Jeff Mitchell
ebf57b15b4
Fixes a regression in forwarding from #6115 ( #6191 )
...
* Fixes a regression in forwarding from #6115
Although removing the authentication header is good defense in depth,
for forwarding mechanisms that use the raw request, we never add it
back. This caused perf standby tests to throw errors. Instead, once
we're past the point at which we would do any raw forwarding, but before
routing the request, remove the header.
To speed this up, a flag is set in the logical.Request to indicate where
the token is sourced from. That way we don't iterate through maps
unnecessarily.
2019-02-11 13:08:15 -05:00
Jeff Mitchell
3e3e47ea1b
changelog++
2019-02-11 13:04:29 -05:00
Clint
0db43e697b
Add signed key constraints to SSH CA [continued] ( #6030 )
...
* Adds the ability to enforce particular ssh key types and minimum key
lengths when using Signed SSH Certificates via the SSH Secret Engine.
2019-02-11 13:03:26 -05:00
Jeff Mitchell
6e4cfdabd2
changelog++
2019-02-10 18:35:28 -05:00
Andrej van der Zee
604e8dd0f0
Added socket keep alive option to Cassandra plugin. ( #6201 )
2019-02-10 18:34:50 -05:00
Matthew Irish
e0e4ec1cac
fix nav-to-nearest mixin when there are no ancestors ( #6198 )
2019-02-08 18:50:50 -06:00
vishalnayak
c2df541fd2
changelog++
2019-02-08 16:34:23 -05:00
Vishal Nayak
b4ba344782
Merge entities during unseal only on the primary ( #6075 )
...
* Merge entities during unseal only on the primary
* Add another guard check
* Add perf standby to the check
* Make primary to not differ from case-insensitivity status w.r.t secondaries
* Ensure mutual exclusivity between loading and invalidations
* Both primary and secondaries won't persist during startup and invalidations
* Allow primary to persist when loading case sensitively
* Using core.perfStandby
* Add a tweak in core for testing
* Address review feedback
* update memdb but not storage in secondaries
* Wire all the things directly do mergeEntity
* Fix persist behavior
* Address review feedback
2019-02-08 16:32:06 -05:00
Becca Petrin
ba3ed879f8
Use null strings in MSSQL to prevent errs ( #6099 )
2019-02-08 10:04:54 -08:00
Michel Vocks
1ddd194c28
Added missing backslash in iam identity guide ( #6193 )
2019-02-08 09:56:36 -08:00
Jeff Mitchell
82a85aa8c8
Make fmt
2019-02-08 09:12:55 -05:00
Naoki Ainoya
a967078d80
add missing key bound_cidrs
in pathCertRead Response ( #6080 )
2019-02-07 22:41:38 -05:00
Brian Nuszkowski
707c6d1813
Add SHA1 signing/verification support to transit engine ( #6037 )
...
* Add SHA1 signing/verification support to transit engine
* Update signing/verification endpoint documentation to include sha1 hash algorithm
2019-02-07 15:31:31 -08:00
Graham Land
13e60dbb40
Add Vault supported log levels ( #6185 )
...
Documentation : Add the supported log level configurations
`Supported log levels: Trace, Debug, Error, Warn, Info.`
2019-02-07 11:27:08 -08:00
Martins Sipenko
ea56be1e69
Fix section heading size ( #6137 )
2019-02-07 11:18:58 -08:00
Becca Petrin
3225a66d34
Return a more helpful error message for unknown db roles ( #6157 )
...
* return a more helpful err msg
* update test, print fmt
* fix other test failure
2019-02-07 11:16:23 -08:00
Eero Niemi
f9cb767d9c
Fixed typo (newtwork -> network) ( #6177 )
2019-02-07 13:06:38 -05:00
Jeff Mitchell
d883af3d30
If the log level isn't set, don't display "(not set)" ( #6183 )
2019-02-07 03:48:50 -05:00
Jeff Mitchell
ea61e8fbec
Remove refresh_interval from kvv1 API docs and CLI docs since kv get doesn't use it
2019-02-06 21:51:08 -05:00
Aidan Daniels-Soles
39893a1e15
Fix wrong file name in service definition ( #6174 )
2019-02-06 15:43:03 -05:00
Jeff Mitchell
7337f1ab75
changelog++
2019-02-05 21:03:03 -05:00
Jeff Mitchell
9ef0680e7f
Fix leader info repopulation ( #6167 )
...
* Two things:
* Change how we populate and clear leader UUID. This fixes a case where
if a standby disconnects from an active node and reconnects, without the
active node restarting, the UUID doesn't change so triggers on a new
active node don't get run.
