Commit graph

9857 commits

Author SHA1 Message Date
Michel Vocks f2d022ac20
Print warning when 'tls_cipher_suites' includes blacklisted cipher suites (#6300)
* Implemented a warning when tls_cipher_suites includes only cipher suites which are not supprted by the HTTP/2 spec

* Added test for cipher suites

* Added hard fail on startup when all defined cipher suites are blacklisted. Added warning when some ciphers are blacklisted.

* Replaced hard failure with warning. Removed bad cipher util function and replaced it by external library.

* Added missing dependency. Fixed renaming of package name.
2019-03-01 16:48:06 +01:00
Jim Kalafut 8eb4a0c50a Update JWT plugin deps (#6313) 2019-02-28 17:49:50 -08:00
Brian Kassouf 7b910a093b
Handle ns lease and token renew/revoke via relative paths (#6236) (#6312)
* Handle ns lease and token renew/revoke via relative paths

* s/usin/using/

* add token and lease lookup paths; set ctx only on non-nil ns

Addtionally, use client token's ns for auth/token/lookup if no token is provided
2019-02-28 16:02:25 -08:00
Vishal Nayak ac2b499fc9
Support reading Vault's address from Agent's config file (#6306)
* Support reading Vault's address from Agent's config file

* use consts and switch

* Add tls options to agent config vault block

* Update command/agent/config/config.go

Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com>

* remove fmt.Printfs
2019-02-28 17:29:28 -05:00
Chris Hoffman 4f35c548fe Transit Autounseal (#5995)
* Adding Transit Autoseal

* adding tests

* adding more tests

* updating seal info

* send a value to test and set current key id

* updating message

* cleanup

* Adding tls config, addressing some feedback

* adding tls testing

* renaming config fields for tls
2019-02-28 13:13:56 -08:00
Becca Petrin 5dbd09cf2f
Merge pull request #6250 from chrissphinx/patch-1
fix example that was out-of-date
2019-02-28 10:28:24 -08:00
Becca Petrin 76f42975d6
Merge pull request #6251 from paulftw/patch-1
[Documentation] Update secrets-engines.html.md
2019-02-28 10:09:29 -08:00
Calvin Leung Huang 5eb50a261e agent/caching: test renaming; add api-level cache-clear test (#6305)
* test renaming; add api-level cache-clear test

* fix import ordering
2019-02-28 10:05:55 -08:00
Becca Petrin 4ecaa1b597
Merge pull request #6304 from bradjones1/patch-2
RabbitMQ 'vhost' parameter on roles endpoint should be 'vhosts'
2019-02-28 10:03:47 -08:00
Becca Petrin 7b4a184a52
Merge pull request #6224 from hashicorp/dp.fix-consul-storage-doc-6171
Fix example in documentation. Resolves [issue 6171]
2019-02-28 09:55:55 -08:00
Becca Petrin 4cf21cda87
Merge pull request #6221 from emilymye/website
Remove unsupported config delete for GCP auth docs
2019-02-28 09:52:52 -08:00
Clint Shryock 7e1a4885e1
fix typo in code comment 2019-02-28 10:26:40 -06:00
Andrey Kuzmin b496fea4ad Etcd timeouts (#6285)
* Configurable lock and request etcd timeouts.

If etcd cluster placed on slow servers - request timeouts may be much greater, then hardcoded default values.
Also, in etcd setup, like above - may be need to greater lock timeout.

* Configurable lock and request etcd timeouts.

Docs.

* Use user friendly timeout syntax.

To allow specify more readable time values.
2019-02-27 18:34:29 -08:00
Anton R. Yuste 4120aa2da0 Specify the userpass name creating the alias entity (#6289) 2019-02-27 18:28:33 -08:00
Jon Currey e9891013b3 Fix typo on Seal page of concepts docs (#6290) 2019-02-27 18:27:36 -08:00
John O'Sullivan 62f454c972 Documenting -dev-plugin-dir vault server option (#6307)
Based on an answer from Brian Kassouf on the Google Group: https://groups.google.com/d/msg/vault-tool/7Qf9Hn1w3jA/yGUIKZxHGAAJ
2019-02-27 18:24:49 -08:00
Jeff Mitchell 6208142a71 Update golang-lru dep which has a minor speedbump in the critical path 2019-02-27 17:51:06 -05:00
Calvin Leung Huang 2486e4c5b6 changelog++ 2019-02-27 14:25:22 -08:00
Brad Jones da99b6d088
RabbitMQ 'vhost' parameter on roles endpoint should be 'vhosts'
In deploying this, I noted that passing `vhost` was unsuccessful, yet `vhosts` is.
2019-02-27 15:19:54 -07:00
Calvin Leung Huang c07253999c
agent/caching: enable caching of leases generated by autoauth token (#6293)
* agent/caching: enable caching of leases generated by autoauth token

