luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
9,284 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

9284 Commits

Author SHA1 Message Date
Jeff Mitchell 87ffca230e Add batch token info to token store, approle, mount tuning 2018-11-01 14:51:06 -04:00
madalynrose 1413b11520
Update CHANGELOG.md 2018-11-01 14:42:04 -04:00
Calvin Leung Huang 2824cb534d
Clean up HABackend tests (#5617) 2018-11-01 10:31:09 -07:00
Jeff Mitchell 3b8d0ed72c Update comment on API client's clone method 2018-11-01 12:26:18 -04:00
Brian Shumate 9c06c53542 Fix typo (#5661) 2018-11-01 10:13:20 -04:00
Raymond Kao 24187b2e99 Fixed wording from "SQL" to "MongoDB" for clarity (#5643) 
The original wording made it appear as if SQL statements were being executed against a MongoDB backend, which is incorrect and confusing.  Fixed to better reflect what is actually occurring.
 2018-11-01 09:26:05 -04:00
Chris Hoffman df397e902d
removing no longer valid features (#5656) 2018-11-01 09:17:47 -04:00
madalynrose b44e88fa99
fix bug where json editing doesn't save properly for secrets (#5660) 2018-10-31 18:37:23 -04:00
madalynrose 69c9cfad1a
mask init keys (#5657) 2018-10-31 17:41:21 -04:00
Jeff Mitchell 756e4c5f89 Update jwt to pull in groups claim delimiter pattern 2018-10-31 16:04:39 -04:00
Jim Kalafut 11d7f7eb13
Add memory profiling for custom builds (#5584) 2018-10-31 11:11:45 -07:00
Clint 063bc19a71
Update CHANGELOG.md 
Update the CHANGELOG to mention new support for Project Service Account tokens in Kubernetes auth
 2018-10-31 12:16:42 -05:00
madalynrose fcaa9248d1
add copy button to kv secrets masked input (#5627) 2018-10-31 13:13:57 -04:00
vishalnayak 1160fa9698 changelog++ 2018-10-31 12:58:52 -04:00
Vishal Nayak 142a944bfd
Allow @ to be part of key name in TOTP secret engine (#5652) 
* Allow @ to be part of key name in TOTP secret engine

* Allow @ for key name while generating the code
 2018-10-31 12:57:18 -04:00
madalynrose e93011d908
update capabilities logic for sudo prefixes (#5647) 
update capabilities logic to determine need for sudo based on sudo prefix paths
 2018-10-31 11:24:36 -04:00
Brian Shumate 113380c461 docs: update JWT auth method (#5655) 
- Add convenience/contextual link to API documnetation
 2018-10-31 11:03:04 -04:00
Jeff Mitchell 6c488921ff Fix website/path-help docs around pki/tidy 2018-10-30 21:33:30 -04:00
Jeff Mitchell 605a7e30ad
Add the ability for secret IDs in agent approle to be wrapped (#5654) 2018-10-30 20:53:49 -04:00
Jeff Escalante 71f68f2199 fix sidebar links (#5653) 2018-10-30 20:51:38 -04:00
Noelle Daley 226aac7bbf
Merge pull request #5639 from hashicorp/ui/add-gcp-kms 
ui/enable-gcpkms
 2018-10-30 13:36:08 -07:00
Noelle Daley c10291c17d enable gcpkms 2018-10-30 13:35:32 -07:00
Noelle Daley 87f5935d49
Merge pull request #5642 from hashicorp/ui/add-ali-secrets-engine 
enable alicloud in the ui
 2018-10-30 13:34:52 -07:00
Noelle Daley 5099cef383 enable alicloud in the ui 2018-10-30 13:25:59 -07:00
Jeff Mitchell f964688eb1 changelog++ 2018-10-30 14:43:28 -04:00
Jeff Mitchell 217e244e17 Make MFA links work again 2018-10-30 14:27:00 -04:00
Jeff Mitchell 85c4a436c0 changelog++ 2018-10-30 14:10:17 -04:00
Jeff Mitchell 6d20c8fce2
Add approle agent method removing secret ID file by default. (#5648) 
Also, massively update tests.
 2018-10-30 14:09:04 -04:00
RJ Spiker 3223d661ce website: community page content update (#5641) 2018-10-30 12:33:51 -04:00
Aleksey Zhukov 5361205d5b WIP Agent AppRole auto-auth (#5621) 2018-10-30 12:17:19 -04:00
Benjamin Dos Santos 1f86528ad8 docs(systemd): `Capabilities` had been removed (#5579) 
* docs(systemd): `Capabilities` had been removed

The `Capabilities=` unit file setting has been removed and is ignored for
backwards compatibility. `AmbientCapabilities=` and `CapabilityBoundingSet=`
should be used instead.

