a14ed7f48d
Sync in plugin updates
2017-12-21 08:31:20 -05:00
580b592f40
changelog++
2017-12-19 17:13:01 -05:00
821d62c1cc
Allow log level to be specified in an env var ( #3721 )
2017-12-19 17:12:23 -05:00
0fe05f544d
changelog++
2017-12-19 17:03:27 -05:00
92aaebd20e
Bust recovery cache after unsealed is set true to force migration
2017-12-19 16:22:09 -05:00
312db6cc02
fix consul tls settings ( #3719 )
2017-12-19 14:24:21 -05:00
d68cc66954
check schema and table before create it ( #3716 )
2017-12-19 14:23:58 -05:00
7e033efa4c
Revert grabbing lock in database Connection funcs
2017-12-19 12:53:21 -05:00
e6d60ee551
Clarify control group APIs are enterprise only.
...
Fixes #3702
2017-12-19 11:00:02 -05:00
be47ecc215
Add lock to sql connection as well
2017-12-19 10:38:26 -05:00
15df4d1f36
Add lock and close check on cassandra as well
2017-12-19 10:26:46 -05:00
3cf61a5d8f
Ping the mongo session when the connection is retrieved.
...
This was in the deprecated backend where it fixed a similar issue a long
time ago but for some reason didn't make it over. Additionally the
function wasn't being locked properly.
Hopefully fixes #2973
2017-12-19 10:11:04 -05:00
a97b8c6f30
secret/database: Fix upgrading database backend ( #3714 )
2017-12-18 19:38:47 -08:00
4ac36c8e88
changelog++
2017-12-18 15:31:40 -05:00
c4e951efb8
Add period and max_ttl to cert role creation ( #3642 )
2017-12-18 15:29:45 -05:00
27cdb42258
Added example for Azure SQL Database ( #3700 )
2017-12-18 13:55:56 -05:00
b1aee36251
short circuit cert extensions check ( #3712 )
2017-12-18 13:19:05 -05:00
313360a686
changelog++
2017-12-18 13:07:05 -05:00
30f8c8d80c
changelog++
2017-12-18 12:55:16 -05:00
cf3e284396
Use Custom Cert Extensions as Cert Auth Constraint ( #3634 )
2017-12-18 12:53:44 -05:00
08f73e4a50
Merge pull request #3695 from hashicorp/creds-period-logic
2017-12-18 12:40:03 -05:00
ff23426e98
Merge pull request #3401 from hashicorp/f-nomad
2017-12-18 12:24:10 -05:00
77a7c52392
Merge branch 'master' into f-nomad
2017-12-18 12:23:39 -05:00
98e04c42d3
Correct documentation for Kubernetes Auth Plugin ( #3708 )
2017-12-18 12:12:08 -05:00
254a5c90db
changelog++
2017-12-18 11:42:03 -05:00
69a0457dda
changelog++
2017-12-18 10:32:02 -05:00
7f9815f186
changelog++
2017-12-18 10:15:29 -05:00
2225b20ec9
Fix up comment
2017-12-18 10:11:24 -05:00
82fd89b3b3
Support Incrementing Lease TTL in Renew api ( #3688 )
2017-12-18 10:09:59 -05:00
516cadd863
changelog++
2017-12-18 10:06:39 -05:00
9630f93845
Fix audited request header lookup ( #3707 )
...
The headers are stored lowercased but the lookup function wasn't
properly lowercasing when indexing in the header map.
Fixes #3701
2017-12-18 10:05:51 -05:00
feaef93fb6
changelog++
2017-12-18 10:00:04 -05:00
e7faad641c
Add Duo MFA to the Github backend ( #3696 )
2017-12-18 09:59:17 -05:00
0bacec0184
adding recovery info to seal status ( #3706 )
2017-12-18 09:58:14 -05:00
edab61c204
Pull in new go-cleanhttp to fix data race
2017-12-18 09:40:22 -05:00
e320d0580a
physical/dynamodb: Clarify ha_enabled type ( #3703 )
...
The example in the documentation correctly passes a quoted boolean (i.e.
true or false as a string) instead of a "real" HCL boolean. This commit
corrects the parameter list to document that fact.
While it would be more desirable to change the implementation to accept
an unquoted boolean, it seems that the use of `hcl.DecodeObject` for
parameters which are not common to all storage back ends would make this
a rather more involved change than this necessarily warrants.
2017-12-18 09:30:29 -05:00
618b52d72d
docs: Add correct method for mlock on systemd ( #3704 )
...
Although the previously described method of running setcap works if
setcap is available, the built-in LimitMEMLOCK directive is better.
2017-12-18 09:29:37 -05:00
446b87ee0e
added the missing nonce and type fields ( #3694 )
2017-12-17 16:26:07 -05:00
400d738403
use defaultconfig as base, adding env var test
2017-12-17 10:51:39 -05:00
f6bed8b925
fixing up config to allow environment vars supported by api client
2017-12-17 09:10:56 -05:00
685b4a27e4
Use cleanhttp.PrintablePathCheckHandler to handle non-printable chara… ( #3697 )
2017-12-15 20:19:37 -05:00
ef56322369
Merge remote-tracking branch 'oss/master' into f-nomad
...
* oss/master:
Add support for encrypted TLS key files (#3685 )
2017-12-15 19:51:28 -05:00
b08606b320
adding existence check for roles
2017-12-15 19:50:20 -05:00
b904d28d82
adding access config existence check and delete endpoint
2017-12-15 19:18:32 -05:00
164849f056
Add support for encrypted TLS key files ( #3685 )
2017-12-15 17:33:55 -05:00
997a1453e7
Use shortMaxTTL on Ec2 paths
2017-12-15 17:29:40 -05:00
c71f596fbd
address some feedback
2017-12-15 17:06:56 -05:00
db0006ef65
Merge remote-tracking branch 'oss/master' into f-nomad
...
* oss/master:
Defer reader.Close that is used to determine sha256
changelog++
Avoid unseal failure if plugin backends fail to setup during postUnseal (#3686 )
Add logic for using Auth.Period when handling auth login/renew requests (#3677 )
plugins/database: use context with plugins that use database/sql package (#3691 )
changelog++
Fix plaintext backup in transit (#3692 )
Database gRPC plugins (#3666 )
2017-12-15 17:05:42 -05:00
fe7ce434e4
Update logic on renew paths
2017-12-15 16:26:42 -05:00
643451d46a
Update login logic for aws creds backend
2017-12-15 16:18:19 -05:00
Jeff Mitchell