Gobin Sougrakpam
62ac4dfca0
Fix renewAuth to use the increment value ( #3904 )
2018-02-05 12:22:49 -05:00
Jeff Mitchell
8145b0ce0b
Mark old MFA as legacy/unsupported in sidebar
2018-02-05 11:47:59 -05:00
Jeff Mitchell
39bdd318d5
changelog++
2018-02-05 11:23:03 -05:00
Jeff Mitchell
fe6c19d623
Update zookeeper dep
...
Fixes #3896
2018-02-05 11:22:21 -05:00
Jeff Mitchell
6dfd2d0684
changelog++
2018-02-05 10:57:22 -05:00
Jeff Mitchell
20465d8040
Add centrify CLI handler support
2018-02-05 10:56:57 -05:00
Jeff Mitchell
05723e1229
Revert cluster.go change
2018-02-04 20:42:45 -05:00
Jeff Mitchell
f33563f667
Some vet fixes
2018-02-04 20:37:57 -05:00
Joel Thompson
4f49318b33
auth/aws: Switch role tag processing from strings.Contains to strings.HasPrefix ( #3906 )
...
strings.HasPrefix is more correct; if a tag part value ended up
containing the expected prefix of another part, it could cause incorrect
parsing. I don't think that these values would be semantically legal
today, but it's probably better to be defensive.
2018-02-04 19:37:03 -05:00
Jeff Mitchell
0255d4ca10
Make the MFA support status more clear for the legacy system
2018-02-04 19:25:27 -05:00
Jeff Mitchell
041d0d4abf
changelog++
2018-02-03 13:28:15 -05:00
Jeff Mitchell
b6614b651f
Differentiate between user/internal error in AppRole login. ( #3902 )
...
* Differentiate between user/internal error in AppRole login.
This allows us to properly pass through internal errors back up into
core.
* Separate out error cases
2018-02-02 20:34:32 -05:00
Jeff Mitchell
fc6564e4ee
Don't run rollback and upgrade functionality if we are a replication secondary ( #3900 )
...
* Don't run rollback and upgrade functionality if we are a replication
secondary, but do if the mount is local.
2018-02-02 20:28:25 -05:00
Vishal Nayak
effdc09a71
Add the actual error object to the message ( #3901 )
2018-02-02 19:06:08 -05:00
Jeff Mitchell
676b302dbf
Add a sysview call to determine if a mount is local. ( #3899 )
...
This is useful for deciding when to run upgrade logic, e.g. if on a
performance secondary but local it's fine to run.
2018-02-02 18:17:12 -05:00
George Christou
c35af6dd01
website: Include `fish` as a supported shell ( #3895 )
2018-02-02 10:34:48 -05:00
Brian Kassouf
b91dbaf295
changelog++
2018-02-01 16:47:38 -08:00
Jeff Mitchell
ac66586b7a
changelog++
2018-02-01 19:08:39 -05:00
Xiang Li
a120544b47
etcd: config etcd3 client's max response size ( #3891 )
2018-02-01 19:08:09 -05:00
Jeff Mitchell
0e6b45ba5c
changelog++
2018-02-01 19:05:29 -05:00
Xiang Li
5fd85205cc
etcd3: only create lock when lock is called ( #3893 )
2018-02-01 19:04:52 -05:00
Brian Kassouf
1cee2a1415
plugins/gRPC: fix issues with reserved keywords in response data ( #3881 )
...
* plugins/gRPC: fix issues with reserved keywords in response data
* Add the path raw file for mock plugin
* Fix panic when special paths is nil
* Add tests for Listing and raw requests from plugins
* Add json.Number case when decoding the status
* Bump the version required for gRPC defaults
* Fix test for gRPC version check
2018-02-01 14:30:17 -08:00
Calvin Leung Huang
413df160df
changelog++
2018-02-01 12:56:02 -05:00
John Eismeier
6d18e0da3d
Propose small spelling change ( #3890 )
2018-02-01 12:51:38 -05:00
Jeff Mitchell
4a519b1a02
changelog++
2018-02-01 12:45:58 -05:00
Josh Giles
94fe8600b6
Return Okta config TTLs in seconds, not nanos. ( #3871 )
2018-02-01 12:44:57 -05:00
Vishal Nayak
01b1b9ff6d
docs/telemetry: remove merge conflict remnant ( #3882 )
...
