Commit Graph

3670 Commits

Author SHA1 Message Date
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 7d20380c42 Merge pull request #1280 from hashicorp/remove-ts-revoke-prefix
Remove auth/token/revoke-prefix in favor of sys/revoke-prefix.
2016-04-01 09:48:52 -04:00
Jeff Mitchell 9a992f93f7 changelog++ 2016-03-31 20:17:30 -04:00
Jeff Mitchell 2b2541e13f Merge pull request #1277 from hashicorp/suprious-revoke-timer-logs
Keep the expiration manager from keeping old token entries.
2016-03-31 20:16:31 -04:00
Jeff Mitchell 2efaf5272c Documentation update 2016-03-31 18:07:43 -04:00
Jeff Mitchell 2fd02b8dca Remove auth/token/revoke-prefix in favor of sys/revoke-prefix. 2016-03-31 18:04:05 -04:00
Jeff Mitchell 7a6df4a8ab changelog++ 2016-03-31 17:43:44 -04:00
Vishal Nayak 86ba95e1b2 Merge pull request #1278 from hashicorp/ts-prefix-checkpath
Check for auth/ in the path of the prefix for revoke-prefix in the token
2016-03-31 16:41:18 -04:00
Jeff Mitchell 7442867d53 Check for auth/ in the path of the prefix for revoke-prefix in the token
store.
2016-03-31 16:21:56 -04:00
Jeff Mitchell 25b2320899 changelog++ 2016-03-31 15:38:21 -04:00
Jeff Mitchell 75650ec1ad Keep the expiration manager from keeping old token entries.
The expiration manager would never be poked to remove token entries upon
token revocation, if that revocation was initiated in the token store
itself. It might have been to avoid deadlock, since during revocation of
tokens the expiration manager is called, which then calls back into the
token store, and so on.

