Commit graph

7448 commits

Author SHA1 Message Date
Jeff Mitchell e42033a566 Minor fixes from vet 2018-02-26 02:23:24 -05:00
Jeff Mitchell 7b1a793d6f Migrate Dockerfile back down to 1.9 2018-02-25 20:29:01 -05:00
vishalnayak 4b0f27923f ssh: clarify optional behavior of cidr_list 2018-02-24 06:55:55 -05:00
vishalnayak e3aceecb78 changelog++ 2018-02-23 21:30:51 -05:00
Jason 865cb8786b Update CHANGELOG.md (#4035) 2018-02-23 21:28:56 -05:00
Jeff Mitchell f1bd0cbe74
Use atomic values in seal to avoid some data races (#4040) 2018-02-23 17:18:48 -05:00
Brian Kassouf c82d39c77e helper/gpgkeys: fix for vault 1.10 (#4038) 2018-02-23 14:47:25 -05:00
Jeff Mitchell d4a431b298
Move local cluster parameters to atomic values to fix some potential data races (#4036) 2018-02-23 14:47:07 -05:00
Brian Kassouf cb08fb92d2 Port some replicated cluster changes from ent (#4037) 2018-02-23 14:01:15 -05:00
Jeff Mitchell 1a814803d7 Add core object to policy store for some ent uses 2018-02-23 14:00:46 -05:00
Jeff Mitchell 8b09949a81 changelog++ 2018-02-23 11:16:26 -05:00
chris trott 78df6a630e Configurable Consul Service Address (#3971)
* Consul service address is blank

Setting an explicit service address eliminates the ability for Consul
to dynamically decide what it should be based on its translate_wan_addrs
setting.

translate_wan_addrs configures Consul to return its lan address to nodes
in its same datacenter but return its wan address to nodes in foreign
datacenters.

* service_address parameter for Consul storage backend

This parameter allows users to override the use of what Vault knows to
be its HA redirect address.

This option is particularly commpelling because if set to a blank
string, Consul will leverage the node configuration where the service is
registered which includes the `translate_wan_addrs` option. This option
conditionally associates nodes' lan or wan address based on where
requests originate.

* Add TestConsul_ServiceAddress

Ensures that the service_address configuration parameter is setting the
serviceAddress field of ConsulBackend instances properly.

If the "service_address" parameter is not set, the ConsulBackend
serviceAddress field must instantiate as nil to indicate that it can be
ignored.
2018-02-23 11:15:29 -05:00
Jeff Mitchell b1cf13f14c Fix certutil test 2018-02-23 01:35:07 -05:00
Yoko 099d89ff9d
Fixed a broken link (#4032) 2018-02-22 19:43:27 -08:00
Jeff Mitchell d19b10e680 Update comment to replication consts 2018-02-22 21:38:52 -05:00
Jeff Mitchell 7f479c4547 Add a helpful comment to replication consts 2018-02-22 21:37:54 -05:00
Jeff Mitchell 1ceaadabfb changelog++ 2018-02-22 20:56:10 -05:00
Joel Thompson b0592d2161 auth/aws: Add functional test for detached RSA signature (#4031)
Previously the functional test was only testing the PCKS7-signed identity
document, not the detached RSA signature, so adding a test for that in the
functional test suite.
2018-02-22 20:55:45 -05:00
Jeff Mitchell 8ee8f4265d Change Go min version check 2018-02-22 20:53:25 -05:00
Jeff Mitchell abeb5b05aa changelog++ 2018-02-22 20:35:59 -05:00
Jeff Mitchell 8fe43cd98e Revert Go dep to 1.9
Ping GH-4028
2018-02-22 20:21:07 -05:00
Jeff Mitchell cf7c86e0f8 *Partially* revert "Remove now-unneeded PKCS8 code and update certutil tests for Go 1.10"
This partially reverts commit 83f6b21d3ef930df0352a4ae7b1e971790e3eb22.
2018-02-22 20:15:56 -05:00
Jeff Mitchell 9584a085b6 Revert "Remove unneeded looping since Go 1.10 cover it already (#4010)"
This reverts commit 8aeba427d239613bf78b7d1ce96900da74d2bd5d.
2018-02-22 20:13:36 -05:00
Jeff Mitchell 177ecc946b Bump pkcs7 library version to fix #4024 2018-02-22 20:11:49 -05:00
Jeff Mitchell 15c3bffcc9 Revert "Switch to a forked copy of pkcs7 to fix aws pkcs7 verification error (#4024)"
This reverts commit f75c7dd15784831aef0bd9fda8a230b0a08556f3.
2018-02-22 20:09:19 -05:00
Jeff Mitchell 9f984333ec changelog++ 2018-02-22 20:08:28 -05:00
Yoko 5389550cdc
Changed the layout category menu (#4007)
* Changed the layout category menu

