81c66efd6d
AppRole/Identity: Fix for race when creating an entity during login ( #3932 )
...
* possible fix for race in approle login while creating entity
* Add a test that hits the login request concurrently
* address review comments
2018-02-09 10:40:56 -05:00
4739342fdb
Create audit failure metrics unconditionally ( #3937 )
2018-02-07 15:57:00 -05:00
1a8a843588
Change grpc's max sent/recv size to a very large value. ( #3912 )
2018-02-06 13:52:35 -05:00
642b88c76a
go vet fixes
2018-02-05 14:26:31 -05:00
05723e1229
Revert cluster.go change
2018-02-04 20:42:45 -05:00
f33563f667
Some vet fixes
2018-02-04 20:37:57 -05:00
fc6564e4ee
Don't run rollback and upgrade functionality if we are a replication secondary ( #3900 )
...
* Don't run rollback and upgrade functionality if we are a replication
secondary, but do if the mount is local.
2018-02-02 20:28:25 -05:00
676b302dbf
Add a sysview call to determine if a mount is local. ( #3899 )
...
This is useful for deciding when to run upgrade logic, e.g. if on a
performance secondary but local it's fine to run.
2018-02-02 18:17:12 -05:00
848ce6427b
Handle period's zero value in token store's token creation ( #3880 )
...
* Handle period's zero value on handleCreateCommon
* Add test for period zero value
2018-02-01 12:01:46 -05:00
60e2209532
Remove core restriction in cache and turn it into an active/standby restriction instead ( #3849 )
2018-01-25 22:21:51 -05:00
150ad8405b
Remove logical.Initialize() method ( #3848 )
...
* Remove logical.Initialize() method
* More cleanup
* Fix test
2018-01-25 20:19:27 -05:00
ad9da2e0b8
Fix intermittent panic by storing a reference to the grpc server ( #3842 )
...
* Fix intermittent panic by storing a reference to the grpc server and
using that to ensure it will never be nil.
* Just get rid of c.rpcServer
2018-01-24 20:23:08 -05:00
cf87cc54fc
Fix build
2018-01-22 21:45:22 -05:00
8e8675053b
Sync some bits over
2018-01-22 21:44:49 -05:00
7d6fed2e86
Use a separate var for active node replication state ( #3819 )
2018-01-19 19:24:04 -05:00
43617619ad
Embed derived contexts into replication clients
2018-01-19 07:22:31 -05:00
123e22cd7e
Fix compile
2018-01-19 05:31:55 -05:00
b4be030d07
Add context to barrier encryptor interface
2018-01-19 05:28:47 -05:00
31a7eb1168
Add context to barrier encryptor access
2018-01-19 05:24:40 -05:00
69aead14f0
A bit more context plumbing
2018-01-19 04:11:59 -05:00
33b68ebf3d
Remove context from a few extraneous places
2018-01-19 03:44:06 -05:00
6be5b8e8a1
Don't use context in barrier type/recovery type
2018-01-19 03:17:36 -05:00
0f7e3bb79b
Add context to performPolicyChecks
2018-01-19 02:43:39 -05:00
c97e73ce70
Don't check recovery seal in Initialized()
...
It doesn't actually matter and can give false positives.
2018-01-19 01:55:33 -05:00
2f19de0305
Add context to storage backends and wire it through a lot of places ( #3817 )
2018-01-19 01:44:44 -05:00
842a3a4a05
Remove RegisterLicense from logical.Backend
...
It's almost certainly the wrong signature and nothing uses it currently
anyways.
2018-01-18 13:44:29 -05:00
f59069c22f
Don't call LeaseExtend on login renewal paths when period is provided ( #3803 )
...