This adds a way to skip that last call back into the token store if we
know that we're on the revocation path because we're in the middle of
revoking a token. That way the lease is cleaned up. This both prevents
log entries appearing for already-revoked tokens, and it also releases
timer/memory resources since we're not keeping the leases around.
2016-03-31 15:10:25 -04:00
Jeff Mitchell 1915582a24 Merge pull request #1276 from hashicorp/token-roles-blank-policies
Two items:
2016-03-31 15:09:32 -04:00
Jeff Mitchell ddce1efd0d Two items:
1: Fix path check in core to handle renew paths from the token store
that aren't simply renew/
2: Use token policy logic if token store role policies are empty
2016-03-31 14:52:49 -04:00
Seth Vargo 36215ab5df Merge pull request #1275 from gdevos/patch-2
Update index.html.md
2016-03-31 14:35:06 +02:00
Gérard de Vos eadf2faf83 Update index.html.md
According to the source it is expecting a description. log_raw is one of the options.
2016-03-31 14:19:03 +02:00
Seth Vargo cdf6e5d1ee Merge pull request #1274 from gdevos/patch-1
Update index.html.md
2016-03-31 14:07:27 +02:00
Gérard de Vos 13763203b6 Update index.html.md
description -> log_raw
2016-03-31 14:06:19 +02:00
Tobias Haag 175e3cc354 added Azure backend support
updated Godeps
added website docs
updated vendor
2016-03-30 19:49:38 -07:00
Jeff Mitchell 7fd5a679ca Fix potential error scoping issue.
Ping #1262
2016-03-30 19:48:23 -04:00
Jeff Mitchell 1be69ae235 Sort infokeys on startup and add more padding 2016-03-30 12:31:47 -04:00
Jeff Mitchell e6d20d1356 Merge pull request #1271 from jangie/patch-1
Update consul.html.md
2016-03-30 10:14:29 -04:00
Jang-Soo "Bruce" Lee 36d22a0c8d Update consul.html.md 2016-03-30 09:57:14 -04:00
Vishal Nayak 9932efea08 Merge pull request #1268 from hashicorp/fix-audit-doc
Fix audit docs
2016-03-30 00:55:39 -04:00
vishalnayak 7a34cea28d Fix audit docs 2016-03-30 00:54:40 -04:00
Jeff Mitchell 3cfcd4ddf1 Check for nil connection back from go-ldap, which apparently can happen even with no error
Ping #1262
2016-03-29 10:00:04 -04:00
Jeff Mitchell bff4dace78 changelog++ 2016-03-24 10:34:52 -04:00
Jeff Mitchell 37b5697779 Merge pull request #1258 from hashicorp/issue-1256
Properly check for policy equivalency during renewal.
2016-03-24 10:33:56 -04:00
Jeff Mitchell c50276ec17 Fix using wrong var 2016-03-24 10:23:09 -04:00
Jeff Mitchell 17613f5fcf Removing debugging comment 2016-03-24 09:48:13 -04:00
Jeff Mitchell 4c4a65ebd0 Properly check for policy equivalency during renewal.
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
2016-03-24 09:41:51 -04:00
Vishal Nayak a64de522b9 Merge pull request #1255 from hashicorp/revert-1254-master
Revert "Change mysql connection to match new"
2016-03-23 15:18:49 -04:00
Vishal Nayak 05b4c7102f Revert "Change mysql connection to match new" 2016-03-23 15:18:09 -04:00
Vishal Nayak 5399d0c087 Merge pull request #1254 from shokunin/master
Change mysql connection to match new
2016-03-23 15:13:18 -04:00
Chris Mague e27bcaf9a4 Change mysql connection to match new
Documentation update to reflect mysql config connection from the old to the newer format
2016-03-23 12:09:06 -07:00
Vishal Nayak 5e15ebdb43 Merge pull request #1252 from adkhare/master
Update userpass.html.md
2016-03-23 10:54:10 -04:00
Amit Khare 218a713293 Update userpass.html.md 2016-03-23 10:47:28 -04:00
Jeff Mitchell 90ebf0bf99 changelog++ 2016-03-23 10:08:04 -04:00
Jeff Mitchell 27bf5b7048 Merge pull request #1251 from hashicorp/remove-usecsrvalues-isca-check
Remove check for using CSR values with non-CA certificate.
2016-03-23 10:07:07 -04:00
Jeff Mitchell dfc5a745ee Remove check for using CSR values with non-CA certificate.
The endpoint enforces whether the certificate is a CA or not anyways, so
this ends up not actually providing benefit and causing a bug.

Fixes #1250
2016-03-23 10:05:38 -04:00
Jeff Mitchell 528b25c5f4 Merge HA Backend objects 2016-03-21 16:56:13 -04:00
leon e7942062bd - updated LDAP group search by iterating through all the attributes and searching for CN value instead of assuming the CN is always the first attribute from the RDN list 2016-03-21 19:44:08 +02:00
leon a82114eeb2 - added another method to search LDAP groups by querying the userDN for memberOf attribute 2016-03-21 16:55:38 +02:00
Jeff Mitchell 16f5a68a78 Merge pull request #1238 from jippi/patch-1
Update sys-step-down.html.md
2016-03-20 13:34:12 -04:00
Christian Winther ec0af1c71d Update sys-step-down.html.md 2016-03-20 18:02:32 +01:00
Vishal Nayak 574df68071 Merge pull request #1237 from ezbercih/patch-1
Fix a typo
2016-03-20 10:02:10 -04:00
Cem Ezberci 7ad97279d5 Fix a typo 2016-03-19 21:24:17 -07:00
Jeff Mitchell 5edad1137a Add some clarification to advertise_addr 2016-03-19 10:21:51 -04:00
Jeff Mitchell 72bb2b73d4 changelog++ 2016-03-18 16:32:56 -04:00
vishalnayak afffbfc6a1 changelog++ 2016-03-18 14:59:58 -04:00
Vishal Nayak 87673976a8 Merge pull request #1233 from hashicorp/auth-token-restore
Restore the previous valid token if token authentication  fails
2016-03-18 14:57:50 -04:00