Jeff Mitchell
|
ec57e983f7
|
Don't allow duplicate x parts in Shamir. Add unit test for verification.
|
2015-08-26 10:03:44 -07:00 |
|
Jeff Mitchell
|
9db8a5c744
|
Merge pull request #567 from hobbeswalsh/master
Spaces in displayName break AWS IAM
|
2015-08-26 12:37:52 -04:00 |
|
Robin Walsh
|
34b84367b5
|
Adding one more test (for no-op case)
|
2015-08-26 09:26:20 -07:00 |
|
Robin Walsh
|
4b7c2cc114
|
Adding unit test for normalizeDisplayName()
|
2015-08-26 09:23:33 -07:00 |
|
Jeff Mitchell
|
2098446d47
|
Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550.
|
2015-08-26 09:13:10 -07:00 |
|
Jeff Mitchell
|
2d8bfff02b
|
Explicitly check for blank leases in AWS, and give a better error message if lease_max cannot be parsed. Fixes #569.
|
2015-08-26 09:04:47 -07:00 |
|
Jeff Mitchell
|
8669a87fdd
|
When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes.
|
2015-08-26 07:59:50 -07:00 |
|
Jeff Mitchell
|
17cbd9e1ca
|
If JSON decoding fails, make it clear that the problem is failing to
parse the JSON, rather than returning the possibly confusing error from
the JSON decoder.
Fixes #553.
|
2015-08-26 07:03:33 -07:00 |
|
Jeff Mitchell
|
b940d214bd
|
Merge pull request #568 from ctennis/add_some_s3_info
Make it clear for physical S3 backend we support instance profiles as well.
|
2015-08-26 09:03:38 -04:00 |
|
Jeff Mitchell
|
003029938d
|
Merge pull request #570 from hashicorp/pgp-init-keys
PGP keys at init/rekey time
|
2015-08-25 19:41:21 -04:00 |
|
Jeff Mitchell
|
ea08678189
|
Update godeps
|
2015-08-25 16:24:25 -07:00 |
|
Jeff Mitchell
|
cc232e6f79
|
Address comments from review.
|
2015-08-25 15:33:58 -07:00 |
|
Jeff Mitchell
|
0b580d0521
|
Update website documentation for init and rekey with secret_pgp_keys API option
|
2015-08-25 14:52:13 -07:00 |
|
Jeff Mitchell
|
c887df93cc
|
Add support for pgp-keys argument to rekey, as well as tests, plus
refactor common bits out of init.
|
2015-08-25 14:52:13 -07:00 |
|
Jeff Mitchell
|
f57e7892e7
|
Don't store the given public keys in the seal config
|
2015-08-25 14:52:13 -07:00 |
|
Jeff Mitchell
|
a7316f2e24
|
Handle people specifying PGP key files with @ in front
|
2015-08-25 14:52:13 -07:00 |
|
Jeff Mitchell
|
2f3e245b0b
|
Add support for "pgp-tokens" parameters to init.
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
|
2015-08-25 14:52:13 -07:00 |
|
Caleb Tennis
|
6c30f9a0f9
|
Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required
|
2015-08-25 06:47:07 -07:00 |
|
Robin Walsh
|
8530f14fee
|
s/string replacement/regexp replacement
|
2015-08-24 17:00:54 -07:00 |
|
Robin Walsh
|
69f5abdc91
|
spaces in displayName break AWS IAM
|
2015-08-24 16:12:45 -07:00 |
|
Vishal Nayak
|
07b4091cae
|
Merge pull request #566 from hashicorp/fix-install-script
Cleanup of public key install script
|
2015-08-24 15:06:28 -04:00 |
|
vishalnayak
|
c35d78b3cb
|
Vault SSH: Documentation update
|
2015-08-24 14:18:37 -04:00 |
|
vishalnayak
|
e6987beb61
|
Vault SSH: Replace args with named vars
|
2015-08-24 14:07:07 -04:00 |
|
vishalnayak
|
eb91a3451b
|
Merging with master
|
2015-08-24 13:55:20 -04:00 |
|
vishalnayak
|
44c07cff5b
|
Vault SSH: Cleanup of aux files in install script
|
2015-08-24 13:50:46 -04:00 |
|
Jeff Mitchell
|
025ec5057e
|
Merge pull request #564 from hashicorp/remove-cookie-auth
Remove cookie authentication
|
2015-08-21 19:55:00 -07:00 |
|
Jeff Mitchell
|
a8ef0e8a80
|
Remove cookie authentication.
