Chris Hoffman
1029ad3b33
Rename "generic" secret backend to "kv" ( #3292 )
2017-09-15 09:02:29 -04:00
Jeff Mitchell
267f871bbb
changelog++
2017-09-15 01:43:11 -04:00
Jeff Mitchell
a3288b279c
changelog++
2017-09-15 01:41:38 -04:00
Chris Hoffman
a2d2f1a543
Adding support for base_url for Okta api ( #3316 )
...
* Adding support for base_url for Okta api
* addressing feedback suggestions, bringing back optional group query
* updating docs
* cleaning up the login method
* clear out production flag if base_url is set
* docs updates
* docs updates
2017-09-15 00:27:45 -04:00
Chris Hoffman
9d73c81f38
Disable the sys/raw
endpoint by default ( #3329 )
...
* disable raw endpoint by default
* adding docs
* config option raw -> raw_storage_endpoint
* docs updates
* adding listing on raw endpoint
* reworking tests for enabled raw endpoints
* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
Jeff Mitchell
1076cea5d1
Tests were not actually forcing the intermediate to have a longer TTL
...
because of mount max TTL constraint. This ups the mount max to force the
test to work as expected.
2017-09-14 22:49:04 -04:00
Jeff Mitchell
7312c80e27
Add PersonaLookahead operation
2017-09-14 20:54:09 -04:00
Chris Hoffman
554a757d02
changelog++
2017-09-14 09:08:56 -04:00
Chris Hoffman
2e60b20eae
update enterprise urls /docs/vault-enterprise -> /docs/enterprise ( #3333 )
2017-09-13 15:37:40 -04:00
Paul Pieralde
2c640950e0
Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing ( #3331 )
...
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
2017-09-13 11:59:27 -07:00
Jeff Mitchell
a41353c69e
changelog++
2017-09-13 11:46:17 -04:00
Jeff Mitchell
cb6ac1e926
Change behavior of TTL in sign-intermediate ( #3325 )
...
* Fix using wrong public key in sign-self-issued
* Change behavior of TTL in sign-intermediate
This allows signing CA certs with an expiration past the signer's
NotAfter.
It also change sign-self-issued to replace the Issuer, since it's
potentially RFC legal but stacks won't validate it.
Ref: https://groups.google.com/d/msg/vault-tool/giP69-n2o20/FfhRpW1vAQAJ
2017-09-13 11:42:45 -04:00
Jeff Mitchell
b243b9b3cb
changelog++
2017-09-13 11:42:02 -04:00
Jeff Mitchell
9077adb377
Sanitize policy behavior across backends ( #3324 )
...
Fixes #3323
Fixes #3318
* Fix tests
* Fix tests
2017-09-13 11:36:52 -04:00
Jeff Mitchell
481b4a8b7f
Fix typo in transit error
2017-09-13 11:05:57 -04:00
Chris Hoffman
cfa74e6a95
remove token header from login samples ( #3320 )
2017-09-11 18:14:05 -04:00
Bruno Miguel Custódio
886a0acee6
Fix navigation and prameters in the 'gcp' auth backend docs. ( #3317 )
2017-09-11 15:26:24 -04:00
Jeff Mitchell
88a955901f
changelog++
2017-09-11 14:56:25 -04:00
Chris Hoffman
91338d7aa2
Adding latency injector option to -dev mode for storage operations ( #3289 )
2017-09-11 14:49:08 -04:00
Jose Diaz-Gonzalez
12cde76112
fix: add missing comma to payload ( #3308 )
2017-09-11 12:03:43 -04:00
Chris Hoffman
2002543245
Switching atomic vars to int32 to address panic on some architectures ( #3314 )
2017-09-11 11:17:22 -04:00
Dan Urson
57a7002210
Update AWS CloudHSM comparison. ( #3311 )
...
* Update AWS CloudHSM comparison.
* Update hsm.html.md
* Update hsm.html.md
2017-09-10 12:54:05 -04:00
Calvin Leung Huang
78b1dfd7bb
Handle errors from getRootConfig on aws logical backend ( #3294 )
2017-09-08 13:00:29 -04:00
Calvin Leung Huang
c747caac2a
Fix cassandra tests, explicitly set cluster port if provided ( #3296 )
...
