Commit graph

4377 commits

Author SHA1 Message Date
Vishal Nayak 82531e57f6 Merge pull request #1480 from hashicorp/dev-env-precedence
Prioritize dev flags over its env vars
2016-06-01 13:43:23 -04:00
vishalnayak c197414b3b Prioritize dev flags over its env vars 2016-06-01 12:21:29 -04:00
Jeff Mitchell 86d2c796b0 Change AWS/SSH to reuse backend creation code for test functions 2016-06-01 12:17:47 -04:00
Vishal Nayak 3c5fb471a4 Merge pull request #1445 from hashicorp/consul-fixups
Reading consul access configuration in the consul secret backend.
2016-06-01 12:11:12 -04:00
Vishal Nayak 9dd4e5ec5b Merge pull request #1235 from hashicorp/policies-validation
Strip out other policies if root is present
2016-06-01 12:08:22 -04:00
Vishal Nayak 539ceec87d Merge pull request #1473 from hashicorp/ssh-host-checking
Provide option to disable host key checking
2016-06-01 11:42:53 -04:00
vishalnayak 4c08d43950 Address review feedback 2016-06-01 11:39:48 -04:00
vishalnayak 8d50543a88 Supplying strictHostKeyChecking and userKnownHostsFile from env vars 2016-06-01 11:08:24 -04:00
vishalnayak 315f9c868c Provide option to disable host key checking 2016-06-01 11:08:24 -04:00
Vishal Nayak 3a460b9c4b Merge pull request #1471 from hashicorp/rename-aws-auth
auth backend: rename `aws` as `aws-ec2`
2016-06-01 10:41:13 -04:00
vishalnayak dbee3cd81b Address review feedback 2016-06-01 10:36:58 -04:00
Jeff Mitchell ec109c3b27 Add dep updating script 2016-06-01 10:30:42 -04:00
vishalnayak 4fea41f7e5 Use entry.Type as a criteria for upgrade 2016-06-01 10:30:11 -04:00
Jeff Mitchell 11160ae271 Update vendoring 2016-06-01 10:24:48 -04:00
Jeff Mitchell d2de61c650 Revert "Use mutexes directly, not pointers, in the token store mutex map"
This reverts commit 29f8d2ad75c2767e21b406d32c7a7a9dc6f9c3f2.
2016-06-01 10:05:45 -04:00
Jeff Mitchell 3472b65682 Use mutexes directly, not pointers, in the token store mutex map 2016-06-01 09:38:24 -04:00
vishalnayak 875778a2d9 Modify just the type and not the path 2016-05-31 23:19:13 -04:00
Jeff Mitchell 6487173463 changelog++ 2016-05-31 23:52:56 +00:00
Jeff Mitchell 21f9ca4737 Merge pull request #1478 from hashicorp/remove-root-paths
Remove most Root paths
2016-05-31 19:50:57 -04:00
Jeff Mitchell 99c1e071f3 Remove most Root paths 2016-05-31 23:42:54 +00:00
vishalnayak 1e4834bd20 Remove addDefault param from ParsePolicies 2016-05-31 13:39:58 -04:00
vishalnayak 49b4c83580 Adding default policies while creating tokens 2016-05-31 13:39:58 -04:00
vishalnayak eefd9acbf0 Set config access test case as an acceptance test and make travis happy 2016-05-31 13:27:34 -04:00
vishalnayak f64987a6cf Add tests around writing and reading consul access configuration 2016-05-31 13:27:34 -04:00
Jeff Mitchell 036e7fa63e Add reading to consul config, and some better error handling. 2016-05-31 13:27:34 -04:00
vishalnayak 55fbfab4fe Upgrade 'aws' auth table entry to 'aws-ec2' 2016-05-30 18:58:58 -04:00
vishalnayak 5c25265fce rename aws.html.md as aws-ec2.html.md 2016-05-30 14:11:15 -04:00
vishalnayak a072f2807d Rename aws as aws-ec2 2016-05-30 14:11:15 -04:00
vishalnayak 950c76c020 rename credential/aws as credential/aws-ec2 2016-05-30 14:11:15 -04:00
Vishal Nayak 65298bd9a9 Merge pull request #1474 from hashicorp/ssh-allowed-users
Ssh allowed users
2016-05-30 10:26:04 -04:00
vishalnayak 30fa7f304b Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak 971b2cb7b7 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Jeff Mitchell 672eea7bdd Merge pull request #1469 from hashicorp/issue-1446
Add keyring zeroize function and add some more memzero calls in
2016-05-27 18:07:12 -04:00
Jeff Mitchell 63aba520c6 Make Unwrap a first-party API command and refactor UnwrapCommand to use it 2016-05-27 21:04:30 +00:00
Jeff Mitchell 8d19b4fb53 Add keyring zeroize function and add some more memzero calls in
appropriate places. Known to be best-effort, but may help in some cases.

