Austin Gebauer
7aba2ada56
Update oracle cloud infrastructure auth plugin to v0.5.5 ( #9210 )
2020-06-15 10:11:20 -07:00
Michael Golowka
a89f09802d
Integrate password policies into RabbitMQ secret engine ( #9143 )
...
* Add password policies to RabbitMQ & update docs
* Also updates some parts of the password policies to aid/fix testing
2020-06-11 16:08:20 -06:00
Brian Kassouf
3b4ba9d1fb
Upgrade raft library ( #9170 )
...
* Upgrade raft library
* Update vendor
* Update physical/raft/snapshot_test.go
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
* Update physical/raft/snapshot_test.go
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-06-08 16:34:20 -07:00
Michael Golowka
b52950f884
Add user configurable password policies available to secret engines ( #8637 )
...
* Add random string generator with rules engine
This adds a random string generation library that validates random
strings against a set of rules. The library is designed for use as generating
passwords, but can be used to generate any random strings.
2020-05-27 12:28:00 -06:00
Josh Black
6e92c8cbd2
Add a new "vault monitor" command ( #8477 )
...
Add a new "vault monitor" command
Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2020-05-21 13:07:50 -07:00
Jeff Mitchell
623d58deaf
Bump api/sdk
2020-05-19 18:19:12 -04:00
Brian Kassouf
1bb0bd489d
storage/raft: Add committed and applied indexes to the status output ( #9011 )
...
* storage/raft: Add committed and applied indexes to the status output
* Update api vendor
* changelog++
* Update http/sys_leader.go
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-05-18 16:07:27 -07:00
Jeff Mitchell
b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd ( #8996 )
2020-05-14 18:45:10 -04:00
Vishal Nayak
934186ba82
Vendor update
2020-05-12 18:05:47 -04:00
Calvin Leung Huang
e7af25b969
raft: use file paths for TLS info in the retry_join block ( #8894 )
...
* raft: use file paths for TLS info in the retry_join stanza
* raft: maintain backward compat for existing tls params
* docs: update raft docs with new file-based TLS params
* Update godoc comment, fix docs
2020-05-06 18:26:08 -07:00
Vladimir Dimitrov
34f01920e9
Added plugin reload function to api ( #8777 )
...
* Added plugin reload function to api
* Apply suggestions from code review
Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>
* go mod vendor
* addressing comments
* addressing comments
* add docs
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-05-04 11:14:23 -07:00
ncabatoff
55609f1d38
Ensure that the .vault-token file writen by vault login
always has the correct permissions and ownership. ( #8867 )
2020-04-27 19:55:13 -04:00
Becca Petrin
3b420b0735
Add helper for aliasmetadata and add to AWS auth ( #8783 )
...
* add aliasmetadata sdk helper and add to aws auth
* split into ec2_metadata and iam_metadata fields
* fix tests
* strip pointer
* add test of default metadata
* more test <3
* switch from interface to custom marshallers
* add tests for marshalling
* store nil when selected fields are default
* separate loop into pieces
* separate acc test into multiple
* Update builtin/credential/aws/path_login.go
Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
* changes from feedback
* update aws test
* refactor to also populate auth metadata
* update how jsonification is tested
* only add populated metadata values
* add auth_type to ec2 logins
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-04-27 10:06:07 -07:00
Jim Kalafut
b7fc72d5ec
Update go.mod and vendoring ( #8752 )
...
This primarily ports updates made during the 1.4 release to master.
2020-04-16 12:07:07 -07:00
Jim Kalafut
5c4796bb55
Update MongoDB Atlas secrets plugin ( #8669 )
2020-04-03 15:47:17 -07:00
Michel Vocks
b216d75938
Fix outdated comment about logical request path ( #8653 )
2020-04-02 08:53:16 +02:00
ncabatoff
c9ff95ec70
Update to go-metrics 1.3.3 for Prometheus performance improvements. ( #8507 )
2020-03-09 09:54:55 -04:00
Jorge Heleno
a9e864f5e3
Add LDAP anonymous group search and client certs ( #8365 )
2020-03-06 10:27:09 -08:00
Brian Kassouf
d4f72f792f
go mod vendor
2020-02-20 10:15:11 -08:00
Sam Salisbury
b929348a31
go mod vendor
2020-02-20 09:16:19 +00:00
ncabatoff
e5721310ac
Add persistent feature flags to be used on enterprise non-primaries. ( #8391 )
2020-02-19 18:06:53 -05:00
JulesRenz
c54c8c92bd
RSA3072 implementation in transit secrets engine ( #8151 )
...
