54d47957b5
Allow creating Consul management tokens
...
Fixes #714
2015-11-03 15:29:58 -05:00
a4322afedb
Merge pull request #746 from hashicorp/issue-677
...
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
4f6ad849b8
Merge pull request #703 from hashicorp/crlsets
...
Implement CRLs for the cert authentication backend
2015-11-03 15:13:08 -05:00
6ccded7a2f
Add ability to create orphan tokens from the API
2015-11-03 15:12:21 -05:00
bf2e553785
Add a PermitPool to physical and consul/inmem
...
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.
Fixes #677
2015-11-03 11:49:20 -05:00
c7493fca65
Changelogify
2015-11-03 11:43:57 -05:00
59cc61cc79
Add documentation for CRLs and some minor cleanup.
2015-11-03 10:52:20 -05:00
195caa6bf6
Implement LookupSelf, RevokeSelf, and RenewSelf in the API client
...
Fixes #739
2015-10-30 17:27:33 -04:00
1899bd8ef0
Merge pull request #730 from hashicorp/issue-713
...
Write HMAC-SHA256'd client token to audited requests
2015-10-30 13:36:22 -04:00
ffa196da0e
Note that the dev server does not fork
...
Fixes #710 .
2015-10-30 12:47:56 -04:00
64eacd1564
Merge pull request #737 from hashicorp/issue-615
...
Return data on a token with one use left if there is no Lease ID
2015-10-30 12:42:19 -04:00
a0c5a24c79
Update Postgres tests and changelogify
2015-10-30 12:41:45 -04:00
94b7be702b
Return data on a token with one use left if there is no Lease ID
...
Fixes #615
2015-10-30 12:35:42 -04:00
cf4b88c196
Write HMAC-SHA256'd client token to audited requests
...
Fixes #713
2015-10-29 13:26:18 -04:00
e2d4a5fe0f
Documentation update around path/key name encryption.
...
Make it clear that path/key names in generic are not encrypted.
Fixes #697
2015-10-29 11:21:40 -04:00
85d4dd6a1d
Check TTL provided to generic backend on write
...
If existing entries have unparseable TTLs, return the value plus a
warning, rather than an error.
Fixes #718
2015-10-29 11:05:21 -04:00
c1d8b97342
Add reset support to the unseal command.
...
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.
Fixes #695
2015-10-28 15:59:39 -04:00
9026b5c127
Update changelog
2015-10-23 09:18:03 -04:00
691f9e9b92
Rewrap changelog
2015-10-20 12:57:42 -04:00
ffe531923d
Changelogify
2015-10-20 12:31:01 -04:00
35a7f0de22
Add '.' to GenericNameRegex; it cannot appear as the first or last
...
character. This allows its usage in a number of extra path-based
variables.
Ping #244
2015-10-13 16:04:10 -04:00
78b5fcdf51
Serialize changing the state of the expiration manager pointer and
...
calling emitMetrics from its own goroutine.
Fixes #694
2015-10-12 16:33:54 -04:00
9f0b1547bb
Allow disabling the physical storage cache with 'disable_cache'.
...
Fixes #674 .
2015-10-12 13:00:32 -04:00
55c26a909e
Documentation updates to remove lease id and duration from generic
...
backend example.
2015-10-12 10:01:15 -04:00
5fbaa0e64d
Apply mount-tune properties to the token authentication backend.
...
Fixes #688 .
2015-10-09 20:26:39 -04:00
ee92124357
Fix output of token-create help to use ttl instead of lease
2015-10-09 19:40:30 -04:00
b5d674d94e
Add 301 redirect checking to the API client.
...
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
2015-10-09 17:11:31 -04:00
bf70b677b7
Add timeout to changelog
2015-10-08 19:47:16 -04:00
d58a3b601c
Add a cleanLeaderPrefix function to clean up stale leader entries in core/leader
...
Fixes #679 .
2015-10-08 14:04:58 -04:00
0ca86fa2cd
Changelogify
2015-10-07 16:18:39 -04:00
50b9129e65
Normalize policy names to lowercase on write. They are not currently
...
normalized when reading or deleting, for backwards compatibility.
Ping #676 .
2015-10-07 13:52:21 -04:00
4a52de13e3
Add renew-self endpoint.
...
Fixes #455 .
2015-10-07 12:49:13 -04:00
ad840233eb
Allow base64-encoded keys to be used on the CLI for init/rekey.
...
Fixes #653 .
2015-10-06 12:47:01 -04:00
de571c304d
Add changelog entries for 0.3.1 and bump version in CLI
2015-10-06 11:03:55 -04:00
6fe4139ac3
Changelogify++
2015-09-29 19:03:43 -07:00
6a7e87d471
Changelogify
2015-09-29 19:01:45 -07:00
62ac518ae7
Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend.
2015-09-25 10:41:21 -04:00
af27a99bb7
Remove JWT for the 0.3 release; it needs a lot of rework.
2015-09-24 16:23:44 -04:00
8fa7d3bd0b
Add revoke-self to docs
2015-09-24 12:05:00 -04:00
fb7c05d7f6
Reorder changelog slightly
2015-09-24 10:55:32 -04:00
07288b3dcb
Forgot to add JWT to the chnangelog
2015-09-23 14:26:31 -04:00
0454d04097
Minor typo fix
2015-09-23 10:07:55 -04:00
44166bb241
Update Changelog to 0.3
2015-09-22 11:44:28 -04:00
9860ea9e46
Update godeps
2015-09-22 10:15:06 -04:00
9f9f53adbf
CHANGELOG updates
2015-08-17 12:18:14 -07:00
2d32b0a1ca
Cutting v0.2.0
2015-07-13 19:40:01 +10:00
190400a456
CHANGELOG updates
2015-07-13 19:34:11 +10:00
8a4d6487f4
CHANGELOG updates
2015-07-13 17:08:30 +10:00
334dbe430c
CHANGELOG updates
2015-07-08 16:58:25 -06:00
eb51cdb8c8
CHANGELOG update is bolded
2015-07-06 11:20:55 -06:00
Jeff Mitchell