Fixes #1446
2016-05-27 20:47:40 +00:00
Jeff Mitchell e01bce371d Merge pull request #1462 from hashicorp/enable-auth-rollbacks
Re-enable rollback triggers for auth backends
2016-05-27 15:01:35 -04:00
Jeff Mitchell 9185941f1a changelog++ 2016-05-27 13:55:23 -04:00
Jeff Mitchell 39fe3200e3 Return nil for pre-0.5.3 Consul tokens to avoid pathological behavior 2016-05-27 13:09:52 -04:00
Jeff Mitchell f20421924a Merge pull request #1467 from hashicorp/consul-renew-revoke-test
Add test for renew/revoke to Consul secret backend
2016-05-27 13:08:44 -04:00
Jeff Mitchell f035a320d0 Add test for renew/revoke to Consul secret backend 2016-05-27 11:27:53 -04:00
Jeff Mitchell 900a6cb9be Merge pull request #1464 from samirageb/patch-1
Fixed & clarified grammar around HCL & JSON
2016-05-27 01:42:25 -04:00
Sami Rageb 2dba9b180b Fixed & clarified grammar around HCL & JSON
- Fixed the statement that HCL is JSON compatible, it's vice versa
- Added that HCL is a superset of JSON to eliminate any lingering confusion
2016-05-26 20:14:59 -05:00
Devin Christensen b0f50ecb6c Remove prepared stmnts from pgsql physical backend
Prepared statements prevent the use of connection multiplexing software
such as PGBouncer. Even when PGBouncer is configured for [session mode][1]
there's a possibility that a connection to PostgreSQL can be re-used by
different clients.  This leads to errors when clients use session based
features (like prepared statements).

This change removes prepared statements from the PostgreSQL physical
backend. This will allow vault to successfully work in infrastructures
that employ the use of PGBouncer or other connection multiplexing
software.

[1]: https://pgbouncer.github.io/config.html#poolmode
2016-05-26 17:07:21 -06:00
vishalnayak 1d94828e45 Re-enable rollback triggers for auth backends 2016-05-26 14:29:41 -04:00
Vishal Nayak 644ac5f5e8 Merge pull request #1456 from hashicorp/consul-lease-renewal
Fix the consul secret backends renewal revocation problem
2016-05-26 13:59:45 -04:00
Jeff Mitchell 4152ee31d0 Merge pull request #1461 from hashicorp/check-table-sanity
Add table/type checking to mounts table.
2016-05-26 13:59:00 -04:00
Jeff Mitchell a57996ac08 Add to auth/audit too 2016-05-26 13:38:51 -04:00
Jeff Mitchell 475b0e2d33 Add table/type checking to mounts table. 2016-05-26 12:55:00 -04:00
vishalnayak cfd337d06a Fix broken cert backend test 2016-05-26 11:06:46 -04:00
Jeff Mitchell 05d1da0656 Add comment about the deletions 2016-05-26 10:33:35 -04:00