Commit graph

3377 commits

Author SHA1 Message Date
Jeff Mitchell 2e1b12112a Merge pull request #1283 from hashicorp/ldap-nogroupdn-warn
If no group DN is configured, still look for policies on local users and
2016-04-02 13:13:27 -04:00
Jeff Mitchell 40325b8042 If no group DN is configured, still look for policies on local users and
return a warning, rather than just trying to do an LDAP search on an
empty string.
2016-04-02 13:11:36 -04:00
Jeff Mitchell 1b7335cf4e Fix up the meta common options text function to not strip leading space and fix up commands 2016-04-01 16:50:12 -04:00
Jeff Mitchell b0888e8af1 Remove config from Meta; it's only used right now with the token helper. 2016-04-01 16:02:18 -04:00
Jeff Mitchell a137081241 Move token helper out of meta 2016-04-01 14:23:15 -04:00
Jeff Mitchell 133d9c1008 Move meta into its own package 2016-04-01 13:16:05 -04:00
Riley Guerin 5620e00f9c fix typo 2016-04-01 07:49:25 -07:00
Riley Guerin 0fac5b906e change github example team to admins
somewhat recently github has gone away from the previous model of an "owners" team 
https://help.github.com/articles/converting-your-previous-owners-team-to-the-improved-organization-permissions/

you can be an "Owner" of the org still but this does not map to vault as one *might* expect given these docs
2016-04-01 07:48:54 -07:00
Jeff Mitchell 18c8b6eba8 Update 0.6 upgrade info 2016-04-01 10:11:32 -04:00
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 7d20380c42 Merge pull request #1280 from hashicorp/remove-ts-revoke-prefix
Remove auth/token/revoke-prefix in favor of sys/revoke-prefix.
2016-04-01 09:48:52 -04:00
Jeff Mitchell 9a992f93f7 changelog++ 2016-03-31 20:17:30 -04:00
Jeff Mitchell 2b2541e13f Merge pull request #1277 from hashicorp/suprious-revoke-timer-logs
Keep the expiration manager from keeping old token entries.
2016-03-31 20:16:31 -04:00
Jeff Mitchell 2efaf5272c Documentation update 2016-03-31 18:07:43 -04:00
Jeff Mitchell 2fd02b8dca Remove auth/token/revoke-prefix in favor of sys/revoke-prefix. 2016-03-31 18:04:05 -04:00
Jeff Mitchell 7a6df4a8ab changelog++ 2016-03-31 17:43:44 -04:00
Vishal Nayak 86ba95e1b2 Merge pull request #1278 from hashicorp/ts-prefix-checkpath
Check for auth/ in the path of the prefix for revoke-prefix in the token
2016-03-31 16:41:18 -04:00
Jeff Mitchell 7442867d53 Check for auth/ in the path of the prefix for revoke-prefix in the token
store.
2016-03-31 16:21:56 -04:00
Jeff Mitchell 25b2320899 changelog++ 2016-03-31 15:38:21 -04:00
Jeff Mitchell 75650ec1ad Keep the expiration manager from keeping old token entries.
The expiration manager would never be poked to remove token entries upon
token revocation, if that revocation was initiated in the token store
itself. It might have been to avoid deadlock, since during revocation of
tokens the expiration manager is called, which then calls back into the
token store, and so on.

