Jeff Mitchell
5c230c796b
Add peer cluster address cache
2017-05-24 20:51:53 -04:00
Jeff Mitchell
bbe27aaedf
Add heartbeating and cluster address sharing to request forwarding ( #2762 )
2017-05-24 15:06:56 -04:00
Jeff Mitchell
9d4801b1e8
Revert grpc back a version (they introduced a panic) and clean up a bunch of old request forwarding stuff
2017-05-24 10:38:48 -04:00
Jeff Mitchell
0d4e7fba69
Remove non-gRPC request forwarding
2017-05-24 09:34:59 -04:00
Jeff Mitchell
7cc72a9066
Delay salt initialization for audit backends
2017-05-23 20:36:20 -04:00
emily
aa40d2cff6
add gofmt checks to Vault and format existing code ( #2745 )
2017-05-19 08:34:17 -04:00
Jeff Mitchell
858deb9ca4
Don't allow parent references in file paths
2017-05-12 13:52:33 -04:00
Jeff Mitchell
d25aa9fc21
Don't write salts in initialization, look up on demand ( #2702 )
2017-05-09 17:51:09 -04:00
Jeff Mitchell
76ca5fc377
Allow non-strings to be used to set ttl
field in generic. ( #2699 )
2017-05-09 14:05:00 -04:00
Jeff Mitchell
5b3d80042e
Fix mount test
2017-05-09 09:49:45 -04:00
Jeff Mitchell
e3c8be72cc
Fix local check on singleton required mounts
2017-05-09 08:36:10 -04:00
Jeff Mitchell
e0c2b37c2a
Add commenting to singletonMountTables
2017-05-08 13:39:18 -04:00
Jeff Mitchell
f50d345fa3
Fix imports.
...
Closes #2688
2017-05-08 10:23:29 -04:00
Jeff Mitchell
726bd6f379
Don't load a required mount if in secondary mode, let sync invalidate do that
2017-05-05 19:40:26 -04:00
Jeff Mitchell
3aafb3270c
Move singleton mount fetching function to mount.go and fix tests
2017-05-05 17:20:30 -04:00
Jeff Mitchell
b53331d345
Add token to singleton mounts
2017-05-05 16:45:48 -04:00
Jeff Mitchell
6f6f242061
Add logic to skip initialization in some cases and some invalidation logic
2017-05-05 15:01:52 -04:00
vishalnayak
fa201f2505
auth/token/tidy log level update
2017-05-05 11:16:13 -04:00
Jeff Mitchell
55ef4f2566
Merge branch 'master-oss' into sys-tidy-leases
2017-05-05 10:53:41 -04:00
Jeff Mitchell
b482043de1
Update debugging around tidy
2017-05-05 10:48:12 -04:00
Jeff Mitchell
91e790867f
Address feedback
2017-05-05 10:26:40 -04:00
Brian Kassouf
2d6dfbf147
Don't store the plugin directory prepended command in the barrier, prepend on get
2017-05-04 12:36:06 -07:00
Brian Kassouf
5ee0d696d4
Merge remote-tracking branch 'oss/master' into database-refactor
2017-05-04 10:45:18 -07:00
Jeff Mitchell
b568ea751b
Move client token check in exp register to top
2017-05-04 12:45:57 -04:00
Jeff Mitchell
abd63096f8
Update comments
2017-05-04 12:44:31 -04:00
vishalnayak
1a02f9be11
Fix up the tests
2017-05-04 12:41:15 -04:00
vishalnayak
5683430cb7
Update Tidy function comment
2017-05-04 12:11:00 -04:00
Jeff Mitchell
d74b1b284a
Update commenting
2017-05-04 11:54:57 -04:00
Jeff Mitchell
9a91700263
Move tidy-leases to leases/tidy
2017-05-04 09:40:11 -04:00
Jeff Mitchell
f8295a301d
Merge branch 'master-oss' into sys-tidy-leases
2017-05-04 09:37:52 -04:00
Chris Hoffman
3d9cf89ad6
Add the ability to view and list of leases metadata ( #2650 )
2017-05-03 22:03:42 -04:00
Jeff Mitchell
7250b3d01e
Fix comment typo
2017-05-03 20:25:55 -04:00
Jeff Mitchell
b7128f53a8
Add sys/leases/lookup and sys/leases/renew to the default policy
2017-05-03 20:22:16 -04:00
Jeff Mitchell
7f3891c734
Fix substitution of index/child in delete call
2017-05-03 15:09:13 -04:00
Jeff Mitchell
99884a8f13
Merge remote-tracking branch 'oss/master' into sys-tidy-leases
2017-05-03 15:02:42 -04:00
Jeff Mitchell
3b95e751c0
Add more cleanup if a lease fails to register and revoke tokens if registerauth fails
2017-05-03 14:29:57 -04:00
Jeff Mitchell
bb6b5f7aa6
Add taint flag for looking up by accessor
2017-05-03 13:08:50 -04:00
vishalnayak
a1a0c2950f
logging updates
2017-05-03 12:58:10 -04:00
vishalnayak
6aa7f9b7c9
Added logs when deletion fails so we can rely on server logs
2017-05-03 12:47:05 -04:00
vishalnayak
bc5d5b7319
consistent logging
2017-05-03 12:45:22 -04:00
Jeff Mitchell
596ad2c8f7
Adhere to tainted status in salted accessor lookup
2017-05-03 12:36:10 -04:00
Jeff Mitchell
5f18b1605a
Two things:
...
1) Ensure that if we fail to generate a lease for a secret we attempt to revoke it
2) Ensure that any lease that is registered should never have a blank token
In theory, number 2 will let us a) find places where this *is* the case, and b) if errors are encountered when revoking tokens due to a blank client token, it suggests that the client token values are being stripped somewhere along the way, which is also instructive.
2017-05-03 12:17:09 -04:00
Jeff Mitchell
0553f7a8d1
change some logging output
2017-05-03 12:14:58 -04:00
Jeff Mitchell
c9bd54ad65
Less scary debugging
2017-05-03 11:15:59 -04:00
vishalnayak
dd898ed2e1
Added summary logs to help better understand the consequence
2017-05-03 10:54:07 -04:00
vishalnayak
9f682eb9cd
Test to check that leases with valid tokens are not being cleaned up
2017-05-02 18:12:03 -04:00
vishalnayak
850cda7861
Added test to check the atomicity of the lease tidy operation
2017-05-02 18:06:59 -04:00
vishalnayak
875658531b
Do not duplicate log lines for invalid leases
2017-05-02 17:56:15 -04:00
Brian Kassouf
f644c34c5b
Remove unused TestCoreUnsealedWithListener function
2017-05-02 14:52:48 -07:00
Brian Kassouf
5e0c03415b
Don't need to explictly set redirectAddrs
2017-05-02 14:44:14 -07:00