Commit graph

500 commits

Author SHA1 Message Date
Jeff Mitchell baa75cf64f changelog++ 2016-06-20 14:10:16 -04:00
Jeff Mitchell 37565f54bd Bump version in ChangeLog 2016-06-14 13:26:35 +00:00
Jeff Mitchell 91728e6500 changelog++ 2016-06-09 13:58:10 -04:00
Jeff Mitchell 61ad159fb8 changelog++ 2016-06-09 12:31:07 -04:00
Jeff Mitchell f20b07472d changelog++ 2016-06-08 15:50:24 -04:00
Jeff Mitchell 433033db3c changelog++ 2016-06-08 15:37:34 -04:00
Jeff Mitchell 666a87e5c9 changelog++ 2016-06-08 12:32:12 -04:00
Jeff Mitchell d70aa85cda changelog++ 2016-06-08 12:29:47 -04:00
Jeff Mitchell cea8ce4b4e changelog++ 2016-06-08 10:39:16 -04:00
vishalnayak a6c775ae9d changelog++ 2016-06-01 14:53:51 -04:00
Jeff Mitchell 6487173463 changelog++ 2016-05-31 23:52:56 +00:00
Jeff Mitchell 9185941f1a changelog++ 2016-05-27 13:55:23 -04:00
Jeff Mitchell 64d07ae572 changelog++ 2016-05-20 17:07:48 +00:00
Jeff Mitchell 8618d6d261 changelog++ 2016-05-19 13:41:10 -04:00
Jeff Mitchell 26ecdb8fdf changelog++ 2016-05-19 13:39:39 -04:00
Jeff Mitchell 964916674e changelog++ 2016-05-19 12:18:02 -04:00
Jeff Mitchell 10d8b38309 changelog++ 2016-05-19 12:16:25 -04:00
Jeff Mitchell 6d790ddaad changelog++ 2016-05-18 01:00:58 +00:00
Jeff Mitchell 4ab973565e changelog++ 2016-05-16 16:23:01 -04:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
vishalnayak ab86b60b19 changelog++ 2016-05-15 10:41:13 -04:00
Jeff Mitchell 9cf43d9c50 changelog++ 2016-05-12 14:58:59 -04:00
Jeff Mitchell e3f2020437 changelog++ 2016-05-11 19:28:01 -04:00
Sean Chittenden 8c9dadf82b
Don't build mlock for NetBSD
NetBSD doesn't have the right symbols defined in Go for mlockall support.  The OS supports it just fine, but the definitions aren't present in Go.  If someone wanted to they could add support XOR the values from `sys/mman.h` for `MCL_CURRENT | MCL_FUTURE` which is almost certainly `0x01 | 0x02` but we're not going to do that in code due to the maintenance of a one-off just for NetBSD.  PR's welcome.
2016-05-10 16:39:54 -07:00
Jeff Mitchell c3a3802b6c changelog++ 2016-05-09 20:01:12 -04:00
Jeff Mitchell 5556429ee6 changelog++ 2016-05-07 19:00:09 -04:00
Jeff Mitchell f9c5425d2f changelog++ 2016-05-07 16:36:02 -04:00
Jeff Mitchell f6f5889c8c changelog++ 2016-05-05 10:35:22 -04:00
Jeff Mitchell 60a584a0a7 changelog++ 2016-05-03 15:12:08 -04:00
Jeff Mitchell 034c2d93cd changelog++ 2016-05-03 14:42:31 -04:00
Jeff Mitchell 41d046fb3a changelog++ 2016-05-02 20:02:36 -04:00
Jeff Mitchell 0a2e78f8d8 changelog++ 2016-05-02 00:20:00 -04:00
Jeff Mitchell 6602aea52b changelog++ 2016-04-28 15:28:44 -04:00
Jeff Mitchell 484306d712 changelog++ 2016-04-27 14:35:45 +00:00
Sean Chittenden ef62ecbb2d changelog++ 2016-04-25 18:19:38 -07:00
Jeff Mitchell 81137128b9 changelog++ 2016-04-25 19:56:18 +00:00
Jeff Mitchell 04816ed25e changelog++ 2016-04-20 20:23:08 +00:00
