Commit graph

6009 commits

Author SHA1 Message Date
Jeff Mitchell 7068292252 Update/clarify docs on generic backend ttl.
Ping #2697
2017-05-09 09:56:11 -04:00
Jeff Mitchell 8a83389542 changelog++ 2017-05-09 09:51:40 -04:00
Jeff Mitchell 45eaa7ad01 Increase plugin wrapping token time to 60 seconds; 10 can be too short as seen in tests 2017-05-09 09:50:07 -04:00
Jeff Mitchell 5b3d80042e Fix mount test 2017-05-09 09:49:45 -04:00
Jeff Mitchell e98690d00c Ensure we aren't leaking any open FDs in the file backend if we hit certain error conditions 2017-05-09 09:24:43 -04:00
Jeff Mitchell 185ba8a1c3 Only run cassandra tests on Travis for right now 2017-05-09 08:36:20 -04:00
Jeff Mitchell e3c8be72cc Fix local check on singleton required mounts 2017-05-09 08:36:10 -04:00
Jeff Mitchell a3191995e6
Cut version 0.7.2 2017-05-08 17:11:53 -04:00
Jeff Mitchell 7763b15493 Bump versions 2017-05-08 16:19:41 -04:00
Jeff Mitchell 571fef0eda changelog++ 2017-05-08 16:18:22 -04:00
Jeff Mitchell 490b01d6d8 Add salt mutex to app-id (#2690) 2017-05-08 16:15:24 -04:00
Jeff Mitchell 92e3758291 Don't hash time.Time values in return data maps, they may be useful for reconciling values and are not generally secret 2017-05-08 14:19:42 -04:00
Mitchell Hashimoto c29ee275ce audit: hash time.Time values in map fields (#2689)
This enables audit.Hash to hash time.Time values that may exist as
direct fields in the map. This will error (instead of panic) for any
time.Time values that don't occur within map values. For example, this
does not support a time.Time within a slice. If that needs to be
supported then modifications will need to be made.

This also requires an update to reflectwalk (included in this PR). This
is a minimal change that allows SkipEntry to signal to skip an entire
struct. We do this because we don't want to walk any of time.Time since
we handle it directly.
2017-05-08 14:06:08 -04:00
Jeff Mitchell e0c2b37c2a Add commenting to singletonMountTables 2017-05-08 13:39:18 -04:00
Jeff Mitchell f50d345fa3 Fix imports.
Closes #2688
2017-05-08 10:23:29 -04:00
Jeff Mitchell 726bd6f379 Don't load a required mount if in secondary mode, let sync invalidate do that 2017-05-05 19:40:26 -04:00
Jeff Mitchell 3aafb3270c Move singleton mount fetching function to mount.go and fix tests 2017-05-05 17:20:30 -04:00
Jeff Mitchell b53331d345 Add token to singleton mounts 2017-05-05 16:45:48 -04:00
Jeff Mitchell 051f670b19 Merge pull request #2682 from hashicorp/skip-init
Add logic to skip initialization in some cases and some invalidation logic
2017-05-05 16:44:37 -04:00
Jeff Mitchell 6f6f242061 Add logic to skip initialization in some cases and some invalidation logic 2017-05-05 15:01:52 -04:00
Jeff Mitchell 5f99def25b
Cut version 0.7.1 2017-05-05 11:58:40 -04:00
Jeff Mitchell f1fb1e50a5 Prep for 0.7.1 2017-05-05 11:46:43 -04:00
Jeff Mitchell b9244d71da changelog++ 2017-05-05 11:39:52 -04:00
vishalnayak fa201f2505 auth/token/tidy log level update 2017-05-05 11:16:13 -04:00
Jeff Mitchell 5160a13818 Merge pull request #2452 from hashicorp/sys-tidy-leases
Cleaning of stale leases
2017-05-05 10:54:25 -04:00
Jeff Mitchell 55ef4f2566 Merge branch 'master-oss' into sys-tidy-leases 2017-05-05 10:53:41 -04:00
Jeff Mitchell b482043de1 Update debugging around tidy 2017-05-05 10:48:12 -04:00
Jeff Mitchell 91e790867f Address feedback 2017-05-05 10:26:40 -04:00
Brian Kassouf 61f115ba81 Update postgresql.html.md 2017-05-04 17:56:09 -07:00
Brian Kassouf 20cc43bf18 Update mysql-maria.html.md 2017-05-04 17:55:50 -07:00
Brian Kassouf 913a112681 Update mssql.html.md 2017-05-04 17:55:30 -07:00
Brian Kassouf 0a8ee02065 changelog++ 2017-05-04 15:29:05 -07:00
Brian Kassouf 24b27f99f8 Changelog++ 2017-05-04 15:27:43 -07:00
Brian Kassouf 258ac427ad Merge pull request #2200 from hashicorp/database-refactor
Combined Database Backend with Plugins
2017-05-04 14:08:02 -07:00
Brian Kassouf 16e6f9640d Few docs updates 2017-05-04 14:07:12 -07:00
Jeff Mitchell 13940b59e4 changelog++ 2017-05-04 16:59:44 -04:00
Jeff Mitchell f01b413d8d Make path-help request forward (#2677) 2017-05-04 16:58:50 -04:00
Calvin Leung Huang c0ce0ae499 Merge branch 'database-refactor' of github.com:hashicorp/vault into database-refactor 2017-05-04 16:46:47 -04:00
Calvin Leung Huang b49993f81f Update mssql docs 2017-05-04 16:46:34 -04:00
Brian Kassouf 3c41bdfa16 update docs 2017-05-04 13:38:49 -07:00
Brian Kassouf a255cd9b93 changelog++ 2017-05-04 12:49:47 -07:00
Brian Kassouf 812841ff38 changelog++ 2017-05-04 12:48:52 -07:00
Brian Kassouf 7dcec6e68f Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 12:40:00 -07:00
Brian Kassouf 2d6dfbf147 Don't store the plugin directory prepended command in the barrier, prepend on get 2017-05-04 12:36:06 -07:00
Brian Kassouf 82b58d5b9c Update docs and return a better error message 2017-05-04 11:45:27 -07:00
mymercurialsky 4c0e3c5d2f Implemented TOTP Secret Backend (#2492)
* Initialized basic outline of TOTP backend using Postgresql backend as template

