9550ac565e
Merge pull request #750 from svanharmelen/f-configurable-s3-endpoint
...
Add an option to configure the S3 endpoint
2015-11-04 09:40:44 -05:00
4ad533a5ba
Add a line to the documentation to describe the new feature
2015-11-04 15:36:24 +01:00
c65b63d152
Add an option to configure the S3 endpoint
...
This enables the use of other (AWS S3 compatible) S3 endpoints.
2015-11-04 15:04:36 +01:00
94b15b78bc
Update godeps
2015-11-04 08:53:58 -05:00
d4e2dc2e72
Merge pull request #745 from hashicorp/issue-714
...
Allow creating Consul management tokens
2015-11-03 15:30:13 -05:00
54d47957b5
Allow creating Consul management tokens
...
Fixes #714
2015-11-03 15:29:58 -05:00
a4322afedb
Merge pull request #746 from hashicorp/issue-677
...
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
7f44a1b812
Add configuration parameter for max parallel connections to Consul
2015-11-03 15:26:07 -05:00
73e3aa1d64
Add create-orphan to documentation
2015-11-03 15:15:33 -05:00
4f6ad849b8
Merge pull request #703 from hashicorp/crlsets
...
Implement CRLs for the cert authentication backend
2015-11-03 15:13:08 -05:00
c794c1ea11
Merge pull request #748 from hashicorp/create-orphan-http
...
Add ability to create orphan tokens from the API
2015-11-03 15:12:42 -05:00
6ccded7a2f
Add ability to create orphan tokens from the API
2015-11-03 15:12:21 -05:00
1b83eefd97
Address review feedback
2015-11-03 14:48:05 -05:00
bf2e553785
Add a PermitPool to physical and consul/inmem
...
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.
Fixes #677
2015-11-03 11:49:20 -05:00
c7493fca65
Changelogify
2015-11-03 11:43:57 -05:00
d3f7546602
Fix trailing whitespace complaints
2015-11-03 10:52:20 -05:00
5e72453b49
Use TypeDurationSecond instead of TypeString
2015-11-03 10:52:20 -05:00
f0a25ed581
Clarify that CRLs are not fetched by Vault
2015-11-03 10:52:20 -05:00
154fc24777
Address first round of feedback from review
2015-11-03 10:52:20 -05:00
59cc61cc79
Add documentation for CRLs and some minor cleanup.
2015-11-03 10:52:20 -05:00
5d562693bd
Add tests for the crls path, and fix a couple bugs
2015-11-03 10:52:20 -05:00
b6b62f7dc1
Drastically simplify the method and logic; keep an in-memory cache and use that for most operations, only affecting the backend storage when needed.
2015-11-03 10:52:20 -05:00
c66f0918be
Add delete method, and ability to delete only one serial as well as an entire set.
2015-11-03 10:52:20 -05:00
be1a2266cc
Add CRLSets endpoints; write method is done. Add verification logic to
...
login path. Change certs "ttl" field to be a string to match common
backend behavior.
2015-11-03 10:52:19 -05:00
62eef4e711
Merge pull request #744 from hashicorp/issue-733
...
Run preSeal if postUnseal fails.
2015-11-03 10:50:23 -05:00
6f6646fc24
Update deps
2015-11-02 13:43:12 -05:00
a9db12670a
errwrap -> go-multierror + errwrap
2015-11-02 13:29:33 -05:00
7e9918ec8e
Run preSeal if postUnseal fails.
...
This also ensures that every error path out of postUnseal returns an
error.
Fixes #733
2015-11-02 13:29:33 -05:00
4c9d6c7624
Merge pull request #741 from hashicorp/sethvargo/update_deps
...
Update deps
2015-11-02 12:21:36 -05:00
658bc0634a
Fix breaking API changes
2015-10-30 18:22:48 -04:00
3e15a1f056
Update deps
2015-10-30 18:07:00 -04:00
af37736a38
Merge pull request #740 from hashicorp/issue-739
...
Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
2015-10-30 17:28:18 -04:00
195caa6bf6
Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
...
Fixes #739
2015-10-30 17:27:33 -04:00
80705b7963
If we fail to open a file path, show which it is in the error output
2015-10-30 14:30:21 -04:00
1899bd8ef0
Merge pull request #730 from hashicorp/issue-713
...
Write HMAC-SHA256'd client token to audited requests
2015-10-30 13:36:22 -04:00
ffa196da0e
Note that the dev server does not fork
...
Fixes #710 .
2015-10-30 12:47:56 -04:00
64eacd1564
Merge pull request #737 from hashicorp/issue-615
...
Return data on a token with one use left if there is no Lease ID
2015-10-30 12:42:19 -04:00
a0c5a24c79
Update Postgres tests and changelogify
2015-10-30 12:41:45 -04:00
94b7be702b
Return data on a token with one use left if there is no Lease ID
...
Fixes #615
2015-10-30 12:35:42 -04:00
bd17b74456
Merge pull request #736 from hashicorp/issue-699
...
Revoke permissions before dropping user in postgresql.
2015-10-30 12:01:03 -04:00
2d8e3b35f2
Revoke permissions before dropping user in postgresql.
...
Currently permissions are not revoked, which can lead revocation to not
actually work properly. This attempts to revoke all permissions and only
then drop the role.
Fixes issue #699
2015-10-30 11:58:52 -04:00
24f1da837e
Merge pull request #735 from hashicorp/unexport-create-roottoken
...
Make the token store's Create and RootToken functions non-exported.
2015-10-30 11:04:29 -04:00
636d57a026
Make the token store's Create and RootToken functions non-exported.
...
Nothing requires them to be exported, and I don't want anything in the
future to think it's okay to simply create a root token when it likes.
2015-10-30 10:59:26 -04:00
541312ebee
Merge pull request #731 from hashicorp/sethvargo/trail
...
Force a trailing slash
2015-10-29 16:22:52 -04:00
f83eba4666
Force a trailing slash
2015-10-29 16:21:39 -04:00
cf4b88c196
Write HMAC-SHA256'd client token to audited requests
...
Fixes #713
2015-10-29 13:26:18 -04:00
528e859c4b
Fix wording
2015-10-29 12:58:29 -04:00
b30705479e
Merge pull request #729 from hashicorp/issue-697
...
Documentation update around path/key name encryption.
2015-10-29 11:22:50 -04:00
e2d4a5fe0f
Documentation update around path/key name encryption.
...
Make it clear that path/key names in generic are not encrypted.
Fixes #697
2015-10-29 11:21:40 -04:00
6198f5d08b
Merge pull request #728 from hashicorp/issue-718
...
Check TTL provided to generic backend on write
2015-10-29 11:06:30 -04:00
Jeff Mitchell