Jeff Mitchell 148e6926f9 changelog++ 2016-04-14 08:11:02 -04:00
Jeff Mitchell 4da2e80dfe changelog++ 2016-04-09 18:30:37 -04:00
Jeff Mitchell e46629f943 changelog++ 2016-04-07 22:18:07 +00:00
Jeff Mitchell 650d40a258 changelog++ 2016-04-07 21:52:59 +00:00
Sean Chittenden 8dc94ea4e1 Add CL note re: *BSD mlock support 2016-04-06 14:00:29 -07:00
Jeff Mitchell b47d6dc64f changelog++ 2016-04-02 13:34:05 -04:00
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 9a992f93f7 changelog++ 2016-03-31 20:17:30 -04:00
Jeff Mitchell 7a6df4a8ab changelog++ 2016-03-31 17:43:44 -04:00
Jeff Mitchell 25b2320899 changelog++ 2016-03-31 15:38:21 -04:00
Jeff Mitchell bff4dace78 changelog++ 2016-03-24 10:34:52 -04:00
Jeff Mitchell 90ebf0bf99 changelog++ 2016-03-23 10:08:04 -04:00
Jeff Mitchell 72bb2b73d4 changelog++ 2016-03-18 16:32:56 -04:00
vishalnayak afffbfc6a1 changelog++ 2016-03-18 14:59:58 -04:00
vishalnayak 71ef433649 changelog++ 2016-03-18 12:43:00 -04:00
Jeff Mitchell ddc8988b74 changelog++ 2016-03-17 18:26:26 -04:00
Jeff Mitchell 89e3943192 changelog++ 2016-03-17 16:30:12 -04:00
Jeff Mitchell d57a9d43b9 changelog++ 2016-03-17 15:01:00 -04:00
Jeff Mitchell b6da741a04 Update CHANGELOG text regarding enabling plaintext accessor audit logging 2016-03-17 12:08:45 -04:00
Jeff Mitchell 9dda8468f8 changelog++ 2016-03-16 14:53:18 -04:00
Jeff Mitchell db3ebd37c2 changelog++ 2016-03-15 14:59:00 -04:00
Jeff Mitchell 026e706d73 changelog++ 2016-03-15 14:15:10 -04:00
Jeff Mitchell 13458a88d1 changelog++ 2016-03-15 14:11:10 -04:00
vishalnayak 8fdbe2b40d changelog++ 2016-03-14 19:51:04 -04:00
Jeff Mitchell 9ace2ccb08 changelog++ 2016-03-14 16:56:43 -04:00
Jeff Mitchell 0b900f61b9 changelog++ 2016-03-14 14:50:05 -04:00
Jeff Mitchell 0405788606 changelog++ 2016-03-11 00:46:27 -05:00
vishalnayak 9c8a8d6b96 changelog++ 2016-03-10 22:37:12 -05:00
Jeff Mitchell dc162c59de changelog++ 2016-03-09 17:26:48 -05:00
Jeff Mitchell ea9b8330c9 changelog++ 2016-03-09 17:17:04 -05:00
Jeff Mitchell 5942a579fe changelog++ 2016-03-09 17:15:42 -05:00
vishalnayak 087b66cb53 changelog++ 2016-03-09 15:48:49 -05:00
vishalnayak dea6e0656e changelog++ 2016-03-08 13:16:08 -05:00
Jeff Mitchell 2215e215ee changelog++ 2016-03-08 10:54:51 -05:00
Jeff Mitchell 360ae8b20f changelog++ 2016-03-07 15:00:09 -05:00
Jeff Mitchell 638e3d46da changelog++ 2016-03-07 11:02:10 -05:00
vishalnayak 99e61b595f changelog++ 2016-03-04 18:23:08 -05:00
Jeff Mitchell a976f4f628 changelog++ 2016-03-03 13:47:00 -05:00
Jeff Mitchell eb37750951 changelog++ 2016-03-03 12:33:38 -05:00
Jeff Mitchell f4d8d04faf changelog++ 2016-03-03 12:06:42 -05:00
Jeff Mitchell bd7b285ab0 changelog++ 2016-03-03 12:04:48 -05:00
Jeff Mitchell f1edaed395 changelog++ 2016-03-03 11:12:15 -05:00
Jeff Mitchell 750b33c51b Add ability to control dev root token id with
VAULT_DEV_ROOT_TOKEN_ID env var, and change the CLI flag to match.