* Updated TOTP backend.go's structure and help string

* Updated TOTP path_roles.go's structure and help strings

* Updated TOTP path_role_create.go's structure and help strings

* Fixed typo in path_roles.go

* Fixed errors in path_role_create.go and path_roles.go

* Added TOTP secret backend information to cli commands

* Fixed build errors in path_roles.go and path_role_create.go

* Changed field values of period and digits from uint to int, added uint conversion of period when generating passwords

* Initialized TOTP test file based on structure of postgresql test file

* Added enforcement of input values

* Added otp library to vendor folder

* Added test steps and cleaned up errors

* Modified read credential test step, not working yet

* Use of vendored package not allowed - Test error

* Removed vendor files for TOTP library

* Revert "Removed vendor files for TOTP library"

This reverts commit fcd030994bc1741dbf490f3995944e091b11da61.

* Hopefully fixed vendor folder issue with TOTP Library

* Added additional tests for TOTP backend

* Cleaned up comments in TOTP backend_test.go

* Added default values of period, algorithm and digits to field schema

* Changed account_name and issuer fields to optional

* Removed MD5 as a hash algorithm option

* Implemented requested pull request changes

* Added ability to validate TOTP codes

* Added ability to have a key generated

* Added skew, qr size and key size parameters

* Reset vendor.json prior to merge

* Readded otp and barcode libraries to vendor.json

* Modified help strings for path_role_create.go

* Fixed test issue in testAccStepReadRole

* Cleaned up error formatting, variable names and path names. Also added some additional documentation

* Moveed barcode and url output to key creation function and did some additional cleanup based on requested changes

* Added ability to pass in TOTP urls

* Added additional tests for TOTP server functions

* Removed unused QRSize, URL and Generate members of keyEntry struct

* Removed unnecessary urlstring variable from pathKeyCreate

* Added website documentation for TOTP secret backend

* Added errors if generate is true and url or key is passed, removed logger from backend, and revised parameter documentation.

* Updated website documentation and added QR example

* Added exported variable and ability to disable QR generation, cleaned up error reporting, changed default skew value, updated documentation and added additional tests

* Updated API documentation to inlude to exported variable and qr size option

* Cleaned up return statements in path_code, added error handling while validating codes and clarified documentation for generate parameters in path_keys
2017-05-04 10:49:42 -07:00
Brian Kassouf 5ee0d696d4 Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 10:45:18 -07:00
Brian Kassouf 29bfc0a0d4 PR comments 2017-05-04 10:41:59 -07:00
Jeff Mitchell b568ea751b Move client token check in exp register to top 2017-05-04 12:45:57 -04:00
Jeff Mitchell abd63096f8 Update comments 2017-05-04 12:44:31 -04:00