#6849)
* ci: break config into separate files

* Untangle githooks

* githooks: fix whitespace

* .hooks/pre-commit: add ui -> lint-staged check

- We no longer require dependency on husky with this change.

* ui: remove husky dependency and config

- The previous commit obviates the need for it.
- We will now have to manage these hooks by hand, but this removes
  the conflict between husky-installed hooks and those in the .hooks dir.

* ui: update yarn.lock with husky removed

* .hooks/pre-commit: always use subshell + docs

- Always use subshell means we consistently exit from the
  same place which feels less complex.
- Docs are necessary for horrible bash like this I think...

* Makefile: remove old husky githooks

- Husky has installed a handler for every single git hook.
- This causes warnings on every git operation.
- Eventually we can remove this, but better not to confuse
  people with these messages for now.

* ci: fix go build tags

* Makefile: improve compatibility of rm call

- Looks like the xargs in Travis does something different to the one
  on my mac, this more verbose call should be safe everywhere.

* ci: fix make target names

* ci: fix test-ui invocation

* Makefile: simplify husky hook cleanup

* ci: more focussed readme
2019-06-11 09:55:53 -05:00
Michel Vocks fcf1b9c54e
Fixed wrong rekey recovery backup client API URL (#6841)
* Fixed wrong rekey recovery backup client API URL

* Fixed wrong rekey recovery backup client API URL delete

* Changed output for recovery backup key delete
2019-06-11 10:05:44 +02:00