Commit graph

6309 commits

Author SHA1 Message Date
Jeff Mitchell 45fd7dad60 Add note about ed25519 hashing to docs and path help.
Fixes #3074
Closes #3076
2017-07-28 09:30:27 -04:00
Chris Hoffman e67d165185 changelog++ 2017-07-28 07:25:12 -04:00
Chris Hoffman ef8add724b changelog++ 2017-07-28 07:23:57 -04:00
Chris Hoffman d375f231d5 initialize the metadata map to fix panic (#3075) 2017-07-28 07:18:26 -04:00
Chris Hoffman 94ed9bf7e7 Merge pull request #3072 from hashicorp/req-forwarding-recover
Recover from panics during request forwarding
2017-07-27 21:55:41 -04:00
Chris Hoffman d404dfc494 fixing recovery from x/golang/crypto panics 2017-07-27 21:00:31 -04:00
Jeff Mitchell 1770191e1b Try to fix travis timing out errors 2017-07-27 12:35:45 -04:00
Vishal Nayak f6b03e8b1b Adding logical/identity.go to OSS (#3054) 2017-07-27 11:56:32 -04:00
Jeff Mitchell 935b6d7b5c Fix error message formatting and response body 2017-07-27 11:44:56 -04:00
Jeff Mitchell 0a2ac3160d Recover during a request forward.
gRPC doesn't have a handler for recovering from a panic like a normal
HTTP request so a panic will actually kill Vault's listener. This
basically copies the net/http logic for managing this.

The SSH-specific logic is removed here as the underlying issue is caused
by the request forwarding mechanism.
2017-07-27 11:44:56 -04:00
Chris Hoffman a3b5e18da0 adding filtered mount docs (#3059) 2017-07-27 09:28:52 -04:00
Jeff Mitchell 8519b3e8ed Make logical.InmemStorage standalone (#3066) 2017-07-26 17:59:14 -04:00
Xiang Li d61a47a01c physical: format fixes (#3062) 2017-07-26 17:51:58 -04:00
Brian Kassouf 1a3b6facf0 Add docs for DR Replication (#3067)
* Add docs for DR Replication

* Fix up docs
2017-07-26 13:47:41 -07:00
Jonathan Duncan 8e9f54fc70 Updated policy format to use capabilities keyword (#3063)
The `policy` key name is deprecated and has been replaced with `capabilities`.
2017-07-26 14:05:11 -04:00
Calvin Leung Huang 40c1c93937 Fix gob register issue when using tls certs on plugins (#3060) 2017-07-26 13:44:07 -04:00
Jeff Mitchell ba9bd5a2c7 Bump timeout in testrace to match that of test to stop Travis errorring. 2017-07-26 13:03:04 -04:00
Lars Lehtonen 72ee5e573c Handle dropped checkok pattern in postgresql package (#3046) 2017-07-26 12:28:02 -04:00
James Phillips 0ab5b0e26b Fixes a typo in the VSI doc. (#3047) 2017-07-26 12:18:52 -04:00
Lars Lehtonen b851d88d68 fix swallowed error in vault package. (#2993) 2017-07-26 12:15:54 -04:00
Xiang Li 7c761b8414 physical: add default timeout for etcd3 requests (#3053) 2017-07-26 12:10:12 -04:00
Jeremy Voorhis 87d4014b6b s/alterate/alternate/ (#3056) 2017-07-26 11:44:06 -04:00
Vishal Nayak a80d7fb9c8 docs: Identity Store (#3055) 2017-07-25 18:33:17 -04:00
Jeff Mitchell 867cbcf965
Cut version 0.8.0-beta1 2017-07-25 17:44:33 -04:00
Calvin Leung Huang c00741d587 Do not send storage on HandleRequest and HandleExistenceCheck on plugins 2017-07-25 16:57:26 -04:00
Jeff Mitchell c18a4faeff Update dockerfile to use debian stable 2017-07-25 16:44:31 -04:00
Jeff Mitchell 87bc982256 Sirupsen->sirupsen 2017-07-25 15:49:10 -04:00
Jeff Mitchell c7e6410c75 Remove uppercase Sirupsen logrus dep 2017-07-25 15:36:14 -04:00
Jeff Mitchell c46d6f1d93 Update version and changelog for 0.8 beta 2017-07-25 15:21:35 -04:00
Chris Hoffman 5fc402ce86 changelog++ 2017-07-25 13:25:21 -04:00
Chris Hoffman b89114b011 root protect /sys/revoke-force/* (#2876) 2017-07-25 11:59:43 -04:00
Chris Hoffman 5cb87e26ef moving client calls to new endpoint (#2867) 2017-07-25 11:58:33 -04:00
Chris Hoffman 62a97ff232 changelog++ 2017-07-23 09:01:34 -04:00
Chris Hoffman 2aa02fb3f0 CockroachDB Physical Backend (#2713) 2017-07-23 08:54:33 -04:00
Calvin Leung Huang 43736b9b19 changelog++ 2017-07-20 14:18:52 -04:00
Calvin Leung Huang c14e7cb8f6 changelog++ 2017-07-20 14:17:00 -04:00
Calvin Leung Huang bb54e9c131 Backend plugin system (#2874)
* Add backend plugin changes

