Commit graph

4782 commits

Author SHA1 Message Date
Vishal Nayak 6130363383 Merge pull request #1754 from hashicorp/secret-id-read-delete
Seperate endpoints for read/delete using secret-id and accessor
2016-08-21 16:15:55 -04:00
vishalnayak 524ed6db37 Extract out common code 2016-08-21 15:46:11 -04:00
vishalnayak dfe73733d5 Seperate endpoints for read/delete using secret-id and accessor 2016-08-21 14:42:49 -04:00
Jeff Mitchell 865ca94032 Initial fixups, not yet done 2016-08-20 22:39:41 -04:00
Jeff Mitchell 2860dcc60f gofmt 2016-08-19 16:48:32 -04:00
Jeff Mitchell 840774a095 Bump tf version 2016-08-19 15:23:38 -04:00
Jeff Mitchell 0f7fa264cd Merge pull request #1753 from hashicorp/adv-cleanup
Cleanup and avoid unnecessary advertisement parsing in leader check
2016-08-19 15:22:43 -04:00
Jeff Mitchell 2bb8adcbde Cleanup and avoid unnecessary advertisement parsing in leader check 2016-08-19 14:49:11 -04:00
Jeff Mitchell b7acf5b5ab Rename proto service stuff and change log levels for some messages 2016-08-19 11:49:25 -04:00
Jeff Mitchell bdcfe05517 Clustering enhancements (#1747) 2016-08-19 11:03:53 -04:00
vishalnayak 87c42a796b s/advertisement/redirect 2016-08-19 10:52:14 -04:00
Jeff Mitchell 0029559ab0 Update location of LDAP docs in upgrade guide.
Fixes #1656
2016-08-19 10:31:31 -04:00
Jeff Mitchell 56940c282b Force dev on when dev-ha is on 2016-08-19 08:29:34 -04:00
Vishal Nayak fa4c80412d Merge pull request #1751 from hashicorp/fix-aws-ec2-ttl
aws-ec2: se max_ttl when ttl is not set, during login
2016-08-18 16:08:49 -04:00
vishalnayak 7ce631f1dc Pretty print the warning 2016-08-18 16:09:10 -04:00
vishalnayak 870ffd6fd8 Use shortestTTL value during renewals too 2016-08-18 15:43:58 -04:00
vishalnayak 4f1c47478e When TTL is not set, consider the system default TTL as well 2016-08-18 15:37:59 -04:00
vishalnayak 56b8c33c95 aws-ec2: se max_ttl when ttl is not set, during login 2016-08-18 15:16:32 -04:00
Jeff Mitchell 6fc9a956bc changelog++ 2016-08-18 12:21:23 -04:00
Jeff Mitchell 5fd59b96c2 Merge pull request #1750 from hashicorp/status-code-change
Change uninit/sealed status codes from health endpoint
2016-08-18 12:17:38 -04:00
Jeff Mitchell c349e697f5 Change uninit/sealed status codes from health endpoint 2016-08-18 12:10:23 -04:00
Jeff Mitchell 0691d7e92a cl++ 2016-08-18 11:28:59 -04:00
Jeff Mitchell bbf2d0508e Merge pull request #1749 from maf23/added_missing_ttl_doc
Mention ttl parameter in the documentation of /auth/aws-ec2/role/<role>
2016-08-18 07:25:20 -04:00
Martin Forssen a617ff0f93 Mention ttl parameter in the documentation of /auth/aws-ec2/role/<role>
This parameter was not documented
2016-08-18 13:16:58 +02:00
Jeff Mitchell 150dd59332 Merge pull request #1744 from hashicorp/jbs-clarification
Add a bit of clarification
2016-08-17 17:47:06 -04:00
Jeff Mitchell 5c33356d14 Protobuf for forwarding (#1743) 2016-08-17 16:15:15 -04:00
Brian Shumate a941dbdd76 Add a bit of clarification 2016-08-17 16:07:30 -04:00
Jeff Mitchell 8d6244f8e7 Don't serialize the full connection state, instead just the peer certificates, and parse them on the other side 2016-08-17 10:29:53 -04:00
Jeff Mitchell e7261bc31f Merge pull request #1740 from hashicorp/fix-upgrade-periodic-roles
Ensure we don't use a token entry period of 0 in role comparisons.
2016-08-16 16:59:56 -04:00
Jeff Mitchell 01702415c2 Ensure we don't use a token entry period of 0 in role comparisons.
When we added support for generating periodic tokens for root/sudo in
auth/token/create we used the token entry's period value to store the
shortest period found to eventually populate the TTL. The problem was
that we then assumed later that this value would be populated for
periodic tokens, when it wouldn't have been in the upgrade case.

