Jeff Mitchell
b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd ( #8996 )
2020-05-14 18:45:10 -04:00
Vishal Nayak
934186ba82
Vendor update
2020-05-12 18:05:47 -04:00
Calvin Leung Huang
e7af25b969
raft: use file paths for TLS info in the retry_join block ( #8894 )
...
* raft: use file paths for TLS info in the retry_join stanza
* raft: maintain backward compat for existing tls params
* docs: update raft docs with new file-based TLS params
* Update godoc comment, fix docs
2020-05-06 18:26:08 -07:00
Vladimir Dimitrov
34f01920e9
Added plugin reload function to api ( #8777 )
...
* Added plugin reload function to api
* Apply suggestions from code review
Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>
* go mod vendor
* addressing comments
* addressing comments
* add docs
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-05-04 11:14:23 -07:00
ncabatoff
55609f1d38
Ensure that the .vault-token file writen by vault login
always has the correct permissions and ownership. ( #8867 )
2020-04-27 19:55:13 -04:00
Becca Petrin
3b420b0735
Add helper for aliasmetadata and add to AWS auth ( #8783 )
...
* add aliasmetadata sdk helper and add to aws auth
* split into ec2_metadata and iam_metadata fields
* fix tests
* strip pointer
* add test of default metadata
* more test <3
* switch from interface to custom marshallers
* add tests for marshalling
* store nil when selected fields are default
* separate loop into pieces
* separate acc test into multiple
* Update builtin/credential/aws/path_login.go
Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
* changes from feedback
* update aws test
* refactor to also populate auth metadata
* update how jsonification is tested
* only add populated metadata values
* add auth_type to ec2 logins
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-04-27 10:06:07 -07:00
Jim Kalafut
b7fc72d5ec
Update go.mod and vendoring ( #8752 )
...
This primarily ports updates made during the 1.4 release to master.
2020-04-16 12:07:07 -07:00
Jim Kalafut
5c4796bb55
Update MongoDB Atlas secrets plugin ( #8669 )
2020-04-03 15:47:17 -07:00
Michel Vocks
b216d75938
Fix outdated comment about logical request path ( #8653 )
2020-04-02 08:53:16 +02:00
ncabatoff
c9ff95ec70
Update to go-metrics 1.3.3 for Prometheus performance improvements. ( #8507 )
2020-03-09 09:54:55 -04:00
Jorge Heleno
a9e864f5e3
Add LDAP anonymous group search and client certs ( #8365 )
2020-03-06 10:27:09 -08:00
Jason O'Donnell
524e871343
secrets/openldap: update go.mod ( #8475 )
...
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-03-06 11:52:28 -05:00
Brian Kassouf
d4f72f792f
go mod vendor
2020-02-20 10:15:11 -08:00
Sam Salisbury
b929348a31
go mod vendor
2020-02-20 09:16:19 +00:00
ncabatoff
e5721310ac
Add persistent feature flags to be used on enterprise non-primaries. ( #8391 )
2020-02-19 18:06:53 -05:00
Jim Kalafut
2e8826744f
Update plugin dependencies ( #8371 )
...
* Update plugin dependencies
* Update vendoring
2020-02-18 09:55:04 -08:00
JulesRenz
c54c8c92bd
RSA3072 implementation in transit secrets engine ( #8151 )
...
* RSA3072 implementation in transit secrets engine
* moved new KeyType at the end of the list
So already stored keys still work properly
Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-15 14:40:50 -08:00
Jeff Mitchell
844b2c3a5d
Bump API/SDK and adapt to move from SDK stuff
2020-02-15 14:58:05 -05:00
Brian Kassouf
157f8887f8
go mod vendor
2020-02-15 11:40:53 -08:00
Jason O'Donnell
dd9f25a118
Add OpenLDAP Secret Plugin ( #8360 )
...
* Add openldap secret plugin
* go mod vendor
* Revert to go-ldap 3.1.3
* go mod vendor
2020-02-15 13:21:07 -05:00
Brian Kassouf
e2da4529c2
go mod vendor
2020-02-14 16:40:05 -08:00
Jeff Mitchell
38679f4baa
Update vendoring
2020-02-14 17:55:06 -05:00
Becca Petrin
5f19ff828c
update kerberos dependency ( #8353 )
2020-02-14 11:13:28 -08:00
Michel Vocks
985acc4ce5
Fix ldap client upndomain ( #8333 )
2020-02-14 10:26:30 -08:00
Becca Petrin
5a01a5af0f
Add Kubernetes service registration ( #8249 )
2020-02-13 09:56:29 -08:00
Jeff Malnick
27ad920399
Add redshift database plugin ( #8299 )
...