* Add a bunch of test helpers and minor updates to things.
2019-02-05 21:01:18 -05:00
d
97a73d6bf8
Revert "fixed trailing slash in consul.html.md example"
...
This reverts commit 4310bb58c83285ebd9cfcb302b70d1db432a11e2.
Accidental push to master, my apologies. See PR https://github.com/hashicorp/vault/pull/6175
2019-02-05 17:42:15 -07:00
Dominic Porreco
778e6add49
fixed trailing slash in consul.html.md example
2019-02-05 17:01:39 -07:00
Noelle Daley
d1c48c070c
changelog++
2019-02-05 15:53:31 -08:00
Lexman
c51de76dd1
adds port parameter ( #6145 )
2019-02-05 15:40:00 -08:00
Becca Petrin
421a526e8f
dont automatically accept mssql eula ( #6169 )
2019-02-05 14:11:06 -08:00
Jeff Mitchell
79bf5810f8
changelog++
2019-02-05 16:03:25 -05:00
ncabatoff
50c90fe8c0
Do the rotate-root query without prepared statements, as we do for create/revoke user. Fixes #6116 . ( #6119 )
2019-02-05 16:02:48 -05:00
Jeff Mitchell
5f249d4005
Add allowed_response_headers ( #6115 )
2019-02-05 16:02:15 -05:00
Aidan Daniels-Soles
86f096449b
Replace special hyphen ( #6165 )
2019-02-05 10:48:26 -08:00
Jeff Mitchell
de8d45d9db
Fix test build
2019-02-05 12:26:25 -05:00
Becca Petrin
309e7db6f0
Don't run MSSQL revocations as a transaction ( #6154 )
2019-02-04 09:02:56 -08:00
Brian Shumate
18c8f390f9
Update AppRole API docs ( #6047 )
...
- Use consistent "Create/Update" heading text style
2019-02-04 11:17:16 -05:00
nickwales
e2429522fa
Removed typo ( #6162 )
2019-02-04 11:13:37 -05:00
Matthew Potter
5e374d5cd1
Add libvault to the list of elixir libraries ( #6158 )
2019-02-04 11:12:29 -05:00
Jeff Mitchell
ba4a5c0576
changelog++
2019-02-01 17:15:00 -05:00
Jeff Mitchell
82ee4176e6
Add the ability to print curl commands from CLI ( #6113 )
2019-02-01 17:13:51 -05:00
Jeff Mitchell
17755b8150
Update go-retryablehttp to get bodybytes, and circonus deps as those break without it
2019-02-01 17:13:21 -05:00
Jeff Mitchell
2f9a7c6203
Add more perf standby guards ( #6149 )
2019-02-01 16:56:57 -05:00
Brian Kassouf
aaca35be94
Updates to recovery keys ( #6152 )
2019-02-01 11:29:55 -08:00
Yoko
a9392f9840
Adding a mention for 'kv-v2' as type ( #6151 )
2019-02-01 11:26:08 -08:00
Jeff Mitchell
bbc1d53a5d
Revert "Refactor common token fields and operations into a helper ( #5953 )"
...
This reverts commit 66c226c593bb1cd48cfd8364ac8510cb42b7d67a.
2019-02-01 11:23:40 -05:00
Jeff Mitchell
adccccae69
Update example output for PKI serial -> serial_number
...
Fixes #6146
2019-02-01 10:29:34 -05:00
Jeff Mitchell
b2cc9ebd3a
Remove regenerate-key docs as it no longer exists
2019-02-01 09:29:40 -05:00
Jeff Mitchell
b94c29a8a1
Update go-ldap to fix #6135
2019-01-31 17:07:25 -05:00
Jeff Mitchell
1a6580039c
Add npm to apt-get command
2019-01-31 15:56:04 -05:00
Joel Thompson
33400e6e99
Fix typo in help text ( #6136 )
...
Small typo introduced in #6133
2019-01-31 08:53:54 -08:00
Jeff Mitchell
27c960d8df
Split SubView functionality into logical.StorageView ( #6141 )
...
This lets other parts of Vault that can't depend on the vault package
take advantage of the subview functionality.
This also allows getting rid of BarrierStorage and vault.Entry, two
totally redundant abstractions.
2019-01-31 09:25:18 -05:00
Jim Kalafut
b98cc2e2cf
Add json.Number handling to TypeHeader ( #6134 )
...
Fixes #6131
2019-01-30 15:24:39 -08:00