Commit graph

9115 commits

Author SHA1 Message Date
Jeff Mitchell 8a604ee2df changelog++ 2018-10-08 09:54:21 -04:00
Jeff Mitchell 7b3274769e changelog++ 2018-10-08 09:53:28 -04:00
Jeff Mitchell ff57c14bc2
Set allowed OIDs to any value when generaing a CA. (#5462)
* Set allowed OIDs to any value when generaing a CA.

Also, allow utf-8 in addition to utf8 as the OID type specifier, and
allow `*` to specify any OID of a supported type.

* Update PKI docs
2018-10-08 09:51:43 -04:00
Jim Kalafut b7c8082960
Fix docs typos 2018-10-05 22:53:09 -07:00
Jim Kalafut bd4a7c57c6 Fix 'vault auth' panic (#5473)
Running 'vault auth' with no parameters was panicking:

panic: assignment to entry in nil map
	github.com/hashicorp/vault/command/login.go:255 +0xdee

Now it will show help.
2018-10-05 16:05:26 -07:00
Becca Petrin f276ca2d11 add a check to prevent panics (#5471) 2018-10-05 09:23:06 -07:00
vishalnayak baad5a66fd Fix TestIdentityStore_GroupHierarchyCases 2018-10-05 05:46:09 -04:00
Vishal Nayak fbec18fef0
Added test for verifying member group id deletion (#5469) 2018-10-04 10:38:41 -07:00
Brian Kassouf 0ae790f9de
Fix issue with revoking leases that have periods in them (#5461) 2018-10-04 09:55:48 -07:00
Jim Kalafut 24dc42c908
Update examples to use sha256 (#5468)
sha_256 is supported but not referenced in our API docs.
2018-10-04 09:51:54 -07:00
Sebastian Plattner 782f8dedd2 Fix remove Group Member in Identity Group not working (#5466) 2018-10-04 09:27:29 -07:00
Jeff Mitchell 4895ff2f9a changelog++ 2018-10-04 09:51:41 -04:00
Konstantinos Tsanaktsidis fb90854233 Fix a panic in MongoDB backend with concurrent create/revoke (#5463)
When Vault is concurrently creating and revoking leases for MongoDB
users as part of the database secrets engine, and then loses connection
to MongoDB, it can panic. This occurrs because the RevokeUser path does
_not_ lock the mutex, but the CreateUser path does. Both threads of
execution can concurently decide to call c.session.Close() in
mongodb/connection_producer.go:119, and then mgo panics when the second
close attempt occurs.
2018-10-04 09:51:08 -04:00
Jeff Mitchell 10d9009eba Remove incorrect api docs text around metadata being supported for identity aliases 2018-10-04 09:09:41 -04:00
Becca Petrin 072d56be95 vendor the desired version of go.uuid (#5458) 2018-10-03 15:30:05 -07:00
Brian Kassouf 2995c06a53
Fix build (#5457) 2018-10-03 14:53:08 -07:00
Jeff 45f3297739 fix doc typo (#5455) 2018-10-03 11:25:57 -07:00
Brian Kassouf 9307ba4b0b
Update Deps (#5454) 2018-10-03 09:55:26 -07:00
Martins Sipenko 2e27e96441 Fix missing > (#5452) 2018-10-03 09:16:36 -04:00
Brian Kassouf fc2e32df7c
Fix identity link (#5449) 2018-10-02 17:45:17 -07:00
Brian Kassouf 6d4346f602
mailto link (#5448) 2018-10-02 17:41:04 -07:00
Becca Petrin 8bfb2a335b alicloud auto-unseal docs (#5446) 2018-10-02 17:21:26 -07:00
Chris Hoffman 6639d015e9
adding upgrade guide (#5447) 2018-10-02 20:18:59 -04:00
Brian Kassouf 8ee9548458
changelog++ 2018-10-02 15:15:46 -07:00
Jeff Mitchell f259e67873
Cut version 0.11.2 2018-10-02 14:43:13 -04:00
Jeff Mitchell 2d908d6962 Fix compile on 32-bit platforms 2018-10-02 14:42:50 -04:00
Jeff Mitchell ec2ab502fc make fmt 2018-10-02 14:30:10 -04:00
Brian Kassouf e44ee5181d prepare for release 2018-10-02 11:21:22 -07:00
Jeff Mitchell 3e981d8802 Update Dockerfile go version 2018-10-02 14:16:05 -04:00
Brian Kassouf bc36d78df1 Update plugins 2018-10-02 11:14:15 -07:00
Chris Hoffman a4a688764a
changelog++ 2018-10-02 13:50:36 -04:00
Matthew Irish 76bb00c5c4
Update yarn version in the cross Dockerfile 2018-10-02 10:56:51 -05:00
Chris Hoffman 8154500255
changelog++ 2018-10-02 11:23:20 -04:00
sk4ry 0fab335eec Add ability to configure the NotBefore property of certificates in role api (#5325)
* Add ability to configure the NotBefore property of certificates in role api

