Commit Graph

9128 Commits

Author SHA1 Message Date
Brian Kassouf 761635b27c Fix issue with revoking leases that have periods in them (#5461) 2018-10-08 10:00:00 -04:00
Jim Kalafut 5976b32855 Update examples to use sha256 (#5468)
sha_256 is supported but not referenced in our API docs.
2018-10-08 09:59:57 -04:00
Sebastian Plattner f9ffdbb1b2 Fix remove Group Member in Identity Group not working (#5466) 2018-10-08 09:59:43 -04:00
Jeff Mitchell 6b9b189475 changelog++ 2018-10-08 09:59:41 -04:00
Konstantinos Tsanaktsidis 247d09a1fc Fix a panic in MongoDB backend with concurrent create/revoke (#5463)
When Vault is concurrently creating and revoking leases for MongoDB
users as part of the database secrets engine, and then loses connection
to MongoDB, it can panic. This occurrs because the RevokeUser path does
_not_ lock the mutex, but the CreateUser path does. Both threads of
execution can concurently decide to call c.session.Close() in
mongodb/connection_producer.go:119, and then mgo panics when the second
close attempt occurs.
2018-10-08 09:59:39 -04:00
Jeff Mitchell 4c9301a91f Remove incorrect api docs text around metadata being supported for identity aliases 2018-10-08 09:59:36 -04:00
Jeff 695f9ed682 fix doc typo (#5455) 2018-10-08 09:58:29 -04:00
Martins Sipenko 59dc6d786f Fix missing > (#5452) 2018-10-08 09:58:19 -04:00
Brian Kassouf 316a9ed48f Fix identity link (#5449) 2018-10-08 09:58:15 -04:00
Brian Kassouf 39a2ba7424 mailto link (#5448) 2018-10-08 09:57:30 -04:00
Becca Petrin 7409777888 alicloud auto-unseal docs (#5446) 2018-10-08 09:57:04 -04:00
Chris Hoffman 0cd93c48c0 adding upgrade guide (#5447) 2018-10-08 09:57:01 -04:00
Brian Kassouf b3f5b5948f changelog++ 2018-10-08 09:56:56 -04:00
Jeff Mitchell 8a604ee2df changelog++ 2018-10-08 09:54:21 -04:00
Jeff Mitchell 7b3274769e changelog++ 2018-10-08 09:53:28 -04:00
Jeff Mitchell ff57c14bc2
Set allowed OIDs to any value when generaing a CA. (#5462)
* Set allowed OIDs to any value when generaing a CA.

Also, allow utf-8 in addition to utf8 as the OID type specifier, and
allow `*` to specify any OID of a supported type.

* Update PKI docs
2018-10-08 09:51:43 -04:00
Jim Kalafut b7c8082960
Fix docs typos 2018-10-05 22:53:09 -07:00
Jim Kalafut bd4a7c57c6 Fix 'vault auth' panic (#5473)
Running 'vault auth' with no parameters was panicking:

panic: assignment to entry in nil map
	github.com/hashicorp/vault/command/login.go:255 +0xdee

