Commit graph

5363 commits

Author SHA1 Message Date
Jeff Mitchell 496420a5ab Make cubbyhole local instead of replicated. (#2397)
This doesn't really change behavior, just what it looks like in the UX.
However, it does make tests more complicated. Most were fixed by adding
a sorting function, which is generally useful anyways.
2017-02-18 13:51:05 -05:00
Jeff Mitchell 679b0144c9 Fix TypeDurationSecond to not panic at runtime if the given default is a string (#2396)
Fix TypeDurationSecond to not panic at runtime if the given default is a string.

Fixes #myownannoyance
2017-02-17 17:25:53 -05:00
Jeff Mitchell ad66ed85fd Change additional options usage in meta to a func to remove build tags. 2017-02-17 12:09:20 -05:00
Jeff Mitchell 37f3b2bafd Fix missing newline in status output 2017-02-17 11:23:20 -05:00
Jeff Mitchell 3230f697bd Final rep porting (#2392) 2017-02-17 09:15:35 -05:00
Jeff Mitchell a4a2664801 changelog++ 2017-02-17 09:15:13 -05:00
Colin Arenz 99b01a3d82 Fix listing of deep paths in PostgreSQL backend (#2393)
This change addresses an issue where deep paths would not be enumerated if parent paths did not contain a key.

Given the keys `shallow` and `deep` at the following paths...
```
secret/shallow
secret/path/deep
```

... a `LIST` request against `/v1/secret` would produce only one result, `shallow`.  With this change, the same list request will now list `shallow` and `path/`.
2017-02-17 09:14:11 -05:00
Jeff Mitchell 776e120740 Update deps, particularly to ensure https://aws.amazon.com/blogs/developer/aws-sdk-for-go-update-needed-for-go-1-8/ is covered 2017-02-16 23:42:07 -05:00
Jeff Mitchell 4a966726e5 Make reindex a root path as well 2017-02-16 23:36:06 -05:00
Jeff Mitchell f3bee3550c Remove now-unnecessary stanza from default policy 2017-02-16 23:30:38 -05:00
Jeff Mitchell 70d51e98fd changelog++ 2017-02-16 23:27:23 -05:00
Jeff Mitchell 62e8d0b359 Internally append trailing slash for all LIST operations. (#2390)
Fixes #2385
2017-02-16 23:23:32 -05:00
Jeff Mitchell 674a0a48bf Fix rep path fetching method into a function 2017-02-16 23:23:21 -05:00
Jeff Mitchell f37b6492d1 More rep porting (#2391)
* More rep porting

* Add a bit more porting
2017-02-16 23:09:39 -05:00
Brian Kassouf 1c5264c66c ToLower parameter strings 2017-02-16 17:50:10 -08:00
Jeff Mitchell 494b4c844b More porting from rep (#2389)
* More porting from rep

* Address feedback
2017-02-16 20:13:19 -05:00
Brian Kassouf 07799f665d Simplify the merging of two policies 2017-02-16 16:30:08 -08:00
Brian Kassouf 7229bdfd38 Remove debug code 2017-02-16 16:14:30 -08:00
Brian Kassouf 136730cb01 Update logic to fix a few edge cases: 2017-02-16 15:20:11 -08:00
Jeff Mitchell c81582fea0 More porting from rep (#2388)
* More porting from rep

* Address review feedback
2017-02-16 16:29:30 -05:00
Jeff Mitchell 0c39b613c8 Port some replication bits to OSS (#2386) 2017-02-16 15:15:02 -05:00
Jeff Mitchell 0a9a6d3343 Move ReplicationState to consts 2017-02-16 13:37:21 -05:00
Brian Kassouf 13ec9c5dbf Load leases into the expiration manager in parallel (#2370)
* Add a benchmark for exiration.Restore

* Add benchmarks for consul Restore functions

* Add a parallel version of expiration.Restore

* remove debug code

* Up the MaxIdleConnsPerHost

* Add tests for etcd

* Return errors and ensure go routines are exited

* Refactor inmem benchmark

* Add s3 bench and refactor a bit

* Few tweaks

* Fix race with waitgroup.Add()