8f968c7321/NEWS (L1357)

* style: remove trailing white space
 2018-10-30 10:18:08 -04:00
Balazs Nagy ca5c60642e Use tidy_revoked_certs instead of tidy_revocation_list (#5608) 2018-10-29 19:29:35 -04:00
RJ Spiker fca7cb3794 website: update sidebar_title in front matter to use <code> (#5636) 
* website: replace deprecated <tt> with <code> in front matter sidebar_title

* website: wrap front matter sidebar_title in <code> for commands pages
 2018-10-29 15:58:37 -04:00
Christophe Tafani-Dereeper fb89c1adc5 Fix typo ('Gase' -> 'Case') (#5638) 2018-10-29 15:19:35 -04:00
Mike Wickett af70c2234b website: update component dependencies (#5637) 2018-10-29 14:29:44 -04:00
Ben Boeckel 1e3d41ffa9 website: add missing `@` to example (#5560) 
* website: remove mention of `@` in command

The command does not contain the mentioned `@` symbol and can be
confusing.

* docs: use `policy-name` instead of `my-policy`

Just making things consistent.
 2018-10-29 13:12:48 -04:00
Seth Vargo 5fcdd6c4e3 More formatting fixes (#5582) 2018-10-29 13:12:19 -04:00
Vishal Nayak d3d6034ee5 Use sys/policies/acl instead of sys/policy/ (#5583) 2018-10-29 13:11:19 -04:00
Chris Thunes 16f52969f4 Fix memory issue caused by append of group slice to itself. (#5611) 
The slice returned by `collectGroupsReverseDFS` is an updated copy of
the slice given to it when called. Appending `pGroups` to `groups`
therefore led to expontential memory usage as the slice was repeatedly
appended to itself.

Fixes #5605
 2018-10-29 10:38:34 -04:00
Chris Hoffman 8c88eb3e2a
Add -dev-auto-seal option (#5629) 
* adding a -dev-auto-seal option

* adding logger to TestSeal
 2018-10-29 09:30:24 -04:00
Jeff Mitchell 3c1a82e60c
Add token type to sentinel docs, fix up some names, and better codify what Sentinel reports for various token types (#5630) 2018-10-27 11:07:27 -07:00
Jeff Mitchell 8eca41ee2d Fix build 2018-10-27 14:06:20 -04:00
Jeff Mitchell 2c17930aaf
Remove agent reauthentication on new credentials. (#5615) 
Functionality is left in for use in testing (where it is indeed quite
useful).

Fixes #5522
 2018-10-27 10:45:55 -07:00
Jeff Mitchell 6bd5c22371 changelog++ 2018-10-27 13:44:46 -04:00
Jeff Mitchell a21a7e9eb4
Change ordering of user lookup vs. password hashing (#5614) 
* Change ordering of user lookup vs. password hashing

This fixes a very minor information leak where someone could brute force
the existence of a username. It's not perfect as the underlying storage
plays a part but bcrypt's slowness puts that much more in the noise.
 2018-10-27 10:43:08 -07:00
RJ Spiker 5f88be68bc website: adjust downloads page responsive behaviors (#5624) 2018-10-26 21:16:55 -04:00
Jeffrey Hogan cd35ecf02e Use H3 for parameters to match existing pattern (#5566) 2018-10-26 19:13:14 -04:00
Jim Kalafut 381aedbe25
changelog++ 2018-10-26 10:10:37 -07:00
Chris Hoffman fa380e9be4
Fix seal migration docs (#5623) 
* fixing seal migration docs

* do not use deprecated command

* adding redirect for old docs
 2018-10-26 10:04:51 -07:00
Joel Thompson 62b54c8a5c Update awskms seal docs (#5618) 
The seal already supported an endpoint configuration, but it wasn't
documented, so adding the docs for it. Also adding a note on required
KMS permissions.
 2018-10-26 06:18:04 -07:00