Commit graph

2075 commits

Author SHA1 Message Date
Jeff Mitchell 7f44a1b812 Add configuration parameter for max parallel connections to Consul 2015-11-03 15:26:07 -05:00
Jeff Mitchell 1b83eefd97 Address review feedback 2015-11-03 14:48:05 -05:00
Jeff Mitchell bf2e553785 Add a PermitPool to physical and consul/inmem
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.

Fixes #677
2015-11-03 11:49:20 -05:00
Jeff Mitchell 62eef4e711 Merge pull request #744 from hashicorp/issue-733
Run preSeal if postUnseal fails.
2015-11-03 10:50:23 -05:00
Jeff Mitchell 6f6646fc24 Update deps 2015-11-02 13:43:12 -05:00
Jeff Mitchell a9db12670a errwrap -> go-multierror + errwrap 2015-11-02 13:29:33 -05:00
Jeff Mitchell 7e9918ec8e Run preSeal if postUnseal fails.
This also ensures that every error path out of postUnseal returns an
error.

Fixes #733
2015-11-02 13:29:33 -05:00
Jeff Mitchell 4c9d6c7624 Merge pull request #741 from hashicorp/sethvargo/update_deps
Update deps
2015-11-02 12:21:36 -05:00
Seth Vargo 658bc0634a Fix breaking API changes 2015-10-30 18:22:48 -04:00
Seth Vargo 3e15a1f056 Update deps 2015-10-30 18:07:00 -04:00
Jeff Mitchell af37736a38 Merge pull request #740 from hashicorp/issue-739
Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
2015-10-30 17:28:18 -04:00
Jeff Mitchell 195caa6bf6 Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
Fixes #739
2015-10-30 17:27:33 -04:00
Jeff Mitchell 80705b7963 If we fail to open a file path, show which it is in the error output 2015-10-30 14:30:21 -04:00
Jeff Mitchell 1899bd8ef0 Merge pull request #730 from hashicorp/issue-713
Write HMAC-SHA256'd client token to audited requests
2015-10-30 13:36:22 -04:00
Jeff Mitchell ffa196da0e Note that the dev server does not fork
Fixes #710.
2015-10-30 12:47:56 -04:00
Jeff Mitchell 64eacd1564 Merge pull request #737 from hashicorp/issue-615
Return data on a token with one use left if there is no Lease ID
2015-10-30 12:42:19 -04:00
Jeff Mitchell a0c5a24c79 Update Postgres tests and changelogify 2015-10-30 12:41:45 -04:00
Jeff Mitchell 94b7be702b Return data on a token with one use left if there is no Lease ID
Fixes #615
2015-10-30 12:35:42 -04:00
Jeff Mitchell bd17b74456 Merge pull request #736 from hashicorp/issue-699
Revoke permissions before dropping user in postgresql.
2015-10-30 12:01:03 -04:00
Jeff Mitchell 2d8e3b35f2 Revoke permissions before dropping user in postgresql.
Currently permissions are not revoked, which can lead revocation to not
actually work properly. This attempts to revoke all permissions and only
then drop the role.

Fixes issue #699
2015-10-30 11:58:52 -04:00
Jeff Mitchell 24f1da837e Merge pull request #735 from hashicorp/unexport-create-roottoken
Make the token store's Create and RootToken functions non-exported.
2015-10-30 11:04:29 -04:00
Jeff Mitchell 636d57a026 Make the token store's Create and RootToken functions non-exported.
Nothing requires them to be exported, and I don't want anything in the
future to think it's okay to simply create a root token when it likes.
2015-10-30 10:59:26 -04:00
Jeff Mitchell 541312ebee Merge pull request #731 from hashicorp/sethvargo/trail
Force a trailing slash
2015-10-29 16:22:52 -04:00
Seth Vargo f83eba4666 Force a trailing slash 2015-10-29 16:21:39 -04:00
Jeff Mitchell cf4b88c196 Write HMAC-SHA256'd client token to audited requests
Fixes #713
2015-10-29 13:26:18 -04:00
Jeff Mitchell 528e859c4b Fix wording 2015-10-29 12:58:29 -04:00
Jeff Mitchell b30705479e Merge pull request #729 from hashicorp/issue-697
Documentation update around path/key name encryption.
2015-10-29 11:22:50 -04:00
Jeff Mitchell e2d4a5fe0f Documentation update around path/key name encryption.
Make it clear that path/key names in generic are not encrypted.