* add test for auth/token/create path

* update error message log

* Some minor updates

* add sleep timer for renewal logic to process
2019-02-27 13:14:58 -08:00
Vishal Nayak ffabeda5d9
Agent Caching: Remove response updates using renewal output (#6303)
* Agent Caching: Remove response updates using renewal output

* Use renewal output channel to log the fact
2019-02-27 14:33:45 -05:00
Jim Kalafut ff945e929e
changelog++ 2019-02-26 21:40:28 -08:00
vishalnayak 3f92836771 Port identity store cleanup code 2019-02-26 16:11:16 -05:00
vishalnayak 6020f02454 changelog++ 2019-02-26 13:35:41 -05:00
vishalnayak 83f797b059 changelog++ 2019-02-26 13:34:52 -05:00
vishalnayak 1d16601b7f Agent caching docs superscript beta 2019-02-26 10:36:24 -05:00
vishalnayak dee2e1797d Add Beta superscript to caching docs 2019-02-26 10:28:55 -05:00
vishalnayak 2ab27e6087 Agent doc update for beta testers 2019-02-26 10:20:55 -05:00
vishalnayak f04b4d1668 Change agent's default port number to 8100 2019-02-26 10:02:12 -05:00
Calvin Leung Huang 5b5ec851c7 Agent caching docs (#6272)
* WIP agent caching docs

* More docs updates

* Add caching/index.html to docs_detailed_categories.yml

* Some more docs updates

* Some more docs updates

* updates

* address review feedback

* fix sample config

* Update website/source/docs/agent/caching/index.html.md

Co-Authored-By: calvn <cleung2010@gmail.com>

* fix config for sidebar display

* Add environment variable to the docs
2019-02-26 09:57:17 -05:00
Jim Kalafut ebb63652cd
Fix agent test (#6281) 2019-02-21 21:24:16 -08:00
Jim Kalafut 9bac5158cd
Update JWT docs for OIDC feature (#6270) 2019-02-21 17:06:23 -08:00
Calvin Leung Huang fda590f538
agent/caching: use const for cache-clear path (#6271) 2019-02-21 14:53:34 -08:00
Calvin Leung Huang 8fc9138fe4
agent/caching: remove EvictByPrefix and EvictAll (#6269) 2019-02-21 14:52:10 -08:00
Chris Hoffman 481c38c7d0
adding 1.1 upgrade docs (#6279) 2019-02-21 17:41:06 -05:00
Matthew Irish a5fd143f82
fix tests for auth-jwt and related functionality (#6277) 2019-02-21 16:21:23 -06:00
Brian Kassouf 40399cb387
Update config.rb 2019-02-20 17:24:53 -08:00
Brian Kassouf d6d81d3def
Cut version 1.1.0-beta1 2019-02-20 12:14:59 -08:00
Brian Kassouf efe5671f36 make fmt 2019-02-20 12:12:21 -08:00
Brian Kassouf 5cd0e97654
release prep 2019-02-20 11:12:09 -08:00
Brian Kassouf 4936297896
release prep 2019-02-20 11:11:08 -08:00
Brian Kassouf ccc2a1683c
changelog++ 2019-02-20 10:18:15 -08:00
Brian Kassouf 8c5e0cfddc
changelog++ 2019-02-20 10:12:38 -08:00
Brian Kassouf f46a90b46e
changelog++ 2019-02-20 10:03:41 -08:00
Matthew Irish d3393ce3d6
changelog++ 2019-02-20 11:53:06 -06:00
Brian Kassouf 897f525b1e
changelog++ 2019-02-20 09:45:27 -08:00
Brian Kassouf adb6a9febc
Merge pull request #6266 from jesferman/patch-1
Fix wrong link in PKI menu-list
2019-02-20 09:12:52 -08:00
Jesus Fernandez Manzano c63408442b
Fix wrong link in PKI menu-list
"Generate Certificate" button was linking to "sign" endpoint instead of "issue"
2019-02-20 12:29:08 +01:00
Vishal Nayak 779d49bab5
AgentCache: Properly compute auto-auth token (#6264)
* Properly compute auto-auth token

* Use inmem sink to track auto-auth token

* update debug statement

* Only add inmem sink if using auto-auth token is allowed
2019-02-20 02:11:05 -05:00
Brian Kassouf f22b1b396a
changelog++ 2019-02-19 14:43:07 -08:00