Ping #1160
2016-03-03 10:24:44 -05:00
Jeff Mitchell 32b91bd531 changelog++ 2016-03-02 12:05:16 -05:00
Jeff Mitchell 5b9c478a2c changelog++ 2016-03-01 20:27:08 -05:00
vishalnayak 934123d9a3 changelog++ 2016-03-01 17:18:20 -05:00
Jeff Mitchell c438dd186a changelog++ 2016-03-01 17:12:14 -05:00
Jeff Mitchell a73c43564e changelog++ 2016-02-26 15:28:12 -05:00
Jeff Mitchell ea6354180e changelog++ 2016-02-26 15:16:54 -05:00
Jeff Mitchell 00e546cb91 Bump version to dev 2016-02-26 15:14:12 -05:00
Jeff Mitchell 4eacc703e4 changelog++ 2016-02-25 14:48:43 -05:00
Jeff Mitchell e66756274c changelog++ 2016-02-25 12:29:50 -05:00
Jeff Mitchell 0355fc0691 changelog++ 2016-02-25 10:59:57 -05:00
Jeff Mitchell ba86ffa691 Bump version numbers 2016-02-25 10:42:13 -05:00
Jeff Mitchell 5b1465a3ca changelog++ 2016-02-25 10:41:19 -05:00
Jeff Mitchell c9a038b142 changelog++ 2016-02-25 08:55:23 -05:00
vishalnayak f16598e338 changelog++ 2016-02-24 21:11:21 -05:00
vishalnayak f40a65be20 changelog++ 2016-02-24 11:04:19 -05:00
Jeff Mitchell f745148249 changelog++ 2016-02-23 13:24:57 -05:00
Jeff Mitchell 291352fd99 changelog++ 2016-02-22 19:52:48 -05:00
Jeff Mitchell 9a1ddf6d5f changelog++ 2016-02-22 13:40:27 -05:00
vishalnayak e2e15376dd changelog++ 2016-02-22 11:41:13 -05:00
Jeff Mitchell fc3d828c9d changelog++ 2016-02-21 15:35:43 -05:00
Jeff Mitchell 7165be0cf3 changelog++ 2016-02-19 21:43:37 -05:00
Jeff Mitchell 2bff5716bf changelog++ 2016-02-19 21:42:50 -05:00
vishalnayak 6a14786660 changelog++ 2016-02-19 18:34:23 -05:00
vishalnayak a43bd9131b changelog++ 2016-02-19 16:52:19 -05:00
Jeff Mitchell 5036882353 changelog++ 2016-02-19 15:12:05 -05:00
Jeff Mitchell 8bc34acd4e changelog++ 2016-02-19 14:37:42 -05:00
vishalnayak 84d9b6c6b2 changelog++ 2016-02-18 17:11:50 -05:00
Jeff Mitchell 09176ff93b changelog++ 2016-02-18 15:33:14 -05:00
Jeff Mitchell ea12dff28b changelog++ 2016-02-12 15:38:52 -05:00
Jeff Mitchell fdc7317ef0 changelog++ 2016-02-11 12:54:49 -05:00
Jeff Mitchell 4f5c65ae74 changelog++ 2016-02-10 08:01:46 -05:00
Jeff Mitchell b7896fba65 changelog++ 2016-02-08 11:40:52 -05:00
Jeff Mitchell c36007ab25 changelog++ 2016-02-07 14:02:55 -05:00
Jeff Mitchell 06810f2ac7 changelog++ 2016-02-04 16:40:00 -05:00
Jeff Mitchell 4837ba23df changelog++ 2016-02-04 13:49:01 -05:00
Jeff Mitchell 550d6096ed Add some extra info on the build to the changelog and bump the version in preparation for release 2016-02-04 11:54:14 -05:00
Jeff Mitchell 642240db27 changelog++ 2016-02-04 11:42:58 -05:00
Jeff Mitchell 64309b3b4b Fix some changelog formatting 2016-02-04 09:53:23 -05:00
Jeff Mitchell ed3ae4541a changelog++ 2016-02-03 15:14:34 -05:00
