Commit Graph

5344 Commits

Author SHA1 Message Date
Brian Kassouf e62f5dbc31 Allowed/Denied parameters support for globs (#2438)
* Add check for globbed strings

* Add tests for the acl globbing

* Fix bad test case
2017-03-03 14:50:55 -08:00
Jeff Mitchell 111fbc5747 Make cache not actually cache values under core/ (#2439) 2017-03-03 16:04:31 -05:00
Jeff Mitchell 25428971c8 Add poison pill 2017-03-03 15:05:25 -05:00
Seth Vargo 9d8dad3269 Switch to new container-based build (#2436) 2017-03-03 11:26:26 -05:00
Vishal Nayak 4b81bcb379 ssh: Added DeleteOperation to config/ca (#2434)
* ssh: Added DeleteOperation to config/ca

* Address review feedback
2017-03-03 10:19:45 -05:00
vishalnayak 555a9345d7 changelog++ 2017-03-03 09:36:31 -05:00
Vishal Nayak 491a56fe9f AppRole: Support restricted use tokens (#2435)
* approle: added token_num_uses to the role

* approle: added RUD tests for token_num_uses on role

* approle: doc: added token_num_uses
2017-03-03 09:31:20 -05:00
Jeff Mitchell 7b74f44a17 changelog++ 2017-03-02 17:37:48 -05:00
Jeff Mitchell a895398525
Cut version 0.7.0-beta1 2017-03-02 17:18:32 -05:00
Jeff Mitchell f12a549f65 Bump version for beta 2017-03-02 17:17:43 -05:00
Jason Costello 5ea7b4436c Website update typography (#2429) 2017-03-02 17:10:33 -05:00
Jeff Mitchell 88eafe7d7d changelog++ 2017-03-02 17:08:22 -05:00
Brian Kassouf 0af954080a changelog++ 2017-03-02 14:05:04 -08:00
Brian Kassouf 1d081c1ae0 Changelog++ 2017-03-02 13:59:20 -08:00
Jeff Mitchell 76bec343f4 Some minor ssh docs updating 2017-03-02 16:47:21 -05:00
Jeff Mitchell 55e69277ce Update SSH CA logic/tests 2017-03-02 16:39:22 -05:00
Vishal Nayak a1331278ff Refactor the generate_signing_key processing (#2430) 2017-03-02 16:22:06 -05:00
Jeff Mitchell fa474924aa Update error text to make it more obvious what the issue is when valid principals aren't found 2017-03-02 15:56:08 -05:00
Jeff Mitchell eca68d5913 Fix a bunch of errors from returning 5xx, and parse more duration types 2017-03-02 15:38:34 -05:00
Jeff Mitchell 33e75c750b changelog++ 2017-03-02 15:00:01 -05:00
Jeff Mitchell a585f709d3 Understand local when persisting mount tables, to avoid invalidations when not necessary (#2427) 2017-03-02 14:37:59 -05:00
Will May 70bfdb5ae9 Changes from code review 2017-03-02 14:36:13 -05:00
Will May 36b3d89604 Allow internal generation of the signing SSH key pair 2017-03-02 14:36:13 -05:00
Jeff Mitchell bb05f2d8f8 Fix double-lock 2017-03-02 10:54:31 -05:00
Jeff Mitchell 31cddc43e1 Use own mutex for updating cluster parameters and fix leader UUID bug 2017-03-02 10:50:54 -05:00
Jeff Mitchell beb3067787 Add some trace level information about new cluster status 2017-03-02 10:21:35 -05:00
Jeff Mitchell 36c84df326 Large update to request forwarding handling. (#2426) 2017-03-02 10:03:49 -05:00
Jeff Mitchell 0060535eed Bump http2 dep to fix Go 1.8 breakage 2017-03-02 00:46:17 -05:00
Jeff Mitchell 90389323a2 Some more forwarding client cleanup 2017-03-01 20:59:20 -05:00
Jeff Mitchell b1c2a930fe Clean up request forwarding logic 2017-03-01 18:17:06 -05:00
Brian Kassouf 259e686d4c Update TestSeal to ignore setting the config to nil 2017-03-01 14:10:06 -08:00
vishalnayak 44dfdc0303 changelog++ 2017-03-01 16:00:20 -05:00
Vishal Nayak 3795d2ea64 Rework ssh ca (#2419)
* docs: input format for default_critical_options and default_extensions

* s/sshca/ssh

* Added default_critical_options and default_extensions to the read endpoint of role

* Change default time return value to 0
2017-03-01 15:50:23 -05:00
Will May 9f75f84175 Changes from code review
Major changes are:
* Remove duplicate code
* Check the public key used to configure the backend is a valid one
2017-03-01 15:19:18 -05:00
Will May ff1ff02bd7 Changes from code review
Major changes are:
* Change `allow_{user,host}_certificates` to default to false
* Add separate `allowed_domains` role property
2017-03-01 15:19:18 -05:00
Will May 099d561b20 Add ability to create SSH certificates 2017-03-01 15:19:18 -05:00
Jeff Mitchell 00cfaf7f64 Rejig signature of last remote wal 2017-03-01 12:42:10 -05:00
Jeff Mitchell 6ebb2cc958 Add last remote WAL bits 2017-03-01 12:40:36 -05:00
Seth Vargo 3855021b40
Re-enable soft purging, stale-if-error 2017-03-01 12:38:40 -05:00
Jeff Mitchell 5ef2b0145b Add ability to set max retries to API 2017-03-01 12:24:08 -05:00
Jeff Mitchell eec66eaa3c Have duration.ParseDurationSecond handle json.Number 2017-03-01 08:32:05 -05:00
Jeff Mitchell f2282247ef Add seal cache purging back into postUnseal 2017-02-28 18:36:28 -05:00
Jeff Mitchell 09543dceeb Rejig core standby logic to check validity of barrier during active transition 2017-02-28 18:17:30 -05:00
Seth Vargo 5e1e314bf9 Cache for a longer time on Fastly (#2417) 2017-02-28 16:54:51 -05:00
Jordan Abderrachid fa77e7cfa2 api: add `EnvVaultToken` constant. (#2413) 2017-02-27 18:36:21 -05:00
Jeff Mitchell 27e6405726 changelog++ 2017-02-27 15:41:40 -05:00
Jeff Mitchell 7012d63a28 Update policies doc with allowed/denied params and min/max wrapping ttl info 2017-02-27 15:17:19 -05:00
Jeff Mitchell 7f0a99e8eb Add max/min wrapping TTL ACL statements (#2411) 2017-02-27 14:42:00 -05:00
Jeff Mitchell a5d7259d84 changelog++ 2017-02-27 14:31:54 -05:00
Marshall Brekka 184b47e20c Add a TTL to the dynamodb lock implementation. (#2141) 2017-02-27 14:30:34 -05:00