## 0.1.3 (unreleased) IMPROVEMENTS: * core: `/sys/auth` allows for PUT requests as well BUG FIXES: * command/*: commands accepting `k=v` allow blank values ## 0.1.2 (May 11, 2015) FEATURES: * **New physical backend: `zookeeper`**: store physical data in Zookeeper. HA not supported yet. * **New credential backend: `ldap`**: authenticate using LDAP credentials. IMPROVEMENTS: * core: Auth backends can store internal data about auth creds * audit: display name for auth is shown in logs [GH-176] * command/*: `-insecure` has been renamed to `-tls-skip-verify` [GH-130] * command/*: `VAULT_TOKEN` overrides local stored auth [GH-162] * command/server: environment variables are copy-pastable * credential/app-id: hash of app and user ID are in metadata [GH-176] * http: HTTP API accepts `X-Vault-Token` as auth header [GH-124] * logical/*: Generate help output even if no synopsis specified BUG FIXES: * core: login endpoints should never return secrets * core: Internal data should never be returned from core endpoints * core: defer barrier initialization to as late as possible to avoid error cases during init that corrupt data (no data loss) * core: guard against invalid init config earlier * audit/file: create file if it doesn't exist [GH-148] * command/*: ignore directories when traversing CA paths [GH-181] * credential/*: all policy mapping keys are case insensitive [GH-163] * physical/consul: Fixing path for locking so HA works in every case ## 0.1.1 (May 2, 2015) SECURITY CHANGES: * physical/file: create the storge with 0600 permissions [GH-102] * token/disk: write the token to disk with 0600 perms IMPROVEMENTS: * core: Very verbose error if mlock fails [GH-59] * command/*: On error with TLS oversized record, show more human-friendly error message. [GH-123] * command/read: `lease_renewable` is now outputed along with the secret to show whether it is renewable or not * command/server: Add configuration option to disable mlock * command/server: Disable mlock for dev mode so it works on more systems BUG FIXES: * core: if token helper isn't absolute, prepend with path to Vault executable, not "vault" (which requires PATH) [GH-60] * core: Any "mapping" routes allow hyphens in keys [GH-119] * core: Validate `advertise_addr` is a valid URL with scheme [GH-106] * command/auth: Using an invalid token won't crash [GH-75] * credential/app-id: app and user IDs can have hyphens in keys [GH-119] * helper/password: import proper DLL for Windows to ask password [GH-83] ## 0.1.0 (April 28, 2015) * Initial release