* Fixed typos

* Fixed a typo, and removed the duplicated generate-root guide

* Fixed the redirect.txt
2018-02-22 16:24:01 -08:00
Chris Hoffman a2e816321e
adding LIST for connections in database backend (#4027) 2018-02-22 15:27:33 -05:00
Jeff Mitchell 9c2ad5c4ec Fix formatting on sys/health docs 2018-02-22 10:52:12 -05:00
Calvin Leung Huang b5c54c4ecb changelog++ 2018-02-22 10:30:27 -05:00
Calvin Leung Huang 1bb4d165e7
Add TTL related config options on auth enable (#4019) 2018-02-22 10:26:29 -05:00
Jeff Mitchell 2dda3f6363 Make docs around regenerate_key more specific 2018-02-22 09:09:20 -05:00
Jeff Mitchell 2c3c0e3aea changelog++ 2018-02-22 08:50:27 -05:00
Jeff Mitchell 67e614bac4
Switch to a forked copy of pkcs7 to fix aws pkcs7 verification error (#4024)
Fixes #4014
2018-02-22 08:49:11 -05:00
Jeff Mitchell 4bff53c771 Force trace mode in three-node 2018-02-22 01:44:19 -05:00
Jeff Mitchell 4669f37c78 Add four cluster flag 2018-02-22 00:23:37 -05:00
Brian Kassouf 9456e15904
http/logical: Add http GET parameters to the data map (#4012)
* Add get parameters to the data object

* Add test for get params
2018-02-21 14:36:53 -08:00
Jeff Mitchell f629200bcb
Update CHANGELOG.md 2018-02-21 17:28:08 -05:00
Brian Kassouf c5cfb8eea1
http: Add a method for returning a 404 with data (#3994)
* Add a method for returning a 404 with data

* Pass the full resp object through to respond raw

* Add comment

* Refactor so it works across plugin gRPC

* Handle some review comments

* Pass request object instead of request ID
2018-02-21 14:22:21 -08:00
Calvin Leung Huang a06243bf8d
Add description param on tune endpoints (#4017) 2018-02-21 17:18:05 -05:00
Jeff Mitchell c2ae25d588 Update PKCS11 seal information 2018-02-21 09:05:36 -05:00
Jeff Mitchell a7df7d942f
Cut version 0.9.4 2018-02-20 15:27:37 -05:00
Jeff Mitchell 7d673e5e05 Remove netbsd/arm as it won't compile 2018-02-20 15:27:33 -05:00
Jeff Mitchell 227ebcc188 Bump files for new version 2018-02-20 14:51:20 -05:00
Jeff Mitchell fb33782593 Update plugins 2018-02-20 14:15:43 -05:00
Jeff Mitchell ca0692c188 Update go-plugin 2018-02-20 14:07:29 -05:00
Jeff Mitchell 6be21b1068 changelog++ 2018-02-20 11:16:28 -05:00
Andrei Burd 90f3788ce5 Handling nomad maxTokenNameLength = 64 (#4009) 2018-02-20 10:16:37 -05:00
Vishal Nayak bfed4af48f Remove unneeded looping since Go 1.10 cover it already (#4010) 2018-02-20 07:34:55 -05:00
Jeff Mitchell be53e38fe0 Fix test statement with formatting in fatal call 2018-02-20 00:26:41 -05:00