* RSA3072 implementation in transit secrets engine
* moved new KeyType at the end of the list
So already stored keys still work properly
Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-15 14:40:50 -08:00
Jeff Mitchell
844b2c3a5d
Bump API/SDK and adapt to move from SDK stuff
2020-02-15 14:58:05 -05:00
Brian Kassouf
157f8887f8
go mod vendor
2020-02-15 11:40:53 -08:00
Brian Kassouf
e2da4529c2
go mod vendor
2020-02-14 16:40:05 -08:00
Jeff Mitchell
38679f4baa
Update vendoring
2020-02-14 17:55:06 -05:00
Becca Petrin
5f19ff828c
update kerberos dependency ( #8353 )
2020-02-14 11:13:28 -08:00
Michel Vocks
985acc4ce5
Fix ldap client upndomain ( #8333 )
2020-02-14 10:26:30 -08:00
Becca Petrin
5a01a5af0f
Add Kubernetes service registration ( #8249 )
2020-02-13 09:56:29 -08:00
Jeff Malnick
27ad920399
Add redshift database plugin ( #8299 )
...
* feat: add redshift database plugin
* build: update vendored libraries
* docs: add reference doc for redshift variant of the database secrets engine
* feat: set middlewear type name for better metrics naming (#8346 )
Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 09:42:30 -08:00
Michel Vocks
f695eb737b
Add Consul TLS options to access API endpoint ( #8253 )
2020-01-29 09:44:35 +01:00
Michel Vocks
90f1d3813d
Fix redoing redirect response raft snapshot cli ( #8211 )
...
* Fix redoing redirect response raft snapshot cli
* Removed unnecessary lines of code
* go mod vendor
2020-01-27 11:25:52 +01:00
Becca Petrin
759f9b38f7
Observer pattern for service registration interface ( #8123 )
...
* use observer pattern for service discovery
* update perf standby method
* fix test
* revert usersTags to being called serviceTags
* use previous consul code
* vault isnt a performance standby before starting
* log err
* changes from feedback
* add Run method to interface
* changes from feedback
* fix core test
* update example
2020-01-24 09:42:03 -08:00
Jeff Mitchell
1ba3b87eab
Bump sdk
2020-01-23 14:25:35 -05:00
Jeff Mitchell
ef44e226a9
Bump sdk and go-hclog and vendor
2020-01-23 14:12:19 -05:00
Jeff Mitchell
3956072c93
Update test var name and tidy
2020-01-16 20:18:59 -05:00
Jeff Mitchell
78a1d51a3a
Update vendoring
2020-01-10 20:50:36 -05:00
Jeff Mitchell
a0694943cc
Migrate built in auto seal to go-kms-wrapping ( #8118 )
2020-01-10 20:39:52 -05:00
Becca Petrin
c2894b8d05
Add Kerberos auth agent ( #7999 )
...
* add kerberos auth agent
* strip old comment
* changes from feedback
* strip appengine indirect dependency
2020-01-09 14:56:34 -08:00
Jim Kalafut
aa1761fb03
Update framework forwarding logic to handle nil system views ( #8114 )
2020-01-08 05:59:44 -08:00
Jim Kalafut
2d859d83ea
Update vendoring ( #8111 )
2020-01-07 14:14:45 -08:00
Michel Vocks
d4d82cdd4a
Fix MySQL Plugin password special character escape bug ( #8040 )
...
* Fix MySQL password escape bug
* Add test
* Add debug output
* Add debug line
* Added debug output
* Debug
* Debug
* Update vendor
* Remove debug comments
2020-01-07 16:51:49 +01:00
Brian Kassouf
549faf47f2
Add identity templating helper to sdk/framework ( #8088 )
...
* Add identity templating helper to sdk/framework
* Cleanup a bit
* Fix length issue when groups/aliases are filtered due to ns
* review feedback
2020-01-06 10:16:52 -08:00
Jeff Mitchell
d873e7ba3c
Update master's sdk/api
2019-12-18 16:36:50 -05:00
Becca Petrin
a594371f75
vendor api client portmap updates ( #8042 )
2019-12-18 11:08:23 -08:00
Becca Petrin
3d7cdea66f
Avoid potential panic in LDAP client ( #8047 )
...
* fix potential panic
* add comment
* vendor the ldap update
* use localhost in test
2019-12-17 16:33:59 -08:00
ncabatoff
fde5e55ce9
Handle otherName SANs in CSRs ( #6163 )
...
If a CSR contains a SAN of type otherName, encoded in UTF-8, and the signing role specifies use_csr_sans, the otherName SAN will be included in the signed cert's SAN extension.
Allow single star in allowed_other_sans to match any OtherName. Update documentation to clarify globbing behaviour.
2019-12-11 10:16:44 -05:00
Calvin Leung Huang
7009dcc432
sdk/ldaputil: add request_timeout configuration option ( #7909 )
...
* sdk/ldaputil: add request_timeout configuration option
* go mod vendor
2019-11-20 11:26:13 -08:00
Brian Kassouf
29f12581a8
Update SDK
2019-11-11 19:41:52 -08:00
Jeff Mitchell
7b803e92a3
Update API/vendoring
2019-11-08 11:40:12 -05:00