Commit graph

2533 commits

Author SHA1 Message Date
Jeff Mitchell e5a58109ec Store all keys in archive always 2016-01-27 13:41:37 -05:00
Jeff Mitchell 30ffc18c19 Add unit tests 2016-01-27 13:41:37 -05:00
Jeff Mitchell 5000711a67 Force min decrypt version to 1 if it's zero, which allows fixing problematic archiving logic 2016-01-27 13:41:37 -05:00
Jeff Mitchell 7a27dd5cb3 Fix logic bug when restoring keys 2016-01-27 13:41:37 -05:00
Jeff Mitchell 004b35be36 Fix decrementing instead of incrementing 2016-01-27 13:41:37 -05:00
Jeff Mitchell beafe25508 Initial transit key archiving work 2016-01-27 13:41:37 -05:00
Jeff Mitchell 1769984368 Bump godeps 2016-01-27 13:41:26 -05:00
Jeff Mitchell 5f379ccfb6 Merge pull request #976 from hashicorp/audit-panic
Use reflect.Value.String() rather than a type assertion.
2016-01-26 13:05:05 -05:00
Jeff Mitchell 658a995eed Bump travis to 1.5.3 2016-01-26 12:47:45 -05:00
Jeff Mitchell ef84e04fd7 Add unit test for audit change 2016-01-26 12:47:04 -05:00
Jeff Mitchell f0c66f0b8c Use reflect.Value.String() rather than a type assertion.
Fixes a panic in hashstructure/auditing that can occur with custom
string types.

Fixes #973
2016-01-26 12:32:50 -05:00
Jeff Mitchell 1107a068b7 Merge pull request #972 from rajanadar/patch-7
added the delete api details to generic backend
2016-01-26 09:49:06 -05:00
Jeff Mitchell bc04e4eec2 Merge pull request #971 from rajanadar/patch-6
added the delete api details to cubbyhole
2016-01-26 09:48:47 -05:00
Jeff Mitchell 92d42aa6c7 Merge pull request #969 from rajanadar/patch-4
fixing the description of the /lookup/<token> api
2016-01-26 09:48:22 -05:00
Jeff Mitchell c1f4957fe9 Merge pull request #970 from rajanadar/patch-5
fixing an incorrect json response field name
2016-01-26 09:47:54 -05:00
Raja Nadar 741c23cb4a added the delete api details to generic backend
documentation was missing this api description
2016-01-25 23:56:33 -08:00
Raja Nadar 64c9eb969d added the delete api details to cubbyhole
cubbyhole delete api details were missing. added them.
2016-01-25 23:47:33 -08:00
Raja Nadar f02aa2c2c0 fixing an incorrect json response field name
changed a read-role api response field from 'revocation_cql' to 'rollback_cql'
didn't verify it using a real cassandra server test, but looked at the source code json schema definition here: 

https://github.com/hashicorp/vault/blob/master/builtin/logical/cassandra/path_roles.go
func pathRoles(b *backend) *framework.Path 

please feel free to discard the PR, if i am looking at the wrong source location or something.
2016-01-25 23:42:20 -08:00
Raja Nadar cf9b3c7c66 fixing the description of the /lookup/<token> api 2016-01-25 23:26:29 -08:00
Jeff Mitchell aede2fcb3e Merge pull request #968 from nickithewatt/aws-policies-docs
AWS secret backend use of existing policy - docs
2016-01-25 23:02:25 -05:00
Nicki Watt c57072d39a AWS secret backend - docs when using existing policy 2016-01-26 01:43:14 +00:00
Nicki Watt 35a0d28620 Docs for AWS backend when using an existing policy 2016-01-26 01:39:24 +00:00
Jeff Mitchell 3761f19932 changelog++ 2016-01-25 14:48:34 -05:00
Jeff Mitchell bb73d796ca Merge pull request #955 from hashicorp/postgres-idle-connections
Add a max_idle_connections parameter.
2016-01-25 14:47:28 -05:00
Jeff Mitchell 05e337727f Document changes 2016-01-25 14:47:16 -05:00
Jeff Mitchell 7390cd5264 Add a max_idle_connections parameter. 2016-01-25 14:47:07 -05:00
Jeff Mitchell 21d658c5fe Merge pull request #966 from hashicorp/sethvargo/sdata
Add structured data
2016-01-24 13:41:02 -05:00
Seth Vargo 64e521a68b Add structured data 2016-01-24 13:37:20 -05:00
Jeff Mitchell 59fc5d0f8d Merge pull request #964 from hashicorp/patched-1.5.3
Add a Dockerfile to build 1.5.3 with patches.
2016-01-23 20:11:02 -05:00
Jeff Mitchell b2ab68f814 Add a Dockerfile to build 1.5.3 with patches.
Specifically this pulls in the following:

https://go-review.googlesource.com/12717
https://go-review.googlesource.com/17247

