Jeff Mitchell
59fc5d0f8d
Merge pull request #964 from hashicorp/patched-1.5.3
...
Add a Dockerfile to build 1.5.3 with patches.
2016-01-23 20:11:02 -05:00
Jeff Mitchell
b2ab68f814
Add a Dockerfile to build 1.5.3 with patches.
...
Specifically this pulls in the following:
https://go-review.googlesource.com/12717
https://go-review.googlesource.com/17247
These fix bugs users have encountered -- the first with the PKI backend,
and the second with Vault generally, as it can bite any use of a
certificate within Vault (listener, cert credential backend, pki
backend).
These are in 1.6, but it will probably be released too late for us given
what is currently known about their release plans and our known
deadline. This lets us build our releases against a patched 1.5.3.
2016-01-23 14:50:23 -05:00
Jeff Mitchell
0c2829d2a2
changelog++
2016-01-23 14:46:20 -05:00
Jeff Mitchell
abd9fe1b73
Merge pull request #961 from rajanadar/patch-3
...
fixed login link,request params,add json response
2016-01-23 14:45:27 -05:00
Jeff Mitchell
e772a3e695
Merge pull request #963 from hashicorp/fail-unsup-path
...
If the path is not correct, don't fail due to existence check, fail d…
2016-01-23 14:05:32 -05:00
Jeff Mitchell
8b9fa042fe
If the path is not correct, don't fail due to existence check, fail due to unsupported path
2016-01-23 14:05:09 -05:00
Raja Nadar
d3434f8f03
clarify default mountpoint
2016-01-23 11:02:00 -08:00
Jeff Mitchell
e9f067f8e0
Merge pull request #960 from rajanadar/patch-2
...
mention that this is an unauthenticated endpoint
2016-01-23 10:24:16 -05:00
Jeff Mitchell
3b7a533b5a
Fix test on 1.6 by comparing to nil instead of a nil-defined map
2016-01-22 21:26:06 -05:00
Jeff Mitchell
c7c8dc3f5b
changelog++
2016-01-22 21:24:25 -05:00
Jeff Mitchell
0003eb8506
Merge pull request #954 from hashicorp/backend-tainted-view
...
Allow backends to see taint status.
2016-01-22 21:23:12 -05:00
Raja Nadar
9b82736b9a
fixed login link,request params,add json response
...
1. fix login link
2. added personal access token to request message
3. added a sample json response
2016-01-22 17:38:32 -08:00
Raja Nadar
b0f33d4d19
mention that this is an unauthenticated endpoint
2016-01-22 17:10:16 -08:00
Jeff Mitchell
cd4811e630
Merge pull request #957 from rajanadar/patch-1
...
update sys-init.html.md
2016-01-22 19:57:20 -05:00
Raja Nadar
dac5997e14
update sys-init.html.md
...
change response field from 'initialize' to 'initialized'
2016-01-22 16:45:59 -08:00
Jeff Mitchell
12c00b97ef
Allow backends to see taint status.
...
This can be seen via System(). In the PKI backend, if the CA is
reconfigured but not fully (e.g. an intermediate CSR is generated but no
corresponding cert set) and there are already leases (issued certs), the
CRL is unable to be built. As a result revocation fails. But in this
case we don't actually need revocation to be successful since the CRL is
useless after unmounting. By checking taint status we know if we can
simply fast-path out of revocation with a success in this case.
Fixes #946
2016-01-22 17:01:22 -05:00
Jeff Mitchell
d663c46757
changelog++
2016-01-22 13:09:21 -05:00
Jeff Mitchell
30732274b1
Merge pull request #953 from hashicorp/init-check
...
Add -check flag to init.
2016-01-22 13:08:31 -05:00
Jeff Mitchell
d95adc731a
Add -check flag to init.
...
Fixes #949
2016-01-22 13:06:40 -05:00
Jeff Mitchell
babecad8ac
changelog++
2016-01-22 10:22:43 -05:00
Jeff Mitchell
757250ac14
Merge pull request #617 from hashicorp/f-passthrough-list
...
