Commit graph

4605 commits

Author SHA1 Message Date
Jeff Mitchell 6bf871995b Don't use time.Time in responses. (#1912)
This fixes #1911 but not directly; it doesn't address the cause of the
panic. However, it turns out that this is the correct fix anyways,
because it ensures that the value being logged is RFC3339 format, which
is what the time turns into in JSON but not the normal time string
value, so what we audit log (and HMAC) matches what we are returning.
2016-09-23 12:32:07 -04:00
Evan Phoenix 4214a0199d Advertise the cluster_(id|name) in the Scada handshake (#1906) 2016-09-23 10:55:51 -04:00
Jeff Mitchell 57f3904d74 Use VAULT_LOG_FORMAT as an analogue to LOGXI_FORMAT 2016-09-22 17:22:02 -04:00
Jeff Mitchell d65da5613c Add missing dep 2016-09-21 14:02:35 -04:00
Jeff Mitchell 226ef5d78c Make HA in etcd off by default. (#1909)
Fixes #1908

(Doesn't really "fix" it but someone from the community needs to step up
if they want to see this fixed.)
2016-09-21 14:01:36 -04:00
Jeff Mitchell 5c9bd9adcb changelog++ 2016-09-21 13:50:07 -04:00
Jeff Mitchell 676e7e0f07 Ensure upgrades have a valid HMAC key 2016-09-21 11:10:57 -04:00
Jeff Mitchell 0ff76e16d2 Transit and audit enhancements 2016-09-21 10:49:26 -04:00
Jeff Mitchell 982f151722 Update docs to reflect that there is more than one constraint for EC2 now 2016-09-20 16:11:32 -04:00
Jeff Mitchell bbe87db913 Force tls_disable on scada connection inside outer TLS connection as it's not currently supported anyways 2016-09-20 14:56:16 -04:00
Chris Hoffman 5c241d31e7 Renaming ttl_max -> max_ttl in mssql backend (#1905) 2016-09-20 12:39:02 -04:00
Carlo Cabanilla f6239cf0c0 fix shell quoting (#1904)
$() doesnt get evaluated in single quotes, so you need to break out of it first
2016-09-19 17:11:16 -04:00
Jeff Mitchell 27782238a1 changelog++ 2016-09-19 13:03:03 -04:00
Jeff Mitchell 69c4452344 Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2016-09-19 13:02:30 -04:00
Jeff Mitchell f3ab4971a6 Follow Vault convention on DELETE being idempotent (#1903)
* Follow Vault convention on `DELETE` being idempotent with
audit/auth/mounts deletes (a.k.a. disabling/unmounting).
2016-09-19 13:02:25 -04:00
Jeff Mitchell 7f3041d6a5 Fix formatting 2016-09-19 13:00:50 -04:00
Jeff Mitchell 6e40d606d4 Bump to newer middleman-hashicorp 2016-09-19 12:42:35 -04:00
Jeff Mitchell 85c51fd861 Update website docs to indicate sudo being required for auth/audit
endpoints.
2016-09-19 12:10:08 -04:00
Vishal Nayak 97dc0e9f64 Merge pull request #1897 from hashicorp/secret-id-accessor-locks
Safely manipulate secret id accessors
2016-09-19 11:37:38 -04:00
Jeff Mitchell 86c83c3a98 changelog++ 2016-09-19 09:41:01 -04:00
vishalnayak fefd3a6c0b s/GetOctalFormatted/GetHexFormatted 2016-09-16 17:47:15 -04:00
Jeff Mitchell f7b3937c77 Fix website display of tune paths 2016-09-16 12:03:50 -04:00
Jeff Mitchell 897d3c6d2c Rename GetOctalFormatted and add serial number to ParsedCertBundle. Basically a noop. 2016-09-16 11:05:43 -04:00
vishalnayak 271ab5a4bd changelog++ 2016-09-16 10:59:59 -04:00
Vishal Nayak 47a9c45189 Merge pull request #1899 from hashicorp/format-yml
Add yml alias for yaml
2016-09-16 10:56:01 -04:00
vishalnayak e123f33a91 Add yml alias for yaml 2016-09-16 10:43:23 -04:00
vishalnayak ba72e7887a Safely manipulate secret id accessors 2016-09-15 18:13:50 -04:00
Vishal Nayak 61664bc653 Merge pull request #1886 from hashicorp/approle-upgrade-notes
upgrade notes entry for approle constraint and warning on role read
2016-09-15 12:14:01 -04:00
vishalnayak 5597156886 check for nil role 2016-09-15 12:10:40 -04:00
Vishal Nayak 4f33e8d713 Merge pull request #1892 from hashicorp/role-tag-defaults
Specify that role tags are not tied to an instance by default
2016-09-15 12:04:41 -04:00
vishalnayak 6a0f788dee changelog++ 2016-09-15 12:03:48 -04:00
Vishal Nayak 464f479ff0 Merge pull request #1889 from hashicorp/configurable-nonce
aws-ec2: generate the client nonce by default during first login attempt
2016-09-15 11:49:38 -04:00
vishalnayak 92986bb2a0 Address review feedback 2016-09-15 11:41:52 -04:00
vishalnayak a1de742dce s/disableReauthenticationNonce/reauthentication-disabled-nonce 2016-09-15 11:29:02 -04:00
vishalnayak 9bca127631 Updated docs with nonce usage 2016-09-14 19:31:09 -04:00
vishalnayak 857f921d76 Added comment 2016-09-14 18:27:35 -04:00
vishalnayak 39796e8801 Disable reauthentication if nonce is explicitly set to empty 2016-09-14 17:58:00 -04:00
vishalnayak 2639ca4d4f Address review feedback 2016-09-14 16:06:38 -04:00
James Pearson Hughes f598c78d98 DynamoDB: fix log typo (#1891) 2016-09-14 15:16:24 -04:00
vishalnayak dcddaa8094 Address review feedback 2016-09-14 15:13:54 -04:00
Jeff Mitchell bd4584c346 Make bootstrap use -u to ensure up-to-date versions of tools, as that's
what we build with.

Fixes #1890
2016-09-14 15:10:02 -04:00
vishalnayak d5cc763b8d Clarify that tags can be used on all instances that satisfies constraints 2016-09-14 14:55:09 -04:00
vishalnayak 03fc7b517f Specify that role tags are not tied to an instance by default 2016-09-14 14:49:18 -04:00
vishalnayak d0e4d77fce address review feedback 2016-09-14 14:28:02 -04:00
vishalnayak d7ce69c5eb Remove the client nonce being empty check 2016-09-14 14:28:02 -04:00
vishalnayak 53c919b1d0 Generate the nonce by default 2016-09-14 14:28:02 -04:00
Vishal Nayak eece4e047b Merge pull request #1887 from hashicorp/ec2-nonce-constant-compare
Use constant time comparisons for client nonce
2016-09-14 12:40:17 -04:00
vishalnayak 455a4ae055 address review feedback 2016-09-14 12:08:35 -04:00
vishalnayak b1392567d1 Use constant time comparisons for client nonce 2016-09-13 20:12:43 -04:00
Jeff Mitchell 74a0bfadb8 changelog++ 2016-09-13 18:42:56 -04:00