6d08c94866
Update LDAP "groups" parameter to use TypeCommaStringSlice ( #6942 )
...
No functional change, but the updated type plays nicer with the
OpenAPI-driven UI.
2019-06-20 15:36:54 -07:00
62158d65fe
Use a role cache to avoid separate locking paths ( #6926 )
...
* Use a role cache to avoid separate locking paths
Due to the various locked/nonlocked paths we had a case where we weren't
always checking for secondary status before trying to upgrade. This
broadly simplifies things by using a cache to store the current role
values (avoiding a lot of storage hits) and updating the cache on any
write, delete, or invalidation.
2019-06-20 10:31:31 -04:00
76cc52f48c
auth/aws: guard against malformed assumed role ARNs ( #6917 )
...
* auth/aws: guard against malformed assumed role ARNs
* revert helper func changes
2019-06-18 15:51:40 -07:00
8a0d423ed8
Fix gofmt ( #6764 )
2019-05-20 15:15:05 -07:00
8bc9fa4583
Fix Okta auth to allow group names containing slashes ( #6665 )
...
This PR also adds CollectKeysPrefix which allows a more memory efficient
key scan for those cases where the result is immediately filtered by
prefix.
2019-05-01 14:56:18 -07:00
93ee14844f
cert/tests: fix tests due to cert expiry ( #6647 )
2019-04-26 16:49:30 -07:00
06574da57a
Merge multiple functions for creating consul containers into one. ( #6612 )
...
Merge both functions for creating mongodb containers into one.
Add retries to docker container cleanups.
Require $VAULT_ACC be set to enable AWS tests.
2019-04-22 12:26:10 -04:00
5dcfe7bf5f
Fix a dropped Okta error ( #6592 )
2019-04-16 13:05:50 -04:00
213b9fd1cf
Update to api 1.0.1 and sdk 0.1.8
2019-04-15 14:10:07 -04:00
9ebc57581d
Switch to go modules ( #6585 )
...
* Switch to go modules
* Make fmt
2019-04-13 03:44:06 -04:00
28e2ce8577
Fix build breakages
2019-04-12 22:01:13 -04:00
6ded269700
Merge pull request #6268 from hashicorp/6234-aws-region
...
Add region to CLI for generating AWS login data
2019-04-12 16:15:38 -07:00
80c303ac83
Move ldaputil and tlsutil over to sdk
2019-04-12 18:26:54 -04:00
a1796b3ece
Move password to sdk
2019-04-12 18:12:13 -04:00
8d6ce1ffb5
Move policyutil to sdk
2019-04-12 18:08:46 -04:00
7ca424e8d2
Move cidrutil to sdk
2019-04-12 18:03:59 -04:00
8bcb533a1b
Create sdk/ and api/ submodules ( #6583 )
2019-04-12 17:54:35 -04:00
4a4eab50a1
Merge branch 'opensource-master' into 6234-aws-region
2019-04-03 11:37:33 -07:00
0e93244b14
Clean up test artifacts
2019-04-02 15:09:31 -04:00
a6d6d55c03
Fix failing cert test due to cert expiration ( #6520 )
...
This introduces a way to just generate new certs for each test. It
doesn't port everything over but we can over time.
2019-04-02 14:49:42 -04:00
000066aff7
Update builtin/credential/aws/cli.go
...
Co-Authored-By: tyrannosaurus-becks <beccapetrin@posteo.net>
2019-04-01 15:37:02 -07:00
339cfcaaf8
merge master
2019-04-01 13:52:44 -07:00
453f1ac109
changed misspelled english words ( #6432 )
2019-03-19 09:32:45 -04:00
b4d30a1b6c
all: fix no-op append calls ( #6360 )
...
Append call in form of `append(s)` has no effect,
it just returns `s`. Sometimes such invocation is a sign
of a programming error, so it's better to remove these.
Signed-off-by: Iskander Sharipov <quasilyte@gmail.com>
2019-03-14 13:40:30 -07:00
1b9327fe3f
Fix inverted description for ldap/users$ and ldap/groups$ endpoints ( #6406 )
2019-03-13 11:02:45 -07:00
5829774e91
Support env vars for STS region ( #6284 )
2019-02-28 09:31:06 -08:00
dbff485a1f
Coax AWS SDK to use right region for STS
2019-02-20 22:57:39 -05:00
65b8ad9187
allow aws region in cli login
2019-02-20 16:43:21 -08:00
625f0c7546
Update OpenAPI responses to include information the UI can use ( #6204 )
2019-02-14 12:42:44 -05:00
82a85aa8c8
Make fmt
2019-02-08 09:12:55 -05:00
a967078d80
add missing key `bound_cidrs` in pathCertRead Response ( #6080 )
2019-02-07 22:41:38 -05:00
2f9a7c6203
Add more perf standby guards ( #6149 )
2019-02-01 16:56:57 -05:00
bbc1d53a5d
Revert "Refactor common token fields and operations into a helper ( #5953 )"
...
This reverts commit 66c226c593bb1cd48cfd8364ac8510cb42b7d67a.
2019-02-01 11:23:40 -05:00
33400e6e99
Fix typo in help text ( #6136 )
...
Small typo introduced in #6133
2019-01-31 08:53:54 -08:00
85a560abba
Refactor common token fields and operations into a helper ( #5953 )
2019-01-30 16:23:28 -05:00
d8b0015d71
Add role ID to token metadata and internal data
2019-01-30 16:17:31 -05:00
47accf8086
Add role_id as an alias name source for AWS and change the defaults
2019-01-30 15:51:45 -05:00
159f0c1b0a
Fix typo in comment
2019-01-17 13:28:27 -05:00
0c30f46587
Add option to configure ec2_alias values ( #5846 )
...
* Add option to configure ec2_alias values
* Doc updates
* Fix overwriting of previous config value
* s/configEntry/config
* Fix formatting
* Address review feedback
* Address review feedback
2019-01-09 18:28:29 -05:00
d0e2badbae
Run goimports across the repository ( #6010 )
...
The result will still pass gofmtcheck and won't trigger additional
changes if someone isn't using goimports, but it will avoid the
piecemeal imports changes we've been seeing.
2019-01-08 16:48:57 -08:00
0c6793d774
Update path_role.go ( #5820 )
2018-11-19 13:40:36 -08:00
fa26beeaed
fmt
2018-11-07 16:52:01 -05:00
7bd22e6779
Run all builtins as plugins ( #5536 )
2018-11-06 17:21:24 -08:00
b4503d02c6
Call wg.Add(1) outside of goroutine ( #5716 )
2018-11-06 16:36:13 -08:00
8eca41ee2d
Fix build
2018-10-27 14:06:20 -04:00
a21a7e9eb4
Change ordering of user lookup vs. password hashing ( #5614 )
...
* Change ordering of user lookup vs. password hashing
This fixes a very minor information leak where someone could brute force
the existence of a username. It's not perfect as the underlying storage
plays a part but bcrypt's slowness puts that much more in the noise.
2018-10-27 10:43:08 -07:00
89f0efb6a1
fmt
2018-10-20 21:09:51 -04:00
841c4fcdd1
Merge branch 'master-oss' into 1.0-beta-oss
2018-10-19 09:25:17 -04:00
46948aef80
ability to add NAS Identifier header to radius request ( #5465 )
2018-10-18 13:41:14 -04:00
d843e0b52c
Merge branch 'master-oss' into 1.0-beta-oss
2018-10-18 10:28:14 -04:00
Jim Kalafut