Fixes #697
2015-10-29 11:21:40 -04:00
Jeff Mitchell 6198f5d08b Merge pull request #728 from hashicorp/issue-718
Check TTL provided to generic backend on write
2015-10-29 11:06:30 -04:00
Jeff Mitchell 85d4dd6a1d Check TTL provided to generic backend on write
If existing entries have unparseable TTLs, return the value plus a
warning, rather than an error.

Fixes #718
2015-10-29 11:05:21 -04:00
Jeff Mitchell 59cb8003a1 Merge pull request #725 from hashicorp/add-reset-for-unseal
Add reset support to the unseal command.
2015-10-28 16:05:58 -04:00
Jeff Mitchell c1d8b97342 Add reset support to the unseal command.
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell 7b25204a19 Fix cache disabling 2015-10-28 13:05:56 -04:00
Jeff Mitchell 57290b6d92 Minor format fix in environment documentation 2015-10-28 09:56:28 -04:00
Seth Vargo b057645d73 Use vendored fastly logo 2015-10-26 12:13:03 -04:00
Jeff Mitchell 4465a2e4ea Merge pull request #719 from hashicorp/sethvargo/releases
Use releases for releases
2015-10-26 09:43:00 -04:00
Seth Vargo a710a80252 Use releases for releases 2015-10-26 00:06:17 -04:00
Jeff Mitchell 4c52b41374 Merge pull request #717 from jantman/patch-1
add GitHub Enterprise base_url to docs
2015-10-23 09:39:54 -04:00
Jason Antman c7ff26b650 add documentation for GitHub Auth Backend 'ttl' and 'max_ttl' parameters 2015-10-23 09:30:48 -04:00
Jason Antman b27e80d090 add GitHub Enterprise base_url to docs
In https://github.com/hashicorp/vault/issues/716 @jefferai confirmed that the GitHub Auth Backend supports GitHub enterprise using an undocumented ``base_url`` parameter. This adds that parameter to the relevant documentation page.
2015-10-23 09:18:07 -04:00
Jeff Mitchell 9026b5c127 Update changelog 2015-10-23 09:18:03 -04:00
Jeff Mitchell 11f038f4a3 Merge pull request #715 from voutasaurus/master
Resolves issue 704 (Windows VAULT_ADDR env var)
2015-10-23 09:17:10 -04:00
Jeff Mitchell be255ad46c Bump Godeps 2015-10-23 09:14:09 -04:00
voutasaurus dcca05874c Merge branch 'master' of https://github.com/hashicorp/vault 2015-10-23 00:41:55 -07:00
Jeff Mitchell 3dd27c3900 Merge pull request #711 from boonedox/bugfix/first-secret-typo
fix typo in first-secret.html.md
2015-10-22 15:01:27 -04:00
Jeff Mitchell 22c65c0c07 Use cleanhttp instead of bare http.Client 2015-10-22 14:37:12 -04:00
Jeremiah Johnson d4a8c08feb fix typo in first-secret.html.md 2015-10-22 12:04:22 -06:00
Jeff Mitchell 0168ce491b Update token documentation to better explain token durations 2015-10-22 13:02:37 -04:00
voutasaurus 1da78942e8 Modifies documentation in output of vault server -dev
Environment variable setting is different in windows
2015-10-22 00:48:46 -07:00
Jeff Mitchell 189b72c3ba Document the renew-self call 2015-10-21 10:53:20 -04:00