* Don't call LeaseExtend on login renewal paths when period is provided
* WIP tests
* NoopBackend accept backend ttl values
* Test period value on credentials backend
* Use t.Fatalf instead
* Remove mockCoreExpiration
* Add login renewal test for approle backend
* Add resp.Auth.Period check on aws and cert backend tests
* Pass in approle's period via role's period
* Correctly set period in valid-role's role
* Add period renewal test using TestCluster and approle backend
* Check for ttl values after renewals on test
2018-01-18 12:19:18 -05:00
cf895fc19a
Actually print out forwarded stacktrace
2018-01-18 11:40:59 -05:00
bffaf9b0c3
Remove vlogger, add log.Logger to PolicyStore struct ( #3813 )
2018-01-18 01:01:51 -05:00
5371b0489f
Rename var from last commit
2018-01-17 23:08:35 -05:00
307a177540
Make heartbeatInterval a package var to allow tests to modify it
2018-01-17 23:05:11 -05:00
a71c74aa3f
Add replication state to EchoReply ( #3810 )
2018-01-17 22:17:47 -05:00
e06cb595fc
Make the plugin catalog endpoint roundtrip so we can use terraform to manage them. ( #3778 )
2018-01-17 19:19:28 -05:00
88313f0398
Update replication state logic.
...
Fixes #3727
2018-01-16 13:51:55 -05:00
8ef51c0065
Delete group alias upon group deletion ( #3773 )
2018-01-11 10:58:05 -05:00
d8009bced1
Merge branch 'master-oss' into sethvargo/cli-magic
2018-01-10 11:15:49 -05:00
64da50c27c
Update plugin deps to include context changes ( #3765 )
...
* Update plugin deps to include context changes
* Fix tests
2018-01-08 12:26:13 -08:00
1c190d4bda
Pass context to backends ( #3750 )
...
* Start work on passing context to backends
* More work on passing context
* Unindent logical system
* Unindent token store
* Unindent passthrough
* Unindent cubbyhole
* Fix tests
* use requestContext in rollback and expiration managers
2018-01-08 10:31:38 -08:00
6681329041
Update redirect address error to be more clear
2018-01-04 10:45:40 -05:00
1fe494e8e1
Port IsDRSecondary over and enable returning it via sys_health ( #3749 )
2018-01-03 15:07:13 -05:00
d1803098ae
Merge branch 'master-oss' into sethvargo/cli-magic
2018-01-03 14:02:31 -05:00
92aaebd20e
Bust recovery cache after unsealed is set true to force migration
2017-12-19 16:22:09 -05:00
9630f93845
Fix audited request header lookup ( #3707 )
...
The headers are stored lowercased but the lookup function wasn't
properly lowercasing when indexing in the header map.
Fixes #3701
2017-12-18 10:05:51 -05:00
164849f056
Add support for encrypted TLS key files ( #3685 )
2017-12-15 17:33:55 -05:00
57bc19c169
Defer reader.Close that is used to determine sha256
2017-12-15 14:04:09 -05:00
7c0b4f1333
Avoid unseal failure if plugin backends fail to setup during postUnseal ( #3686 )
2017-12-15 13:31:57 -05:00
79cb82e133
Add logic for using Auth.Period when handling auth login/renew requests ( #3677 )
...
* Add logic for using Auth.Period when handling auth login/renew requests
* Set auth.TTL if not set in handleLoginRequest
* Always set auth.TTL = te.TTL on handleLoginRequest, check TTL and period against sys values on RenewToken
* Get sysView from le.Path, revert tests
* Add back auth.Policies
* Fix TokenStore tests, add resp warning when capping values
* Use switch for ttl/period check on RenewToken
* Move comments around
2017-12-15 13:30:05 -05:00
afe53eb862
Database gRPC plugins ( #3666 )
...
* Start work on context aware backends
* Start work on moving the database plugins to gRPC in order to pass context
* Add context to builtin database plugins
* use byte slice instead of string
* Context all the things
* Move proto messages to the dbplugin package
* Add a grpc mechanism for running backend plugins
* Serve the GRPC plugin
* Add backwards compatibility to the database plugins
* Remove backend plugin changes
* Remove backend plugin changes
* Cleanup the transport implementations
* If grpc connection is in an unexpected state restart the plugin
* Fix tests
* Fix tests
* Remove context from the request object, replace it with context.TODO
* Add a test to verify netRPC plugins still work
* Remove unused mapstructure call
* Code review fixes
* Code review fixes
* Code review fixes
2017-12-14 14:03:11 -08:00
de9b7d779d
Fix leaking connections on cluster port ( #3680 )
2017-12-12 17:18:04 -08:00
822ce95dc4
adding ability to override temp dir in dev cluster ( #3673 )
2017-12-11 18:02:35 -05:00
Vishal Nayak