* feat: add redshift database plugin
* build: update vendored libraries
* docs: add reference doc for redshift variant of the database secrets engine
* feat: set middlewear type name for better metrics naming (#8346 )
Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 09:42:30 -08:00
Jim Kalafut
2ee7b76469
Bundle MongoDB Atlas ( #8309 )
2020-02-07 14:09:39 -08:00
Becca Petrin
1459544630
update from github.com/hashicorp/gokrb5 to github.com/jcmturner/gokrb5/v8 ( #8296 )
2020-02-05 14:23:22 -08:00
Michel Vocks
2bde6a3a5a
Bump etcd client API dep ( #8037 )
2020-01-29 15:16:38 +01:00
Michel Vocks
f695eb737b
Add Consul TLS options to access API endpoint ( #8253 )
2020-01-29 09:44:35 +01:00
Michel Vocks
90f1d3813d
Fix redoing redirect response raft snapshot cli ( #8211 )
...
* Fix redoing redirect response raft snapshot cli
* Removed unnecessary lines of code
* go mod vendor
2020-01-27 11:25:52 +01:00
Becca Petrin
759f9b38f7
Observer pattern for service registration interface ( #8123 )
...
* use observer pattern for service discovery
* update perf standby method
* fix test
* revert usersTags to being called serviceTags
* use previous consul code
* vault isnt a performance standby before starting
* log err
* changes from feedback
* add Run method to interface
* changes from feedback
* fix core test
* update example
2020-01-24 09:42:03 -08:00
Jeff Mitchell
1ba3b87eab
Bump sdk
2020-01-23 14:25:35 -05:00
Jeff Mitchell
ef44e226a9
Bump sdk and go-hclog and vendor
2020-01-23 14:12:19 -05:00
Jeff Mitchell
3956072c93
Update test var name and tidy
2020-01-16 20:18:59 -05:00
Michel Vocks
13ebf5460c
Add TLS options per Nomad backend ( #8083 )
2020-01-15 11:03:38 +01:00
Jeff Mitchell
80408beabe
Bump go-kms-wrapping dep to fix a nil pointer in tests
2020-01-13 09:28:49 -05:00
Jeff Mitchell
c5f9f8fc05
Update go-kms-wrapping dep
2020-01-13 09:25:11 -05:00
Jeff Mitchell
78a1d51a3a
Update vendoring
2020-01-10 20:50:36 -05:00
Jeff Mitchell
a0694943cc
Migrate built in auto seal to go-kms-wrapping ( #8118 )
2020-01-10 20:39:52 -05:00
Becca Petrin
c2894b8d05
Add Kerberos auth agent ( #7999 )
...
* add kerberos auth agent
* strip old comment
* changes from feedback
* strip appengine indirect dependency
2020-01-09 14:56:34 -08:00
Jim Kalafut
aa1761fb03
Update framework forwarding logic to handle nil system views ( #8114 )
2020-01-08 05:59:44 -08:00
Jim Kalafut
2d859d83ea
Update vendoring ( #8111 )
2020-01-07 14:14:45 -08:00
Michel Vocks
d4d82cdd4a
Fix MySQL Plugin password special character escape bug ( #8040 )
...
* Fix MySQL password escape bug
* Add test
* Add debug output
* Add debug line
* Added debug output
* Debug
* Debug
* Update vendor
* Remove debug comments
2020-01-07 16:51:49 +01:00
Brian Kassouf
549faf47f2
Add identity templating helper to sdk/framework ( #8088 )
...
* Add identity templating helper to sdk/framework
* Cleanup a bit
* Fix length issue when groups/aliases are filtered due to ns
* review feedback
2020-01-06 10:16:52 -08:00
Jeff Mitchell
d873e7ba3c
Update master's sdk/api
2019-12-18 16:36:50 -05:00
Becca Petrin
a594371f75
vendor api client portmap updates ( #8042 )
2019-12-18 11:08:23 -08:00
Becca Petrin
3d7cdea66f
Avoid potential panic in LDAP client ( #8047 )
...
* fix potential panic
* add comment
* vendor the ldap update
* use localhost in test
2019-12-17 16:33:59 -08:00
Becca Petrin
a7383b6d86
Add Kerberos SPNEGO auth plugin ( #7908 )
2019-12-11 11:18:37 -08:00
ncabatoff
fde5e55ce9
Handle otherName SANs in CSRs ( #6163 )
...
If a CSR contains a SAN of type otherName, encoded in UTF-8, and the signing role specifies use_csr_sans, the otherName SAN will be included in the signed cert's SAN extension.
Allow single star in allowed_other_sans to match any OtherName. Update documentation to clarify globbing behaviour.
2019-12-11 10:16:44 -05:00