* Fix cassandra tests, explicitly set cluster port if provided
* Update cassandra.yml test-fixture
* Add port as part of the config option, fix tests
* Remove hostport splitting in cassandraConnectionProducer.createSession
* Include port in API docs
2017-09-07 23:04:40 -04:00
Calvin Leung Huang
3136fbb678
Fix flag parsing on database plugins, exit on parse error ( #3305 )
...
* Change FlagSet error handling to flag.ExitOnError
* Ignore os.Args[0] (the command itself) when parsing flags
* Revert to using flag.ContinueOnError
2017-09-07 16:30:00 -04:00
Adam Duke
a3f97c5e3e
fix typo in policies documentation ( #3302 )
2017-09-07 11:55:24 -04:00
Calvin Leung Huang
d5da85d154
Update vendored docker deps
2017-09-07 11:05:33 -04:00
Paul Pieralde
567f2ce1f1
Fix docs for Certificate authentication ( #3301 )
...
Fix discrepencies in the documentation for TLS Certificate
authentication. The Delete CRL method has a misleading title and
description.
2017-09-07 10:28:14 -04:00
Paul Pieralde
25976b340e
Fixed small typo in RabbitMQ secret backend. ( #3300 )
...
Fixed `name` param for the Delete Role API in the RabbitMQ secret backend.
2017-09-07 10:00:32 -04:00
Chris Hoffman
53164d528c
Fix unauth bind issues due to lib update ( #3293 )
2017-09-07 08:46:43 -04:00
Jeff Mitchell
44bf03e3b6
Fix compile after dep update
2017-09-05 18:18:34 -04:00
Jeff Mitchell
0665badfdd
Bump deps
2017-09-05 18:06:47 -04:00
Jeff Mitchell
675cbe1bcd
Handle expiration manager being nil
2017-09-05 12:01:02 -04:00
Jeff Mitchell
03088a94ee
Cut version 0.8.2
2017-09-05 11:16:44 -04:00
Jeff Mitchell
7f7f2c7cfc
Update version
2017-09-05 11:14:25 -04:00
Chris Hoffman
71952b7738
ExpirationManager restoration to load in the background ( #3260 )
2017-09-05 11:09:00 -04:00
Jeff Mitchell
af9859214a
changelog++
2017-09-05 10:58:32 -04:00
Jeff Mitchell
dae06d9a0e
Simplify a lot of the mount tuning code ( #3285 )
2017-09-05 10:57:25 -04:00
Jeff Mitchell
3576aa73d9
Bump gcp plugin dep
2017-09-05 10:56:32 -04:00
Chris Hoffman
0321510596
changelog++
2017-09-05 10:37:07 -04:00
Vishal Nayak
db0bda4a90
Fix build ( #3288 )
2017-09-05 09:02:17 -04:00
Brian Kassouf
a8d9426d9f
Update locking components from DR replication changes ( #3283 )
...
* Update locking components from DR replication changes
* Fix plugin backend test
* Add a comment about needing the statelock:
2017-09-04 19:38:37 -04:00
Jeff Mitchell
9185fd9e67
Fix hook
2017-09-04 19:20:39 -04:00
Jeff Mitchell
060c69c7b9
Add pre-push hook
2017-09-04 19:16:11 -04:00
Jeff Mitchell
d7e933a072
Fix inverted skipinit logic
2017-09-04 18:39:57 -04:00
Jeff Mitchell
4785e56283
Fix nil pointer on test
2017-09-04 18:08:56 -04:00
Jeff Mitchell
0da8fa412d
DoNotInit -> SkipInit
2017-09-04 16:29:43 -04:00
Jeff Mitchell
cbb0313f78
Add option to NewTestCluster to not init
2017-09-04 16:28:21 -04:00
Jeff Mitchell
7be6905eb0
Add a bit more delay to backend test in case Travis is loaded
2017-09-04 14:45:12 -04:00
Joel Thompson
2a53d852f3
auth/aws: Properly handle malformed ARNs ( #3280 )
...
The parseIamArn method was making assumptions about the input arn being
properly formatted and of a certain type. If users tried to pass a
bound_iam_principal_arn that was malformed (or was the ARN of the root
user), it would cause a panic. parseIamArn now explicitly checks the
assumptions it's making and tests are added to ensure it properly errors
out (rather than panic'ing) on malformed input.
2017-09-03 20:37:06 -04:00