Commit graph

7590 commits

Author SHA1 Message Date
rmbrad 393bdd75a0 Fixes for SSH command CA mode (#3922)
* Add `valid-principals` flag to SSH command CA mode options

* Fix SSH command CA mode host certificate validation
2018-02-12 17:53:34 -05:00
Joel Thompson c61ac21e6c auth/aws: Improve role tag docs as suggested on mailing list (#3915)
Fixes the ambiguity called out in
https://groups.google.com/forum/#!msg/vault-tool/X3s7YY0An_w/yH0KFQxlBgAJ
2018-02-12 17:39:17 -05:00
Jeff Mitchell 3b2393aa2b changelog++ 2018-02-12 17:28:11 -05:00
Jeff Mitchell 4969505c7e
Add transaction-like behavior for Transit persists. (#3959) 2018-02-12 17:27:28 -05:00
Jeff Mitchell f46947e591 changelog++ 2018-02-12 16:12:42 -05:00
Jeff Mitchell ac382055d4
Validate Consul service name is RFC 1123 compliant (#3961) 2018-02-12 16:11:59 -05:00
Jeff Mitchell db8772f15e Minor website wording updates 2018-02-12 15:28:06 -05:00
Jeff Mitchell 5a047fba68 Document the disable_sealwrap parameter 2018-02-12 15:20:07 -05:00
Jeff Mitchell 844b7c395f Refactor fail logic in inmem 2018-02-12 11:25:48 -05:00
Jeff Mitchell 609648de4f Convert logical.InmemStorage to a wrapper around physical/inmem.
The original reason for the split was physical's dependencies, but those
haven't been onerous for a long time. Meanwhile it's a totally separate
implementation so we could be getting faulty results from tests. Get rid
of it and use the unified physical/inmem.
2018-02-12 11:16:16 -05:00
Jeff Mitchell 2ff01bb3ec Remove package level variables from transit policy test, makes it easier to parallelize later and less magical 2018-02-12 11:04:58 -05:00
Jeff Mitchell 958afd4019 Bump deps 2018-02-10 19:29:52 -05:00
Jeff Mitchell 80e25b66b8 changelog++ 2018-02-10 10:08:07 -05:00
Jeff Mitchell 8655a1c135
Various PKI updates (#3953) 2018-02-10 10:07:10 -05:00
Kevin Paulisse 2282fcef8a Decompress data before sending via sys/raw (#3954) 2018-02-09 18:43:48 -05:00
Jeff Mitchell 6f025fe2ab
Adds the ability to bypass Okta MFA checks. (#3944)
* Adds the ability to bypass Okta MFA checks.

Unlike before, the administrator opts-in to this behavior, and is
suitably warned.

Fixes #3872
2018-02-09 17:03:49 -05:00
Jeff Mitchell 3f62c42fc7 Fix race in approle integ test 2018-02-09 17:01:10 -05:00
Jeff Mitchell 96ea0620fd
Add sealunwrapper to ease OSS downgrades (#3936) 2018-02-09 16:37:40 -05:00
Jeff Mitchell 847e499261 Simplify readonly view logic 2018-02-09 15:39:27 -05:00
Vishal Nayak bf66dc2841 Make mount view read only until after mount persist (#3910) 2018-02-09 14:04:25 -05:00
Jeff Mitchell bd3cdd8095 Fix compile 2018-02-09 14:04:05 -05:00
Jeff Mitchell e149f52744 changelog++ 2018-02-09 13:55:03 -05:00
Chris Hoffman 898026c58f Fix auditing for transit keys with backup/restore info (#3919) 2018-02-09 13:54:18 -05:00
Jeff Mitchell b29759fb10 changelog++ 2018-02-09 13:44:54 -05:00
Vishal Nayak 80ffd07b8b added a flag to make common name optional if desired (#3940)
* added a flag to make common name optional if desired