Jeff Mitchell fc7eadbbb7 changelog++ 2016-02-03 15:07:53 -05:00
Jeff Mitchell 93cf4ba2c4 changelog++ 2016-02-03 11:25:43 -05:00
Jeff Mitchell bb9d364cce changelog++ 2016-02-03 09:13:40 -05:00
Jeff Mitchell fc5a09135f changelog++ 2016-02-02 11:38:27 -05:00
Jeff Mitchell 416176a5aa changelog++ 2016-02-01 20:16:56 -05:00
Jeff Mitchell 10788215fc Add rekey nonce info to Changelog 2016-02-01 16:13:42 -05:00
Jeff Mitchell dc584d4905 changelog++ 2016-02-01 13:45:28 -05:00
Jeff Mitchell 5abc77b263 changelog++ 2016-02-01 13:37:13 -05:00
Jeff Mitchell 0f5db5da6c changelog++ 2016-02-01 10:29:40 -05:00
Jeff Mitchell 88148e6190 changelog++ 2016-01-29 21:01:48 -05:00
Jeff Mitchell 088f8a22c3 changelog++ 2016-01-29 14:43:28 -05:00
Jeff Mitchell b8ca0cccb8 changelog++ 2016-01-29 10:36:37 -05:00
Jeff Mitchell 4ac568bdfa changelog++ 2016-01-29 10:32:12 -05:00
Jeff Mitchell ad00131735 changelog++ 2016-01-28 15:18:54 -05:00
Jeff Mitchell 5d36d27d0c changelog++ 2016-01-28 15:05:59 -05:00
Jeff Mitchell 059640c33a changelog++ 2016-01-28 12:49:25 -05:00
Jeff Mitchell 63d891f36f changelog++ 2016-01-28 08:59:57 -05:00
Jeff Mitchell ccd10668f0 changelog++ 2016-01-27 17:27:53 -05:00
Jeff Mitchell 7776aebdfc changelog++ 2016-01-27 17:18:17 -05:00
Jeff Mitchell 0279c60d9e changelog++ 2016-01-27 17:07:54 -05:00
Jeff Mitchell 92a0fae392 Changelog formatting 2016-01-27 14:33:41 -05:00
Jeff Mitchell 6d21bb7b98 Changelog formatting 2016-01-27 14:05:20 -05:00
Jeff Mitchell dd89018511 changelog++ 2016-01-27 13:43:53 -05:00
Jeff Mitchell 3761f19932 changelog++ 2016-01-25 14:48:34 -05:00
Jeff Mitchell 0c2829d2a2 changelog++ 2016-01-23 14:46:20 -05:00
Jeff Mitchell c7c8dc3f5b changelog++ 2016-01-22 21:24:25 -05:00
Jeff Mitchell d663c46757 changelog++ 2016-01-22 13:09:21 -05:00
Jeff Mitchell babecad8ac changelog++ 2016-01-22 10:22:43 -05:00
Jeff Mitchell 19e7266406 changelog++ 2016-01-21 16:30:50 -05:00
Jeff Mitchell b2d2bb9545 Add generate-root info to changelog 2016-01-21 12:37:26 -05:00
Jeff Mitchell c8ae8189d7 changelog++ 2016-01-18 17:05:51 -05:00
Jeff Mitchell d68b1cf1af changelog++ 2016-01-16 18:03:58 -05:00
Jeff Mitchell 5873824ee2 Version 0.4.1
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWls/HAAoJEFGFLYc0j/xMarQH/i6rW+wLm9DadkFV23jwjttt
 TRumTPDoBxHQDoB0wkC4CmA8UiZnzc68o5OlxisC8KAz/89HWZf8sUDxkOSY1vUX
 BGDkiv+KF6LiDRAdDyIqK6PYUkKHaJgue9Vnwu5+1iRv1sjK5PyPb992Wmt/DtOM
 nRn8Hn5qmmDCUm79TKXpZNMs/CRx21VM7q2Sm139kLzTr0Qg2Oyxcp3mB8TR7LtV
 ATdMQ//HzL/tGJ6Yw7zkgZzdf7EMFFO1SSVqAzqag6kqNqwjvmDGrQaTzkdl7anv
 72zMXqVcryeSL6DRZuR+OrHs63aaoTwIXcqO56nBrZ1NAEqkI0oCcvDZNLt7yi4=
 =YCXl
 -----END PGP SIGNATURE-----

