Commit graph

2397 commits

Author SHA1 Message Date
Jeff Mitchell 676008b2c5 Lotsa warnings if you choose not to be safe 2016-01-08 17:35:07 -05:00
Jeff Mitchell f6d2271a3c Use an array of keys so that if the same fingerprint is used none are lost when using PGP key backup 2016-01-08 14:29:23 -05:00
Jeff Mitchell 26e1837a82 Some minor rekey backup fixes 2016-01-08 14:09:40 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 87f686997f changelog++ 2016-01-07 11:36:32 -05:00
Jeff Mitchell c9f9bcdeaf Merge pull request #912 from hashicorp/fix-renew-regression
Have 'sys/renew' return the value provided in Secret.
2016-01-07 11:35:52 -05:00
Jeff Mitchell 455acc255b Have 'sys/renew' return the value provided in Secret.
Fixes a regression introduced in 0.3.
2016-01-07 11:35:09 -05:00
Jeff Mitchell 2412c078ac Also convert policy store cache to 2q.
Ping #908
2016-01-07 09:26:08 -05:00
Jeff Mitchell d6b6cbe9aa changelog++ 2016-01-07 09:22:45 -05:00
Jeff Mitchell 0cda012d20 Merge pull request #908 from hashicorp/physical-2q
Replace physical cache with TwoQueue instead of LRU.
2016-01-07 09:22:15 -05:00
Jeff Mitchell 287954beef Replace physical cache with TwoQueue instead of LRU. 2016-01-07 09:21:33 -05:00
Jeff Mitchell 85509e7ba5 Simplify some logic and ensure that if key share backup fails, we fail
the operation as well.

Ping #907
2016-01-06 13:14:23 -05:00
Jeff Mitchell 20a6f37b38 Merge pull request #907 from hashicorp/rekey-work
Add rekey nonce/backup.
2016-01-06 09:55:19 -05:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell d4bc51751e Fix typo in docs 2016-01-05 11:45:23 -05:00
Jeff Mitchell 06d19e4269 changelog++ 2016-01-05 11:27:08 -05:00
Jeff Mitchell d5c72f2083 Merge pull request #904 from hashicorp/policy-doc
Update documentation with policy fetching information.
2016-01-05 10:26:53 -06:00
Jeff Mitchell e54edd54ac Update documentation with policy fetching information. 2016-01-05 11:26:19 -05:00
Jeff Mitchell d51d723c1f Use int64 for converting time values, not int (will be float64 in JSON anyways, so no need to lose precision, plus could hit a 32-bit max in some edge cases) 2016-01-04 17:11:22 -05:00
Jeff Mitchell a99c29dad4 changelog++ 2016-01-04 17:01:32 -05:00
Jeff Mitchell 0972e60253 Merge pull request #896 from hashicorp/last-renewal-time
Store a last renewal time in the token entry and return it upon lookup
2016-01-04 16:00:21 -06:00
Jeff Mitchell e990b77d6e Address review feedback; move storage of these values to the expiration manager 2016-01-04 16:43:07 -05:00
Jonathan Thomas df5f5d68bd Merge pull request #888 from aedotj/patch-1
Fixed "edit this page" not clickable
2016-01-04 11:29:21 -08:00
Jeff Mitchell 80866d036d update init/rekey documentation around keybase entries 2016-01-04 14:17:51 -05:00
Jeff Mitchell dbd7c9aaab changelog++ 2016-01-04 14:14:51 -05:00
Jeff Mitchell bf79b716ef Merge pull request #901 from hashicorp/keybase-pgp
Add keybase support for PGP keys.
2016-01-04 13:11:11 -06:00
Jeff Mitchell 8d1e5cb50d Add returning which user names could not be looked up 2016-01-04 13:56:45 -05:00
Jeff Mitchell 5ddd243144 Store a last renewal time in the token entry and return it upon lookup
of the token.

Fixes #889
2016-01-04 11:20:49 -05:00
Jeff Mitchell 90ec946dab Address review feedback. 2016-01-04 11:18:04 -05:00
Jeff Mitchell d11509830f Happy New Year everyone! (Add keybase support for PGP keys.)
Keys specified in rekey and init operations can now be sourced from
keybase.io by using "keybase:[username]" as the key.
2015-12-31 20:47:41 -05:00
Jeff Mitchell 80d92903f4 changelog++ 2015-12-31 18:11:32 -05:00
Jeff Mitchell 2bbc140fab Merge pull request #900 from kenjones-cisco/task/pki-doc
Fixes mis-placed html tag
2015-12-31 09:46:27 -06:00
kenjones-cisco 496e9962d0 Fixes mis-placed html tag 2015-12-31 10:37:01 -05:00
Jeff Mitchell 5ef7efffe3 Disable cmd/server tests for now so we can get Travis back on track 2015-12-31 08:48:53 -05:00
Jeff Mitchell c642feebe2 Remove some outdated comments 2015-12-30 21:00:27 -05:00
Jeff Mitchell a7a02b3043 Cert documentation fix.
Fixes #899
2015-12-30 16:44:24 -05:00
Jeff Mitchell 7e93071404 Move the information about the new behavior of token-renew to the breaking changes section 2015-12-30 15:29:24 -05:00
Jeff Mitchell be4277199f changelog++ 2015-12-30 15:20:02 -05:00
Jeff Mitchell 06ee0caecc Merge pull request #897 from hashicorp/filter-duplicate-policies
Filter out duplicate policies during token creation.
2015-12-30 14:19:09 -06:00
Jeff Mitchell df68e3bd4c Filter out duplicate policies during token creation. 2015-12-30 15:18:30 -05:00
Jeff Mitchell e0d0ff6884 changelog++ 2015-12-30 14:43:51 -05:00
Jeff Mitchell 0c7122e956 Merge pull request #894 from hashicorp/renew-self-for-same-token
Use RenewSelf instead of Renew if the token is the same
2015-12-30 13:42:31 -06:00
Jeff Mitchell 0509ad9c29 Use RenewSelf instead of Renew if the token we're renewing is the same as the client 2015-12-30 14:41:50 -05:00
Jeff Mitchell 0ef4fadb25 changelog++ 2015-12-30 13:28:49 -05:00
Jeff Mitchell a6a002e39d Merge pull request #892 from nickithewatt/token-lookup
Make token-lookup functionality available via Vault CLI
2015-12-30 12:27:39 -06:00
Nicki Watt 442d538deb Make token-lookup functionality available via Vault CLI 2015-12-29 20:18:59 +00:00
Jeff Mitchell 0c338f01ea changelog++ 2015-12-29 13:18:36 -05:00
Jeff Mitchell fefa696a33 Merge pull request #886 from ooesili/ssh-error-fetching-username
Stop panic when vault ssh username fetching fails
2015-12-29 12:17:51 -06:00
Jeff Mitchell aaca139bd4 Merge pull request #891 from hashicorp/issue-890
Build on GH-890 to add other types
2015-12-29 12:08:00 -06:00
Jeff Mitchell 134b4d2a42 Built on GH-890 to add other types 2015-12-29 13:07:24 -05:00