* Fix waitgroup race condition

* Move wait above the info log

* Add helper/consts package to store consts that are needed in cyclic packages

* Remove not used benchmarks
2017-02-16 10:16:06 -08:00
Jeff Mitchell d7a6ec8d43 Add some repcluster handling to audit and add some tests (#2384)
* Add some repcluster handling to audit and add some tests

* Fix incorrect assumption about nil auth
2017-02-16 13:09:53 -05:00
Jeff Mitchell e0c9bfd926 Add WithOptions methods to audit/auth enabling (#2383) 2017-02-16 11:37:27 -05:00
Frank Gevaerts 0044ea8917 Update hsm.html.md (#2381) 2017-02-16 07:25:22 -05:00
Brian Kassouf 8d880f5181 Remove duplicate test case 2017-02-15 22:38:33 -08:00
Jeff Mitchell c96fe56d44 Fix copypasta, thanks tests 2017-02-16 01:32:39 -05:00
Brian Kassouf f1d5b60b97 s/has/has been/ 2017-02-15 22:19:35 -08:00
Brian Kassouf c80593387c Remove unnecessary else condition 2017-02-15 22:18:20 -08:00
Brian Kassouf c9ae260cdf Merge branch 'acl-parameters-permission' of github.com:hashicorp/vault into acl-parameters-permission 2017-02-15 22:13:28 -08:00
Brian Kassouf 24d8710233 Fix the issue of returning on the first paramater check. Added tests for this case. 2017-02-15 22:13:18 -08:00
Jeff Mitchell 71fa0779ed changelog++ 2017-02-16 01:05:32 -05:00
Jeff Mitchell 817bec0955 Add Organization support to PKI backend. (#2380)
Fixes #2369
2017-02-16 01:04:29 -05:00
Jeff Mitchell 7e5ad5c8e5 changelog++ 2017-02-16 00:55:29 -05:00
Vishal Nayak eb4ef0f6e0 cidrutil: added test data points (#2378) 2017-02-16 00:51:02 -05:00
Jeff Mitchell 978772a47a Merge branch 'master-oss' into acl-parameters-permission 2017-02-16 00:46:40 -05:00
Jeff Mitchell 45e6e2e95f Merge pull request #2379 from hashicorp/issue-2362
Compare headers case-insensitively for auditing
2017-02-16 00:46:25 -05:00
Jeff Mitchell e60b24431a Fix audit test and make audited headers more robust in map checks 2017-02-16 00:44:20 -05:00
Jeff Mitchell da9e62bc24 Remove "permissions" from ACL 2017-02-15 21:12:26 -05:00
Jeff Mitchell 51f7114648 Merge branch 'master-oss' into acl-parameters-permission 2017-02-15 20:37:58 -05:00
Jeff Mitchell acb7391b12 Compare headers case-insensitively for auditing
Fixes #2362
2017-02-15 20:35:35 -05:00
Phil Watts e2de7ec7fe Edit to the language of the description of disable_mlock on the configuration documentation page. Previous wording could lead to confusion as to the recommended setting of the disable_mlock option. (#2377) 2017-02-15 11:09:27 -05:00
vishalnayak 31166918a4 changelog++ 2017-02-15 10:59:15 -05:00
Vishal Nayak 81c95b36eb aws-ec2 auth: Return the role period in seconds (#2374)
* aws-ec2 auth: Return the role period in seconds

* cast return values to int64 for comparison with expected values
2017-02-15 10:57:57 -05:00
Vishal Nayak b86e9bc09f aws-ec2 auth: fix docs (#2375) 2017-02-15 06:29:27 -05:00
Jeff Mitchell ce3e536f85 changelog++ 2017-02-14 16:29:00 -05:00
Jeff Mitchell 04b4a6aa50 Fix Okta auth issue when a user has no policies and/or groups set. (#2371)
Fixes #2367
2017-02-14 16:28:16 -05:00
Jeff Mitchell f88defce49 changelog++ 2017-02-10 19:57:53 -05:00
Tommy Murphy ca06bc0b53 audit: support a configurable prefix string to write before each message (#2359)
A static token at the beginning of a log line can help systems parse
logs better. For example, rsyslog and syslog-ng will recognize the
'@cee: ' prefix and will parse the rest of the line as a valid json message.
This is useful in environments where there is a mix of structured and
unstructured logs.
2017-02-10 16:56:28 -08:00