Basic list support
2016-01-22 10:15:08 -05:00
Jeff Mitchell
9cac7ccd0f
Add some commenting
2016-01-22 10:13:49 -05:00
Jeff Mitchell
7b2407093b
0.7 -> 1.0
2016-01-22 10:07:32 -05:00
Jeff Mitchell
3955604d3e
Address more list feedback
2016-01-22 10:07:32 -05:00
Jeff Mitchell
7d1d003ba0
Update documentation and use ParseBool for list query param checking
2016-01-22 10:07:32 -05:00
Jeff Mitchell
eb847f4e36
Error out if trying to write to a directory path
2016-01-22 10:07:32 -05:00
Jeff Mitchell
8069fa7972
Address some listing review feedback
2016-01-22 10:07:32 -05:00
Jeff Mitchell
be1b4c8a46
Only allow listing on folders and enforce this. Also remove string sorting from Consul backend as it's not a requirement and other backends don't do it.
2016-01-22 10:07:32 -05:00
Jeff Mitchell
e412ac8461
Remove bare option, prevent writes ending in slash, and return an exact file match as "."
2016-01-22 10:07:32 -05:00
Jeff Mitchell
455931873a
Address some review feedback
2016-01-22 10:07:32 -05:00
Jeff Mitchell
5341cb69cc
Updates and documentation
2016-01-22 10:07:32 -05:00
Jeff Mitchell
d17c3f4407
Fix body closing in List method
2016-01-22 10:07:32 -05:00
Jeff Mitchell
10c307763e
Add list capability, which will work with the generic and cubbyhole
...
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
2016-01-22 10:07:32 -05:00
Jeff Mitchell
9042315973
Add handling of LIST verb to logical router
2016-01-22 10:07:32 -05:00
Jeff Mitchell
d621d7ebe7
Add C# library and do some reorg on the library page
2016-01-22 10:03:02 -05:00
Jeff Mitchell
19e7266406
changelog++
2016-01-21 16:30:50 -05:00
Jeff Mitchell
fd52d8a975
Update godeps to include STS stuff in AWS and others
2016-01-21 16:27:36 -05:00
Jeff Mitchell
6d24a8c6ff
Merge pull request #927 from urq/feature-sts
...
Adding STS to the aws backend
2016-01-21 15:43:39 -05:00
Dmitriy Gromov
70ef2e3398
STS now uses root vault user for keys
...
The secretAccessKeysRevoke revoke function now asserts that it is
not dealing with STS keys by checking a new internal data flag. Defaults
to IAM when the flag is not found.
Factored out genUsername into its own function to share between STS and
IAM secret creation functions.
Fixed bad call to "WriteOperation" instead of "UpdateOperation" in
aws/backend_test
2016-01-21 15:04:16 -05:00
Dmitriy Gromov
4abca91d66
Renamed sts duration to ttl and added STS permissions note.
2016-01-21 14:28:34 -05:00
Dmitriy Gromov
0b5e35c8cd
documenting the new aws/sts endpoint
2016-01-21 14:05:10 -05:00
Dmitriy Gromov
f251b13aaa
Removing debug print statement from sts code
2016-01-21 14:05:10 -05:00
Dmitriy Gromov
1cf8153dfd
Fixed duration type and added acceptance test for sts
2016-01-21 14:05:10 -05:00
Dmitriy Gromov
71afb7cff0
Configurable sts duration
2016-01-21 14:05:09 -05:00
Jack DeLoach
8fecccde21
Add STS path to AWS backend.
...
The new STS path allows for obtaining the same credentials that you would get
from the AWS "creds" path, except it will also provide a security token, and
will not have an annoyingly long propagation time before returning to the user.
2016-01-21 14:05:09 -05:00
Jeff Mitchell
0f0949ab06
Merge pull request #895 from nickithewatt/aws-prexisting-policies
...
Allow use of pre-existing policies for AWS users
2016-01-21 13:23:37 -05:00
Jeff Mitchell
b2d2bb9545
Add generate-root info to changelog
2016-01-21 12:37:26 -05:00
Jeff Mitchell
9d032f46fd
Merge pull request #915 from hashicorp/generate-root
...
Add the ability to generate root tokens via unseal keys.
2016-01-21 12:31:37 -05:00
Jeff Mitchell
9adfdfd6e7
Add -decode flag verification
2016-01-21 12:18:57 -05:00
Jeff Mitchell
b2bde47b01
Pull out setting the root token ID; use the new ParseUUID method in
...
go-uuid instead, and revoke if there is an error.
2016-01-19 19:44:33 -05:00