* remove merge conflict remnant
* s/auth/authentication
2018-02-01 12:09:58 -05:00
Calvin Leung Huang
848ce6427b
Handle period's zero value in token store's token creation ( #3880 )
...
* Handle period's zero value on handleCreateCommon
* Add test for period zero value
2018-02-01 12:01:46 -05:00
Chris Hoffman
ffa6fdaf1e
Adding tests to ensure all backends are mountable ( #3861 )
2018-02-01 11:30:04 -05:00
Brian Kassouf
dc326a83d4
helper/storagepacker: Fix panic when bucket doesn't exist ( #3875 )
2018-01-31 18:42:22 -05:00
Brian Shumate
a7049247d9
Correct cofiguration option in example ( #3879 )
2018-01-31 13:41:31 -05:00
Jack Pearkes
a2f0f0a8e5
website: add note about the 0.9.2+ CLI changes to reduce confusion ( #3868 )
...
* website: add note about the 0.9.2+ CLI changes to reduce confusion
* website: fix frontmatter for 0.9.3 guide, add to guides index
* website: add overview title to 0.9.3 guide for spacing
2018-01-30 13:30:47 -05:00
Andy Manoske
9fed040807
Update CHANGELOG.md
2018-01-29 15:56:00 -08:00
Jeff Mitchell
0afaa4827f
Merge branch 'rel-0.9.3' into master-oss
2018-01-28 16:09:31 -05:00
Jeff Mitchell
2d93cfdb1a
Cut version 0.9.3
2018-01-28 15:34:14 -05:00
Jeff Mitchell
a5816dd2ae
Prep for 0.9.3
2018-01-28 15:33:29 -05:00
Jeff Mitchell
f967d10f04
Use debian:testing for building
2018-01-28 14:58:52 -05:00
Jeff Mitchell
1b982750f5
(Re...)Add Nomad secrets engine.
...
Fixes #3858
2018-01-28 14:38:19 -05:00
Jeff Mitchell
98b479ab58
Bump deps
2018-01-26 18:51:00 -05:00
Jeff Mitchell
8f24bdee1f
Typo fixes on upgrading page
2018-01-26 16:11:25 -05:00
Jeff Mitchell
c6d8222236
Add 0.9.2 upgrade guide
2018-01-26 16:07:41 -05:00
Jeff Mitchell
7dc3def7b5
Cut version 0.9.2
2018-01-26 14:13:20 -05:00
Jeff Mitchell
f3d1e8170b
Prep for 0.9.2
2018-01-26 13:59:01 -05:00
Jeff Mitchell
063f5a982b
Sync plugins
2018-01-26 09:04:48 -05:00
Jeff Mitchell
60e2209532
Remove core restriction in cache and turn it into an active/standby restriction instead ( #3849 )
2018-01-25 22:21:51 -05:00
Chris Bartlett
c7580b2961
#3850 Fixed documentation for aws/sts ttl ( #3851 )
2018-01-25 22:20:30 -05:00
Vishal Nayak
150ad8405b
Remove logical.Initialize() method ( #3848 )
...
* Remove logical.Initialize() method
* More cleanup
* Fix test
2018-01-25 20:19:27 -05:00
Jeff Mitchell
c6f35c3890
Update plugins
2018-01-24 23:24:16 -05:00
Jeff Mitchell
dbae34a4bb
changelog++
2018-01-24 23:09:59 -05:00
Joel Thompson
2cd8051607
auth/aws: Fix error with empty bound_iam_principal_arn ( #3843 )
...
* auth/aws: Fix error with empty bound_iam_principal_arn
In cases where there doesn't need to be a bound_iam_principal_arn, i.e.,
either auth_type is ec2 or there are other bindings with the iam
auth_type, but it is specified explicitly anyway, Vault tried to parse
it to resolve to internal unique IDs. This now checks to ensure that
bound_iam_principal_arn is non-empty before attempting to resolve it.
Fixes #3837
* Fix extraneous newline
2018-01-24 23:08:05 -05:00