Merge tag 'v0.4.1'

Version 0.4.1
2016-01-14 09:57:21 -05:00
Jeff Mitchell eeac69939c Bump values to 0.4.1 2016-01-13 17:28:17 -05:00
Jeff Mitchell 55a802f9ca changelog++ 2016-01-12 21:19:25 -05:00
Jeff Mitchell 1efb33cfd5 changelog++ 2016-01-12 09:31:07 -05:00
Jeff Mitchell ae6df99b19 changelog++ 2016-01-12 08:47:33 -05:00
Jeff Mitchell 2527a9d18e changelog++ 2016-01-09 14:21:36 -05:00
Jeff Mitchell 87f686997f changelog++ 2016-01-07 11:36:32 -05:00
Jeff Mitchell d6b6cbe9aa changelog++ 2016-01-07 09:22:45 -05:00
Jeff Mitchell 06d19e4269 changelog++ 2016-01-05 11:27:08 -05:00
Jeff Mitchell a99c29dad4 changelog++ 2016-01-04 17:01:32 -05:00
Jeff Mitchell dbd7c9aaab changelog++ 2016-01-04 14:14:51 -05:00
Jeff Mitchell 80d92903f4 changelog++ 2015-12-31 18:11:32 -05:00
Jeff Mitchell a7a02b3043 Cert documentation fix.
Fixes #899
2015-12-30 16:44:24 -05:00
Jeff Mitchell 7e93071404 Move the information about the new behavior of token-renew to the breaking changes section 2015-12-30 15:29:24 -05:00
Jeff Mitchell be4277199f changelog++ 2015-12-30 15:20:02 -05:00
Jeff Mitchell e0d0ff6884 changelog++ 2015-12-30 14:43:51 -05:00
Jeff Mitchell 0ef4fadb25 changelog++ 2015-12-30 13:28:49 -05:00
Jeff Mitchell 0c338f01ea changelog++ 2015-12-29 13:18:36 -05:00
Jeff Mitchell e43656c045 changelog++ 2015-12-29 13:03:22 -05:00
Jeff Mitchell 822144b321 changelog++ 2015-12-29 13:00:57 -05:00
Jeff Mitchell b206775301 changelog++ 2015-12-29 12:39:56 -05:00
Jeff Mitchell 52545ce020 changelog++ 2015-12-23 13:34:39 -05:00
Jeff Mitchell 49d2793acc changelog++ 2015-12-22 10:22:57 -05:00
Jeff Mitchell 56bc82f7cd changelog++ 2015-12-18 10:08:14 -05:00
Jeff Mitchell 68773ec5a3 changelog++ 2015-12-17 15:09:53 -05:00
Jeff Mitchell f8a824c476 changelog++ 2015-12-17 13:50:56 -05:00
Jeff Mitchell 8f78998e89 changelog++ 2015-12-17 10:24:12 -05:00
Jeff Mitchell 113393d988 changelog++ 2015-12-17 10:12:53 -05:00
Jeff Mitchell 048f1284e4 CL++ 2015-12-15 20:02:43 -05:00
Jeff Mitchell af64f3401c CL++ 2015-12-14 21:27:12 -05:00
Jeff Mitchell 8816359bf5 CL++ 2015-12-14 21:24:29 -05:00
Jeff Mitchell ff9745bb00 Update Changelog and documentation with separate-HA-backend info. 2015-12-14 21:04:58 -05:00
Jeff Mitchell d149294e48 CL++ 2015-12-14 20:55:45 -05:00
Jeff Mitchell 468d1553af CL++ 2015-12-14 14:47:32 -05:00
Jeff Mitchell 39b87960f3 CL++ 2015-12-14 14:45:55 -05:00
Jeff Mitchell a9a8700f29 CL++ 2015-12-14 11:21:06 -05:00
Jeff Mitchell 546b3add9c Changelogify 2015-12-11 12:05:22 -05:00
Jeff Mitchell 0a568761ea Changelogify 2015-12-11 12:02:43 -05:00
Jeff Mitchell 944862bb33 Update changelog and in-progress dev version number 2015-12-10 16:34:10 -05:00
Jeff Mitchell e02acf9943 Fill in release date in Changelog 2015-12-10 13:21:44 -05:00
Jeff Mitchell e25b3ad344 Update documentation to be consistent with return codes
Fixes #831
2015-12-10 10:26:40 -05:00
Jeff Mitchell d332200495 Merge branch 'master' into pki-csrs 2015-12-09 16:48:07 -05:00
Jeff Mitchell 900b3d8882 Return 400 instead of 500 if generic backend is written to without data.
Fixes #825
2015-12-09 10:39:22 -05:00
Jeff Mitchell 448efd56fa Merge branch 'master' into pki-csrs 2015-12-08 10:57:53 -05:00
Jeff Mitchell dab0049d0e Changelogify 2015-12-07 13:22:24 -05:00
Jeff Mitchell 1dbfcc3b45 Merge branch 'master' into pki-csrs 2015-12-03 15:23:08 -05:00
Jeff Mitchell 3bdbd66f7d Remove datacenter from Consul configuration, as it cannot actually do
anything