|
2015-08-21 19:46:23 -07:00 |
|
Jeff Mitchell
|
f7845234b4
|
Merge pull request #555 from hashicorp/toggleable-hostname-enforcement
Allow enforcement of hostnames to be toggleable for certificates.
|
2015-08-21 19:23:09 -07:00 |
|
Jeff Mitchell
|
5695d57ba0
|
Merge pull request #561 from hashicorp/fix-wild-cards
Allow hyphens in endpoint patterns of most backends
|
2015-08-21 11:40:42 -07:00 |
|
Armon Dadgar
|
88a7b57491
|
Merge pull request #558 from captainill/master
make sure header is below clickable area that hides sidebar
|
2015-08-21 10:21:40 -07:00 |
|
vishalnayak
|
6822af68e1
|
Vault SSH: Undo changes which does not belong to wild card changes
|
2015-08-21 09:58:15 -07:00 |
|
vishalnayak
|
6c2927ede0
|
Vault: Fix wild card paths for all backends
|
2015-08-21 00:56:13 -07:00 |
|
Jeff Mitchell
|
065e4e3fdb
|
Merge pull request #560 from hashicorp/refactor-lease-ttl
Refactor Lease names internally for logical consistency
|
2015-08-20 23:30:31 -07:00 |
|
Jeff Mitchell
|
ea9fbb90bc
|
Rejig Lease terminology internally; also, put a few JSON names back to their original values
|
2015-08-20 22:27:01 -07:00 |
|
Jeff Mitchell
|
93ef9a54bd
|
Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod
|
2015-08-20 18:00:51 -07:00 |
|
Jeff Mitchell
|
04a6a814cc
|
Merge pull request #557 from hashicorp/generic-lease-to-ttl
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion.
|
2015-08-20 18:00:11 -07:00 |
|
Jeff Mitchell
|
0fa783f850
|
Update help text for TTL values in generic backend
|
2015-08-20 17:59:30 -07:00 |
|
captainill
|
ad9e00b166
|
make sure header is below clickable area that hides sidebar
|
2015-08-20 17:22:48 -07:00 |
|
Jeff Mitchell
|
b57ce8e5c2
|
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4.
Fixes #528.
|
2015-08-20 16:41:25 -07:00 |
|
vishalnayak
|
54db77a3f1
|
Vault SSH: +script link, -script file, in docs
|
2015-08-20 16:35:16 -07:00 |
|
vishalnayak
|
0ffad79548
|
Vault SSH: Make the script readable
|
2015-08-20 16:12:17 -07:00 |
|
Jeff Mitchell
|
133380915a
|
Disallow non-client X509 key usages for client TLS cert authentication.
|
2015-08-20 15:50:47 -07:00 |
|
Jeff Mitchell
|
41b85a1c83
|
Allow enforcement of hostnames to be toggleable for certificates. Fixes #451.
|
2015-08-20 14:33:37 -07:00 |
|
Jeff Mitchell
|
c84ccc08d4
|
sys_mount.go is now unnecessary
|
2015-08-20 14:09:15 -07:00 |
|
Jeff Mitchell
|
271255b008
|
Send sys mounting logic directly to logical backend. Unit tests run.
|
2015-08-20 13:59:57 -07:00 |
|
Jeff Mitchell
|
15f57082e0
|
Begin factoring out sys paths into logical routes. Also, standardize on 307 as redirect code.
|
2015-08-20 13:20:35 -07:00 |
|
vishalnayak
|
2da717fd8b
|
Vault SSH: Adding the missed out config file
|
2015-08-20 11:30:21 -07:00 |
|
Jeff Mitchell
|
46d06144a8
|
Merge pull request #552 from hashicorp/fix-uselimit-decrement
Fix #461 properly by defering potential revocation of a token until a…
|
2015-08-20 10:39:24 -07:00 |
|
Jeff Mitchell
|
db79dd8c22
|
Don't defer revocation when sealing, and clear out response/auth if there is a token use error
|
2015-08-20 10:37:42 -07:00 |
|
Jeff Mitchell
|
0e8e3660ff
|
Fix #461 properly by defering potential revocation of a token until after the request is fully handled.
|
2015-08-20 10:14:13 -07:00 |
|