This adds a way to skip that last call back into the token store if we
know that we're on the revocation path because we're in the middle of
revoking a token. That way the lease is cleaned up. This both prevents
log entries appearing for already-revoked tokens, and it also releases
timer/memory resources since we're not keeping the leases around.
2016-03-31 15:10:25 -04:00
Jeff Mitchell 1915582a24 Merge pull request #1276 from hashicorp/token-roles-blank-policies
Two items:
2016-03-31 15:09:32 -04:00
Jeff Mitchell ddce1efd0d Two items:
1: Fix path check in core to handle renew paths from the token store
that aren't simply renew/
2: Use token policy logic if token store role policies are empty
2016-03-31 14:52:49 -04:00
Seth Vargo 36215ab5df Merge pull request #1275 from gdevos/patch-2
Update index.html.md
2016-03-31 14:35:06 +02:00
Gérard de Vos eadf2faf83 Update index.html.md
According to the source it is expecting a description. log_raw is one of the options.
2016-03-31 14:19:03 +02:00
Seth Vargo cdf6e5d1ee Merge pull request #1274 from gdevos/patch-1
Update index.html.md
2016-03-31 14:07:27 +02:00
Gérard de Vos 13763203b6 Update index.html.md
description -> log_raw
2016-03-31 14:06:19 +02:00
Tobias Haag 175e3cc354 added Azure backend support
updated Godeps
added website docs
updated vendor
2016-03-30 19:49:38 -07:00
Jeff Mitchell 7fd5a679ca Fix potential error scoping issue.
Ping #1262
2016-03-30 19:48:23 -04:00
Jeff Mitchell 1be69ae235 Sort infokeys on startup and add more padding 2016-03-30 12:31:47 -04:00
Jeff Mitchell e6d20d1356 Merge pull request #1271 from jangie/patch-1
Update consul.html.md
2016-03-30 10:14:29 -04:00
Jang-Soo "Bruce" Lee 36d22a0c8d Update consul.html.md 2016-03-30 09:57:14 -04:00
Vishal Nayak 9932efea08 Merge pull request #1268 from hashicorp/fix-audit-doc
Fix audit docs
2016-03-30 00:55:39 -04:00
vishalnayak 7a34cea28d Fix audit docs 2016-03-30 00:54:40 -04:00
Jeff Mitchell 3cfcd4ddf1 Check for nil connection back from go-ldap, which apparently can happen even with no error
Ping #1262
2016-03-29 10:00:04 -04:00
Jeff Mitchell bff4dace78 changelog++ 2016-03-24 10:34:52 -04:00
Jeff Mitchell 37b5697779 Merge pull request #1258 from hashicorp/issue-1256
Properly check for policy equivalency during renewal.
2016-03-24 10:33:56 -04:00
Jeff Mitchell c50276ec17 Fix using wrong var 2016-03-24 10:23:09 -04:00
Jeff Mitchell 17613f5fcf Removing debugging comment 2016-03-24 09:48:13 -04:00
Jeff Mitchell 4c4a65ebd0 Properly check for policy equivalency during renewal.
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
2016-03-24 09:41:51 -04:00
Vishal Nayak a64de522b9 Merge pull request #1255 from hashicorp/revert-1254-master
Revert "Change mysql connection to match new"
2016-03-23 15:18:49 -04:00
Vishal Nayak 05b4c7102f Revert "Change mysql connection to match new" 2016-03-23 15:18:09 -04:00
Vishal Nayak 5399d0c087 Merge pull request #1254 from shokunin/master
Change mysql connection to match new
2016-03-23 15:13:18 -04:00
Chris Mague e27bcaf9a4 Change mysql connection to match new
Documentation update to reflect mysql config connection from the old to the newer format
2016-03-23 12:09:06 -07:00
Vishal Nayak 5e15ebdb43 Merge pull request #1252 from adkhare/master
Update userpass.html.md
2016-03-23 10:54:10 -04:00
Amit Khare 218a713293 Update userpass.html.md 2016-03-23 10:47:28 -04:00
Jeff Mitchell 90ebf0bf99 changelog++ 2016-03-23 10:08:04 -04:00
Jeff Mitchell 27bf5b7048 Merge pull request #1251 from hashicorp/remove-usecsrvalues-isca-check
Remove check for using CSR values with non-CA certificate.
2016-03-23 10:07:07 -04:00
Jeff Mitchell dfc5a745ee Remove check for using CSR values with non-CA certificate.
The endpoint enforces whether the certificate is a CA or not anyways, so
this ends up not actually providing benefit and causing a bug.

Fixes #1250
2016-03-23 10:05:38 -04:00
Jeff Mitchell 528b25c5f4 Merge HA Backend objects 2016-03-21 16:56:13 -04:00
Jeff Mitchell 16f5a68a78 Merge pull request #1238 from jippi/patch-1
Update sys-step-down.html.md
2016-03-20 13:34:12 -04:00