Fixes #816
2015-12-03 15:16:37 -05:00
Jeff Mitchell 4eec9d69e8 Change allowed_base_domain to allowed_domains and allow_base_domain to
allow_bare_domains, for comma-separated multi-domain support.
2015-11-30 23:49:11 -05:00
Jeff Mitchell b6c49ddf01 Remove token display names from input options as there isn't a viable
use-case for it at the moment
2015-11-30 18:07:42 -05:00
Jeff Mitchell ee8e143555 Add PKI enhancements to Changelog 2015-11-20 13:18:07 -05:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell 29135b65ca Changelogify 2015-11-18 10:34:50 -05:00
Jeff Mitchell bc4c18a1cf Rearchitect MountTable locking and fix rollback.
The rollback manager was using a saved MountTable rather than the
current table, causing it to attempt to rollback unmounted mounts, and
never rollback new mounts.

In fixing this, it became clear that bad things could happen to the
mount table...the table itself could be locked, but the table pointer
(which is what the rollback manager needs) could be modified at any time
without locking. This commit therefore also returns locking to a mutex
outside the table instead of inside, and plumbs RLock/RUnlock through to
the various places that are reading the table but not holding a write
lock.

Both unit tests and race detection pass.

Fixes #771
2015-11-11 11:54:52 -05:00
Jeff Mitchell 1a45696208 Add no-default-policy flag and API parameter to allow exclusion of the
default policy from a token create command.
2015-11-09 17:30:50 -05:00
Jeff Mitchell d6693129de Create a "default" policy with sensible rules.
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
2015-11-09 15:44:09 -05:00
Jeff Mitchell 8673f36b34 Don't require root tokens for mount and policy endpoints. 2015-11-09 15:29:21 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup.
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell 5783f547ab Display whether a token is an orphan on lookup. 2015-11-09 13:19:59 -05:00
Jeff Mitchell b1a445dfbf Changelogify 2015-11-06 09:22:30 -05:00
Jeff Mitchell fde0bbf4b3 Merge pull request #752 from hashicorp/issue-749
Fix removing secondary index from exp manager.
2015-11-05 19:43:11 -05:00
Jeff Mitchell a121941925 Merge pull request #751 from hashicorp/issue-618
Move environment variable reading logic to API.
2015-11-05 19:42:16 -05:00
Jeff Mitchell 08dbc70c9f Switch etcd default port to 2379, in line with 2.x.
Fixes #753
2015-11-05 09:47:50 -05:00
Jeff Mitchell 395d6bead4 Fix removing secondary index from exp manager.
Due to a typo, revoking ensures that index entries are created rather
than removed. This adds a failing, then fixed test case (and helper
function) to ensure that index entries are properly removed on revoke.

Fixes #749
2015-11-04 10:50:31 -05:00
Jeff Mitchell 32e23bea71 Move environment variable reading logic to API.
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell f8c13ed69f Changelog++ 2015-11-04 09:42:07 -05:00
Jeff Mitchell 54d47957b5 Allow creating Consul management tokens
Fixes #714
2015-11-03 15:29:58 -05:00
Jeff Mitchell a4322afedb Merge pull request #746 from hashicorp/issue-677
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
Jeff Mitchell 4f6ad849b8 Merge pull request #703 from hashicorp/crlsets
Implement CRLs for the cert authentication backend
2015-11-03 15:13:08 -05:00
Jeff Mitchell 6ccded7a2f Add ability to create orphan tokens from the API 2015-11-03 15:12:21 -05:00
Jeff Mitchell bf2e553785 Add a PermitPool to physical and consul/inmem
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.

