f30ea2dc0a
Merge pull request #1106 from hashicorp/issue-468
...
Remove root requirement for certs/ and crls/ in TLS auth backend.
2016-02-21 15:34:26 -05:00
fab2d8687a
Remove root requirement for certs/ and crls/ in TLS auth backend.
...
Fixes #468
2016-02-21 15:33:33 -05:00
7165be0cf3
changelog++
2016-02-19 21:43:37 -05:00
2bff5716bf
changelog++
2016-02-19 21:42:50 -05:00
5d5c6527dc
Merge pull request #1104 from hashicorp/check-role-keybits
...
Check role key type and bits when signing CSR.
2016-02-19 21:41:27 -05:00
58432c5d57
Add tests for minimum key size checking. (This will also verify that the
...
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
2016-02-19 21:39:40 -05:00
c57b646848
Check role key type and bits when signing CSR.
...
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
2016-02-19 20:50:49 -05:00
6a14786660
changelog++
2016-02-19 18:34:23 -05:00
c4abe72075
Cap the length midString in IAM user's username to 42
2016-02-19 18:31:10 -05:00
773de69796
Merge pull request #1102 from hashicorp/shorten-aws-usernames
...
Set limits on generated IAM user and STS token names.
2016-02-19 18:25:29 -05:00
a43bd9131b
changelog++
2016-02-19 16:52:19 -05:00
574542b683
Some minor changes in mysql commenting and names
2016-02-19 16:44:52 -05:00
25b9f9b4a6
Set limits on generated IAM user and STS token names.
...
Fixes #1031
Fixes #1063
2016-02-19 16:35:06 -05:00
4c9b4ee93b
Merge pull request #1096 from hashicorp/iss1076-allow-verification
...
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:28:41 -05:00
a16055c809
mysql: fix error message
2016-02-19 16:07:06 -05:00
38b55bd8b1
Don't deprecate value field yet
2016-02-19 16:07:06 -05:00
99f4969b20
Removed connectionString.ConnectionString
2016-02-19 16:07:05 -05:00
380b662c3d
mysql: provide allow_verification option to disable connection_url check
2016-02-19 16:07:05 -05:00
bebcd518a9
Purge fastly when we do a release, in case it's a re-package
...
Fixes #1057
2016-02-19 15:59:52 -05:00
fef282f078
Some website config updates
2016-02-19 15:27:02 -05:00
50d3b68c8d
Merge pull request #1078 from eyal-lupu/master
...
ZooKeeper Backend: Authnetication and Authorization support
2016-02-19 15:13:09 -05:00
5036882353
changelog++
2016-02-19 15:12:05 -05:00
6df75231b8
Merge pull request #1100 from hashicorp/issue-1030
...
Properly escape filter values in LDAP filters
2016-02-19 14:56:40 -05:00
be073f8499
Update upgrade website section with information about the 0.5.1 PKI changes
2016-02-19 14:42:59 -05:00
8bc34acd4e
changelog++
2016-02-19 14:37:42 -05:00
9ff59c3385
Merge pull request #1095 from hashicorp/pki-1024-bit-warnings
...
Disallow RSA keys < 2048 in PKI backend
2016-02-19 14:34:47 -05:00
7fc4ee1ed7
Disallow 1024-bit RSA keys.
...
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
2016-02-19 14:33:02 -05:00
05b5ff69ed
Address some feedback on ldap escaping help text
2016-02-19 13:47:26 -05:00
d7b40b32db
Properly escape filter values.
...
Fixes #1030
2016-02-19 13:16:52 -05:00
c67871c36e
Update LDAP documentation with a note on escaping
2016-02-19 13:16:18 -05:00
597ba98895
Merge pull request #1099 from hashicorp/fix-ssh-cli
...
ssh: use resolved IP address while executing ssh command
2016-02-19 13:02:34 -05:00
28857cb419
Fix mixed whitespacing in ssh help text
2016-02-19 12:47:58 -05:00
bccbf2b87e
ssh: use resolved IP address while executing ssh command
2016-02-19 12:19:10 -05:00
d3f3122307
Add tests to ldap using the discover capability
2016-02-19 11:46:59 -05:00
154c326060
Add ldap tests that use a bind dn and bind password
2016-02-19 11:38:27 -05:00
e5fac90902
Merge branch 'master' of github.com:eyal-lupu/vault
2016-02-19 13:29:21 +00:00
a6e9820e8d
typo in comment
2016-02-19 13:28:02 +00:00
23303429c0
'Eagerly' parse ZK authentication and authorization to fast-fail bad configuration
2016-02-19 13:24:57 +00:00
c7fe99b1e9
1. gofmt
...
2. Change if expr syntax to be consist with the rest of Vault code
3. More details on error message
2016-02-19 12:19:01 +00:00
520d71668d
Update .gitignore to remove overzealous application of 'pkg' shadowing
...
vendor dir.
Also update Travis to stop doing bad things.
2016-02-18 21:51:04 -05:00
0cf0d4d265
Makefile whitespacing
2016-02-18 21:26:28 -05:00
df3527c0eb
Add travis building of travis-testing branch and make dev to install
2016-02-18 21:23:40 -05:00
d6df4fa43e
Remove godep from Travis; we're using Go 1.6 vendoring now
2016-02-18 18:25:21 -05:00
af22880425
Update travis to use Go 1.6
2016-02-18 18:09:21 -05:00
84d9b6c6b2
changelog++
2016-02-18 17:11:50 -05:00
88d486c9c1
Merge pull request #1094 from hashicorp/sanitize-ttl-emptystring
...
Make SanitizeTTL treat an empty string the same as a "0" string.
2016-02-18 16:59:23 -05:00
f9fb20bbe4
Make SanitizeTTL treat an empty string the same as a "0" string.
...
This causes a 0 TTL to be returned for the value, which is a clue to
other parts of Vault to use appropriate defaults. However, this makes
the defaults be used at lease allocation or extension time instead of
when parsing parameters.
2016-02-18 16:51:36 -05:00
3e1a07d3d0
Merge pull request #1047 from hashicorp/vault-iss999-github-renewal
...
GitHub renewal enhancements
2016-02-18 16:47:15 -05:00
2b85154c37
Bump version
2016-02-18 16:43:43 -05:00
cfd908cb73
More dep bumps
2016-02-18 16:37:30 -05:00
Jeff Mitchell