* Fix totp backend plugin tests

* Fix logical/plugin InvalidateKey test

* Fix plugin catalog CRUD test, fix NoopBackend

* Clean up commented code block

* Fix system backend mount test

* Set plugin_name to omitempty, fix handleMountTable config parsing

* Clean up comments, keep shim connections alive until cleanup

* Include pluginClient, disallow LookupPlugin call from within a plugin

* Add wrapper around backendPluginClient for proper cleanup

* Add logger shim tests

* Add logger, storage, and system shim tests

* Use pointer receivers for system view shim

* Use plugin name if no path is provided on mount

* Enable plugins for auth backends

* Add backend type attribute, move builtin/plugin/package

* Fix merge conflict

* Fix missing plugin name in mount config

* Add integration tests on enabling auth backend plugins

* Remove dependency cycle on mock-plugin

* Add passthrough backend plugin, use logical.BackendType to determine lease generation

* Remove vault package dependency on passthrough package

* Add basic impl test for passthrough plugin

* Incorporate feedback; set b.backend after shims creation on backendPluginServer

* Fix totp plugin test

* Add plugin backends docs

* Fix tests

* Fix builtin/plugin tests

* Remove flatten from PluginRunner fields

* Move mock plugin to logical/plugin, remove totp and passthrough plugins

* Move pluginMap into newPluginClient

* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck

* Change shim logger's Fatal to no-op

* Change BackendType to uint32, match UX backend types

* Change framework.Backend Setup signature

* Add Setup func to logical.Backend interface

* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments

* Remove commented var in plugin package

* RegisterLicense on logical.Backend interface (#3017)

* Add RegisterLicense to logical.Backend interface

* Update RegisterLicense to use callback func on framework.Backend

* Refactor framework.Backend.RegisterLicense

* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs

* plugin: Revert BackendType to remove TypePassthrough and related references

* Fix typo in plugin backends docs
2017-07-20 13:28:40 -04:00
Jeff Mitchell 64f9edc5b0 changelog++ 2017-07-18 15:16:14 -04:00
Brian Kassouf b04e0a7a2a Dynamically load and invalidate the token store salt (#3021)
* Dynaically load and invalidate the token store salt

* Pass salt function into the router
2017-07-18 09:02:03 -07:00
Jeff Mitchell e553fe0d99 Bump deps 2017-07-18 10:15:54 -04:00
Joel Thompson 3704751a8f Improve sts header parsing (#3013) 2017-07-18 09:51:45 -04:00
Jeff Mitchell 86fad990da changelog++ 2017-07-18 09:49:48 -04:00
Gobin Sougrakpam 2ddbc4a939 Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 09:48:31 -04:00
Joel Thompson 53003a5e66 Let AWS auth CLI helper only generate login data (#3015)
* Let AWS auth CLI helper only generate login data

This will be useful to other golang clients so they can manage the login
process themselves.

Also helps for #2855

* Respond to PR feedback
2017-07-18 08:34:48 -04:00
vishalnayak 22bb35b020 doc fix 2017-07-18 04:55:00 -04:00
Chris Hoffman 52a5d1a8e7 fixing Validate() for field data on TypeNameString (#3030) 2017-07-17 13:44:47 -07:00
Calvin Leung Huang 85e82a5070 changelog++ 2017-07-17 15:03:04 -04:00
Calvin Leung Huang c93baed5fe Enforce alphanumeric requirement in RandomAlphaNumeric (#3010)
* Enforce alphanumeric requirement in RandomAlphaNumeric

* credsutil: Update comments and tests from feedback
2017-07-17 14:51:27 -04:00
Chris Hoffman b1b17cc387 Add field type TypeNameString (#3028) 2017-07-17 11:39:58 -07:00
Andy Manoske d82f231753 Update configuration.html.md (#3029) 2017-07-17 14:37:32 -04:00