Now it will show help.
2018-10-05 16:05:26 -07:00
Becca Petrin f276ca2d11 add a check to prevent panics (#5471) 2018-10-05 09:23:06 -07:00
vishalnayak baad5a66fd Fix TestIdentityStore_GroupHierarchyCases 2018-10-05 05:46:09 -04:00
Vishal Nayak fbec18fef0
Added test for verifying member group id deletion (#5469) 2018-10-04 10:38:41 -07:00
Brian Kassouf 0ae790f9de
Fix issue with revoking leases that have periods in them (#5461) 2018-10-04 09:55:48 -07:00
Jim Kalafut 24dc42c908
Update examples to use sha256 (#5468)
sha_256 is supported but not referenced in our API docs.
2018-10-04 09:51:54 -07:00
Sebastian Plattner 782f8dedd2 Fix remove Group Member in Identity Group not working (#5466) 2018-10-04 09:27:29 -07:00
Jeff Mitchell 4895ff2f9a changelog++ 2018-10-04 09:51:41 -04:00
Konstantinos Tsanaktsidis fb90854233 Fix a panic in MongoDB backend with concurrent create/revoke (#5463)
When Vault is concurrently creating and revoking leases for MongoDB
users as part of the database secrets engine, and then loses connection
to MongoDB, it can panic. This occurrs because the RevokeUser path does
_not_ lock the mutex, but the CreateUser path does. Both threads of
execution can concurently decide to call c.session.Close() in
mongodb/connection_producer.go:119, and then mgo panics when the second
close attempt occurs.
2018-10-04 09:51:08 -04:00
Jeff Mitchell 10d9009eba Remove incorrect api docs text around metadata being supported for identity aliases 2018-10-04 09:09:41 -04:00
Becca Petrin 072d56be95 vendor the desired version of go.uuid (#5458) 2018-10-03 15:30:05 -07:00
Brian Kassouf 2995c06a53
Fix build (#5457) 2018-10-03 14:53:08 -07:00
Jeff 45f3297739 fix doc typo (#5455) 2018-10-03 11:25:57 -07:00
Brian Kassouf 9307ba4b0b
Update Deps (#5454) 2018-10-03 09:55:26 -07:00
Martins Sipenko 2e27e96441 Fix missing > (#5452) 2018-10-03 09:16:36 -04:00
Brian Kassouf fc2e32df7c
Fix identity link (#5449) 2018-10-02 17:45:17 -07:00
Brian Kassouf 6d4346f602
mailto link (#5448) 2018-10-02 17:41:04 -07:00
Becca Petrin 8bfb2a335b alicloud auto-unseal docs (#5446) 2018-10-02 17:21:26 -07:00
Chris Hoffman 6639d015e9
adding upgrade guide (#5447) 2018-10-02 20:18:59 -04:00
Brian Kassouf 8ee9548458
changelog++ 2018-10-02 15:15:46 -07:00
Jeff Mitchell f259e67873
Cut version 0.11.2 2018-10-02 14:43:13 -04:00
Jeff Mitchell 2d908d6962 Fix compile on 32-bit platforms 2018-10-02 14:42:50 -04:00
Jeff Mitchell ec2ab502fc make fmt 2018-10-02 14:30:10 -04:00
Brian Kassouf e44ee5181d prepare for release 2018-10-02 11:21:22 -07:00
Jeff Mitchell 3e981d8802 Update Dockerfile go version 2018-10-02 14:16:05 -04:00
Brian Kassouf bc36d78df1 Update plugins 2018-10-02 11:14:15 -07:00
Chris Hoffman a4a688764a
changelog++ 2018-10-02 13:50:36 -04:00
Matthew Irish 76bb00c5c4
Update yarn version in the cross Dockerfile 2018-10-02 10:56:51 -05:00
Chris Hoffman 8154500255
changelog++ 2018-10-02 11:23:20 -04:00
sk4ry 0fab335eec Add ability to configure the NotBefore property of certificates in role api (#5325)
* Add ability to configure the NotBefore property of certificates in role api

* Update index.html.md

* converting field to time.Duration

* setting default back to 30s

* renaming the parameter not_before_duration to differentiate between the NotBefore datetime on the cert

* Update description
2018-10-02 11:10:43 -04:00
Matthew Irish a105664141
UI - ent fixes (#5430)
* re-add performancestandycode for health api call

* update debounce timeout for namespace input on the auth page

* re-fetch cluster model on successful init

* 500ms for the debounce

* swap auth methods after successful api call so that the auth box doesn't jump around

* move list capability fetch to namespace component and don't use computed queryRecord to fetch it

* convert ed models to JSON so that they're unaffected by store unloading

* serialize with the id for the auth method models

* speed tests back up with different polling while loop

* login flash isn't in the same run loop so no longer needs withFlash
2018-10-02 10:05:34 -05:00
Joel Thompson 6a9e6cc474 Allow specifying role-default TTLs in AWS secret engine (#5138)
* Allow specifying role-default TTLs in AWS secret engine

* Add an acceptance test

* Add docs for AWS secret role-default TTLs

* Rename default_ttl to default_sts_ttl

* Return default_ttl as int64 instead of time.Duration

* Fix broken tests

The merge of #5383 broke the tests due to some changes in the test style
that didn't actually cause a git merge conflict. This updates the tests
to the new style.
2018-10-02 10:14:16 -04:00
Matthew Irish 9f213c976c
changelog++ 2018-10-02 08:59:45 -05:00