* Cover one more case where cn can be empty

* remove skipping when empty; instead check for emptiness before calling validateNames

* Add verification before adding to DNS names to also fix #3918
2018-02-09 13:42:19 -05:00
vishalnayak d44b098ae8 changelog++ 2018-02-09 10:43:13 -05:00
Vishal Nayak 81c66efd6d
AppRole/Identity: Fix for race when creating an entity during login (#3932)
* possible fix for race in approle login while creating entity

* Add a test that hits the login request concurrently

* address review comments
2018-02-09 10:40:56 -05:00
alexandrumd 56f0ff4293 Change 'rules' parameter for Policies requests (#3947)
With Vault Version: 0.9.1, the following is returned when using "rules" for policies operation:
```The following warnings were returned from the Vault server:
* 'rules' is deprecated, please use 'policy' instead```
2018-02-09 07:43:18 -05:00
Brian Kassouf e0eda844d5
changelog++ 2018-02-08 16:52:14 -08:00
Brian Kassouf 948db9b32d
plugin/gRPC: fix panic when special paths are not set (#3946)
* plugin/gRPC: fix panic when special paths are not set

* Remove comment
2018-02-08 16:51:26 -08:00
Roger Berlind 07f587dd05 Updated replication table (#3929) 2018-02-08 18:11:00 -05:00
Guillaume 925a4a855d Minor tweaks to Windows build scripts (#3931) 2018-02-08 18:09:39 -05:00
Jeff Mitchell a449d07689 Exclude rekey command tests from race detector 2018-02-08 13:34:45 -05:00
Jeff Mitchell 4fbeae77ee
Update relatedtools.html.md 2018-02-08 11:15:47 -05:00
Robert Kreuzer a25986391b Add vaultenv to the list of related tools (#3945) 2018-02-08 10:30:45 -05:00
vishalnayak 9b8bd6dfe8 changelog++ 2018-02-07 20:44:33 -05:00
Vishal Nayak 9d163f5aa4
avoid masking of role tag response (#3941) 2018-02-07 20:43:05 -05:00
Chris Hoffman d723479b32
Fixing docs links and adding redirects for new guides (#3939)
* updating links

* updating links

* updating links

* updating links

* updating links

* adding redirects
2018-02-07 19:29:07 -05:00
Jeff Mitchell 4d674b978b changelog++ 2018-02-07 15:57:52 -05:00
seanjfellows 4739342fdb Create audit failure metrics unconditionally (#3937) 2018-02-07 15:57:00 -05:00
Jed da955a8f1b Lil typo fixes (#3925)
Read through the initial docs and noticed a few typos
2018-02-07 09:38:11 -05:00
emily e086429964 fix IAM diagram for GCP auth method docs (#3927) 2018-02-07 09:37:11 -05:00
Andy Manoske 683faac6d0
Merge pull request #3855 from hashicorp/new-guides
New Vault Guides
2018-02-06 18:13:06 -08:00
Andy Manoske 4d33d5fa34
Merge branch 'master' into new-guides 2018-02-06 13:09:22 -08:00
vishalnayak 52e55776d8 changelog++ 2018-02-06 15:46:22 -05:00
Vishal Nayak 41ac1e4b53
AppRole: Cleanup accessor indexes and dangling accessor indexes (#3924)
* Cleanup accessor indexes and dangling accessor indexes

* Add a test that exercises the accessor cleanup
2018-02-06 15:44:48 -05:00
Jeff Mitchell 1a8a843588
Change grpc's max sent/recv size to a very large value. (#3912) 2018-02-06 13:52:35 -05:00
John Eismeier d2534c4bde Fix some typos (#3923) 2018-02-06 13:35:01 -05:00
Jeff Mitchell fba5f46e4d Fix compilation of test against new go-plugin 2018-02-06 13:33:29 -05:00
Jeff Mitchell 3297d3dc92 Update go-plugin 2018-02-06 13:31:13 -05:00