These fix bugs users have encountered -- the first with the PKI backend,
and the second with Vault generally, as it can bite any use of a
certificate within Vault (listener, cert credential backend, pki
backend).

These are in 1.6, but it will probably be released too late for us given
what is currently known about their release plans and our known
deadline. This lets us build our releases against a patched 1.5.3.
2016-01-23 14:50:23 -05:00
Jeff Mitchell 0c2829d2a2 changelog++ 2016-01-23 14:46:20 -05:00
Jeff Mitchell abd9fe1b73 Merge pull request #961 from rajanadar/patch-3
fixed login link,request params,add json response
2016-01-23 14:45:27 -05:00
Jeff Mitchell e772a3e695 Merge pull request #963 from hashicorp/fail-unsup-path
If the path is not correct, don't fail due to existence check, fail d…
2016-01-23 14:05:32 -05:00
Jeff Mitchell 8b9fa042fe If the path is not correct, don't fail due to existence check, fail due to unsupported path 2016-01-23 14:05:09 -05:00
Raja Nadar d3434f8f03 clarify default mountpoint 2016-01-23 11:02:00 -08:00
Jeff Mitchell e9f067f8e0 Merge pull request #960 from rajanadar/patch-2
mention that this is an unauthenticated endpoint
2016-01-23 10:24:16 -05:00
Jeff Mitchell 3b7a533b5a Fix test on 1.6 by comparing to nil instead of a nil-defined map 2016-01-22 21:26:06 -05:00
Jeff Mitchell c7c8dc3f5b changelog++ 2016-01-22 21:24:25 -05:00
Jeff Mitchell 0003eb8506 Merge pull request #954 from hashicorp/backend-tainted-view
Allow backends to see taint status.
2016-01-22 21:23:12 -05:00
Raja Nadar 9b82736b9a fixed login link,request params,add json response
1. fix login link
2. added personal access token to request message
3. added a sample json response
2016-01-22 17:38:32 -08:00
Raja Nadar b0f33d4d19 mention that this is an unauthenticated endpoint 2016-01-22 17:10:16 -08:00
Jeff Mitchell cd4811e630 Merge pull request #957 from rajanadar/patch-1
update sys-init.html.md
2016-01-22 19:57:20 -05:00
Raja Nadar dac5997e14 update sys-init.html.md
change response field from 'initialize' to 'initialized'
2016-01-22 16:45:59 -08:00
Jeff Mitchell 12c00b97ef Allow backends to see taint status.
This can be seen via System(). In the PKI backend, if the CA is
reconfigured but not fully (e.g. an intermediate CSR is generated but no
corresponding cert set) and there are already leases (issued certs), the
CRL is unable to be built. As a result revocation fails. But in this
case we don't actually need revocation to be successful since the CRL is
useless after unmounting. By checking taint status we know if we can
simply fast-path out of revocation with a success in this case.

Fixes #946
2016-01-22 17:01:22 -05:00
Jeff Mitchell d663c46757 changelog++ 2016-01-22 13:09:21 -05:00
Jeff Mitchell 30732274b1 Merge pull request #953 from hashicorp/init-check
Add -check flag to init.
2016-01-22 13:08:31 -05:00
Jeff Mitchell d95adc731a Add -check flag to init.
Fixes #949
2016-01-22 13:06:40 -05:00
Jeff Mitchell babecad8ac changelog++ 2016-01-22 10:22:43 -05:00
Jeff Mitchell 757250ac14 Merge pull request #617 from hashicorp/f-passthrough-list
Basic list support
2016-01-22 10:15:08 -05:00
Jeff Mitchell 9cac7ccd0f Add some commenting 2016-01-22 10:13:49 -05:00