* Update index.html.md

* converting field to time.Duration

* setting default back to 30s

* renaming the parameter not_before_duration to differentiate between the NotBefore datetime on the cert

* Update description
2018-10-02 11:10:43 -04:00
Matthew Irish a105664141
UI - ent fixes (#5430)
* re-add performancestandycode for health api call

* update debounce timeout for namespace input on the auth page

* re-fetch cluster model on successful init

* 500ms for the debounce

* swap auth methods after successful api call so that the auth box doesn't jump around

* move list capability fetch to namespace component and don't use computed queryRecord to fetch it

* convert ed models to JSON so that they're unaffected by store unloading

* serialize with the id for the auth method models

* speed tests back up with different polling while loop

* login flash isn't in the same run loop so no longer needs withFlash
2018-10-02 10:05:34 -05:00
Joel Thompson 6a9e6cc474 Allow specifying role-default TTLs in AWS secret engine (#5138)
* Allow specifying role-default TTLs in AWS secret engine

* Add an acceptance test

* Add docs for AWS secret role-default TTLs

* Rename default_ttl to default_sts_ttl

* Return default_ttl as int64 instead of time.Duration

* Fix broken tests

The merge of #5383 broke the tests due to some changes in the test style
that didn't actually cause a git merge conflict. This updates the tests
to the new style.
2018-10-02 10:14:16 -04:00
Matthew Irish 9f213c976c
changelog++ 2018-10-02 08:59:45 -05:00
Matthew Irish 42d1047a74
UI - token expiration calculation (#5435)
* fix token expiration calculation

* move authenticate to an ember concurrency task

* don't show logged in nav while still on the auth route

* move current tests to integration folder, add unit test for expiration calculation

* fix auth form tests
2018-10-02 08:53:39 -05:00
Nageswara Rao Podilapu e12948593b Update page content with a generic noun (#5444)
This might be a typo, It says `A user may have a client token sent to her` instead it should say `A user may have a client token sent to them`
2018-10-02 09:31:01 -04:00
Brian Kassouf 2ec54c3a0b
Fix seal status tests (#5443) 2018-10-01 18:09:20 -07:00
Calvin Leung Huang 74c50adb58 logical/nomad: Reduce flakiness in prepareTestContainer (#5440) 2018-10-01 17:46:37 -07:00
JohnVonNeumann eba56f3f23 Update operator_init.go (#5441)
Minor grammar fix.
2018-10-01 17:19:13 -07:00
Brian Kassouf 813230ed96
changelog++ 2018-10-01 14:41:30 -07:00
Jim Kalafut 43d498983c
Retry failing migration check instead of exiting (#5427) 2018-10-01 14:35:35 -07:00
Matthew Irish 5a8a12aa58
tweak warning about force promoting replication clusters (#5439) 2018-10-01 16:21:00 -05:00
Brian Kassouf e41b388edd
Update CHANGELOG.md 2018-10-01 14:15:00 -07:00
Saurabh Pal 77e635f7e1 Enable TLS based communication with Zookeeper Backend (#4856)
* The added method customTLSDial() creates a tls connection to the zookeeper backend when 'tls_enabled' is set to true in config

* Update to the document for TLS configuration that is  required to enable TLS connection to Zookeeper backend

* Minor formatting update

* Minor update to the description for example config

* As per review comments from @kenbreeman, additional property description indicating support for multiple Root CAs in a single file has been added

* minor formatting
2018-10-01 14:12:08 -07:00
Brian Kassouf 5f34bbbe6d
Update replication-performance.html.md 2018-10-01 13:59:50 -07:00
Brian Kassouf 45c8894c0d
Update replication-dr.html.md 2018-10-01 13:59:17 -07:00
Matthew Irish 87ed1e4f52
ui - add force option when promoting a replication secondary (#5438) 2018-10-01 15:58:43 -05:00