Instead, use a temp var to store the proper value to use; populate
te.Period only if actually given; and check that it's not zero before
comparing against role value during renew.
2016-08-16 16:47:46 -04:00
Jeff Mitchell c1aa89363a Make time logic a bit clearer 2016-08-16 16:29:07 -04:00
Jeff Mitchell 02d9702fbd Add local into handler path for forwarded requests 2016-08-16 11:46:37 -04:00
Jeff Mitchell c6b6901059 update Dockerfile for Go 1.7 final 2016-08-16 11:23:43 -04:00
Jeff Mitchell 734e80ca56 Add permit pool to dynamodb 2016-08-15 19:45:06 -04:00
Jeff Mitchell 638e61192a Actually show the error occurring if a file audit log can't be opened 2016-08-15 16:26:36 -04:00
Jeff Mitchell dcba6129e3 Use dockertest for physical consul tests, and always run them 2016-08-15 16:20:32 -04:00
Matt Hurne 56252fb637 AppRole documentation tweaks (#1735)
* Fix spelling error in AppRole docs

* Add force flag to sample command to generate a secret ID in AppRole docs

* Update sample output for AppRole login in docs
2016-08-15 16:12:08 -04:00
Jeff Mitchell c520ab986c changelog++ 2016-08-15 16:02:06 -04:00
Jeff Mitchell 62c69f8e19 Provide base64 keys in addition to hex encoded. (#1734)
* Provide base64 keys in addition to hex encoded.

Accept these at unseal/rekey time.

Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
Jeff Mitchell 159255b5a6
Cut version 0.6.1-rc3 2016-08-15 09:54:06 -04:00
Jeff Mitchell 8724a6864b Bump version 2016-08-15 09:49:18 -04:00
Jeff Mitchell e0170b268b changelog++ 2016-08-15 09:45:23 -04:00
Jeff Mitchell 37320f8798 Request forwarding (#1721)
Add request forwarding.
2016-08-15 09:42:42 -04:00
Jeff Mitchell 122f79b3c1 Merge pull request #1732 from hashicorp/pre0.6.1-restore-compat
Restore compatibility with pre-0.6.1 servers for CLI/Go API calls
2016-08-15 08:15:11 -04:00
Jeff Mitchell 86874def5c Parameter change
Both revocation times are UTC so clarify via parameter name that it's just a formatting difference. Also leave as a time.Time here, as it automatically marshals into RFC3339.
2016-08-14 21:43:57 -04:00
Jeff Mitchell ba87c6c0d6 Restore compatibility with pre-0.6.1 servers for CLI/Go API calls 2016-08-14 14:52:45 -04:00
Jeff Mitchell a82b6ee9d9 changelog++ 2016-08-14 07:21:05 -04:00
Jeff Mitchell 7cc5e8d0d4 Merge pull request #1725 from hashicorp/periodic-authtokencreate
Add periodic support for root/sudo tokens to auth/token/create
2016-08-14 07:17:38 -04:00
Jeff Mitchell 40ece8fd7c Add another test and fix some output 2016-08-14 07:17:14 -04:00
vishalnayak 0038db0f62 Fix typo. Fixes #1731. 2016-08-14 02:13:46 -04:00