## 0.2.0 (July 13, 2015) FEATURES: * **Key Rotation Support**: The `rotate` command can be used to rotate the master encryption key used to write data to the storage (physical) backend. [GH-277] * **Rekey Support**: Rekey can be used to rotate the master key and change the configuration of the unseal keys (number of shares, threshold required). [GH-277] * **New secret backend: `pki`**: Enable Vault to be a certificate authority and generate signed TLS certificates. [GH-310] * **New secret backend: `cassandra`**: Generate dynamic credentials for Cassandra [GH-363] * **New storage backend: `etcd`**: store physical data in etcd [GH-259] [GH-297] * **New storage backend: `s3`**: store physical data in S3. Does not support HA. [GH-242] * **New storage backend: `MySQL`**: store physical data in MySQL. Does not support HA. [GH-324] * `transit` secret backend supports derived keys for per-transaction unique keys [GH-399] IMPROVEMENTS: * cli/auth: Enable `cert` method [GH-380] * cli/auth: read input from stdin [GH-250] * cli/read: Ability to read a single field from a secret [GH-257] * cli/write: Adding a force flag when no input required * core: allow time duration format in place of seconds for some inputs * core: audit log provides more useful information [GH-360] * core: graceful shutdown for faster HA failover * core: **change policy format** to use explicit globbing [GH-400] Any existing policy in Vault is automatically upgraded to avoid issues. All policy files must be updated for future writes. Adding the explicit glob character `*` to the path specification is all that is required. * core: policy merging to give deny highest precedence [GH-400] * credential/app-id: Protect against timing attack on app-id * credential/cert: Record the common name in the metadata [GH-342] * credential/ldap: Allow TLS verification to be disabled [GH-372] * credential/ldap: More flexible names allowed [GH-245] [GH-379] [GH-367] * credential/userpass: Protect against timing attack on password * credential/userpass: Use bcrypt for password matching * http: response codes improved to reflect error [GH-366] * http: the `sys/health` endpoint supports `?standbyok` to return 200 on standby [GH-389] * secret/app-id: Support deleting AppID and UserIDs [GH-200] * secret/consul: Fine grained lease control [GH-261] * secret/transit: Decouple raw key from key management endpoint [GH-355] * secret/transit: Upsert named key when encrypt is used [GH-355] * storage/zk: Support for HA configuration [GH-252] * storage/zk: Changing node representation. **Backwards incompatible**. [GH-416] BUG FIXES: * audit/file: file removing TLS connection state * audit/syslog: fix removing TLS connection state * command/*: commands accepting `k=v` allow blank values * core: Allow building on FreeBSD [GH-365] * core: Fixed various panics when audit logging enabled * core: Lease renewal does not create redundant lease * core: fixed leases with negative duration [GH-354] * core: token renewal does not create child token * core: fixing panic when lease increment is null [GH-408] * credential/app-id: Salt the paths in storage backend to avoid information leak * credential/cert: Fixing client certificate not being requested * credential/cert: Fixing panic when no certificate match found [GH-361] * http: Accept PUT as POST for sys/auth * http: Accept PUT as POST for sys/mounts [GH-349] * http: Return 503 when sealed [GH-225] * secret/postgres: Username length is capped to exceeding limit * server: Do not panic if backend not configured [GH-222] * server: Explicitly check value of tls_diable [GH-201] * storage/zk: Fixed issues with version conflicts [GH-190] MISC: * cli/path-help: renamed from `help` to avoid confusion ## 0.1.2 (May 11, 2015) FEATURES: * **New physical backend: `zookeeper`**: store physical data in Zookeeper. HA not supported yet. * **New credential backend: `ldap`**: authenticate using LDAP credentials. IMPROVEMENTS: * core: Auth backends can store internal data about auth creds * audit: display name for auth is shown in logs [GH-176] * command/*: `-insecure` has been renamed to `-tls-skip-verify` [GH-130] * command/*: `VAULT_TOKEN` overrides local stored auth [GH-162] * command/server: environment variables are copy-pastable * credential/app-id: hash of app and user ID are in metadata [GH-176] * http: HTTP API accepts `X-Vault-Token` as auth header [GH-124] * logical/*: Generate help output even if no synopsis specified BUG FIXES: * core: login endpoints should never return secrets * core: Internal data should never be returned from core endpoints * core: defer barrier initialization to as late as possible to avoid error cases during init that corrupt data (no data loss) * core: guard against invalid init config earlier * audit/file: create file if it doesn't exist [GH-148] * command/*: ignore directories when traversing CA paths [GH-181] * credential/*: all policy mapping keys are case insensitive [GH-163] * physical/consul: Fixing path for locking so HA works in every case ## 0.1.1 (May 2, 2015) SECURITY CHANGES: * physical/file: create the storge with 0600 permissions [GH-102] * token/disk: write the token to disk with 0600 perms IMPROVEMENTS: * core: Very verbose error if mlock fails [GH-59] * command/*: On error with TLS oversized record, show more human-friendly error message. [GH-123] * command/read: `lease_renewable` is now outputed along with the secret to show whether it is renewable or not * command/server: Add configuration option to disable mlock * command/server: Disable mlock for dev mode so it works on more systems BUG FIXES: * core: if token helper isn't absolute, prepend with path to Vault executable, not "vault" (which requires PATH) [GH-60] * core: Any "mapping" routes allow hyphens in keys [GH-119] * core: Validate `advertise_addr` is a valid URL with scheme [GH-106] * command/auth: Using an invalid token won't crash [GH-75] * credential/app-id: app and user IDs can have hyphens in keys [GH-119] * helper/password: import proper DLL for Windows to ask password [GH-83] ## 0.1.0 (April 28, 2015) * Initial release