Fixes #677
2015-11-03 11:49:20 -05:00
Jeff Mitchell c7493fca65 Changelogify 2015-11-03 11:43:57 -05:00
Jeff Mitchell 59cc61cc79 Add documentation for CRLs and some minor cleanup. 2015-11-03 10:52:20 -05:00
Jeff Mitchell 195caa6bf6 Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
Fixes #739
2015-10-30 17:27:33 -04:00
Jeff Mitchell 1899bd8ef0 Merge pull request #730 from hashicorp/issue-713
Write HMAC-SHA256'd client token to audited requests
2015-10-30 13:36:22 -04:00
Jeff Mitchell ffa196da0e Note that the dev server does not fork
Fixes #710.
2015-10-30 12:47:56 -04:00
Jeff Mitchell 64eacd1564 Merge pull request #737 from hashicorp/issue-615
Return data on a token with one use left if there is no Lease ID
2015-10-30 12:42:19 -04:00
Jeff Mitchell a0c5a24c79 Update Postgres tests and changelogify 2015-10-30 12:41:45 -04:00
Jeff Mitchell 94b7be702b Return data on a token with one use left if there is no Lease ID
Fixes #615
2015-10-30 12:35:42 -04:00
Jeff Mitchell cf4b88c196 Write HMAC-SHA256'd client token to audited requests
Fixes #713
2015-10-29 13:26:18 -04:00
Jeff Mitchell e2d4a5fe0f Documentation update around path/key name encryption.
Make it clear that path/key names in generic are not encrypted.

Fixes #697
2015-10-29 11:21:40 -04:00
Jeff Mitchell 85d4dd6a1d Check TTL provided to generic backend on write
If existing entries have unparseable TTLs, return the value plus a
warning, rather than an error.

Fixes #718
2015-10-29 11:05:21 -04:00
Jeff Mitchell c1d8b97342 Add reset support to the unseal command.
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell 9026b5c127 Update changelog 2015-10-23 09:18:03 -04:00
Jeff Mitchell 691f9e9b92 Rewrap changelog 2015-10-20 12:57:42 -04:00
Jeff Mitchell ffe531923d Changelogify 2015-10-20 12:31:01 -04:00
Jeff Mitchell 35a7f0de22 Add '.' to GenericNameRegex; it cannot appear as the first or last
character. This allows its usage in a number of extra path-based
variables.

Ping #244
2015-10-13 16:04:10 -04:00
Jeff Mitchell 78b5fcdf51 Serialize changing the state of the expiration manager pointer and
calling emitMetrics from its own goroutine.

Fixes #694
2015-10-12 16:33:54 -04:00
Jeff Mitchell 9f0b1547bb Allow disabling the physical storage cache with 'disable_cache'.
Fixes #674.
2015-10-12 13:00:32 -04:00
Jeff Mitchell 55c26a909e Documentation updates to remove lease id and duration from generic
backend example.
2015-10-12 10:01:15 -04:00
Jeff Mitchell 5fbaa0e64d Apply mount-tune properties to the token authentication backend.
Fixes #688.
2015-10-09 20:26:39 -04:00
Jeff Mitchell ee92124357 Fix output of token-create help to use ttl instead of lease 2015-10-09 19:40:30 -04:00
Jeff Mitchell b5d674d94e Add 301 redirect checking to the API client.
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
2015-10-09 17:11:31 -04:00
Jeff Mitchell bf70b677b7 Add timeout to changelog 2015-10-08 19:47:16 -04:00
Jeff Mitchell d58a3b601c Add a cleanLeaderPrefix function to clean up stale leader entries in core/leader
Fixes #679.
2015-10-08 14:04:58 -04:00
Jeff Mitchell 0ca86fa2cd Changelogify 2015-10-07 16:18:39 -04:00
Jeff Mitchell 50b9129e65 Normalize policy names to lowercase on write. They are not currently
normalized when reading or deleting, for backwards compatibility.

Ping #676.
2015-10-07 13:52:21 -04:00
Jeff Mitchell 4a52de13e3 Add renew-self endpoint.
Fixes #455.
2015-10-07 12:49:13 -04:00
Jeff Mitchell ad840233eb Allow base64-encoded keys to be used on the CLI for init/rekey.
Fixes #653.
2015-10-06 12:47:01 -04:00
Jeff Mitchell de571c304d Add changelog entries for 0.3.1 and bump version in CLI 2015-10-06 11:03:55 -04:00