open-vault/CHANGELOG.md
2015-07-13 17:08:30 +10:00

6 KiB

0.2.0 (unreleased)

FEATURES:

  • Key Rotation Support: The rotate command can be used to rotate the master encryption key used to write data to the storage (physical) backend. [GH-277]
  • Rekey Support: Rekey can be used to rotate the master key and change the configuration of the unseal keys (number of shares, threshold required). [GH-277]
  • New secret backend: pki: Enable Vault to be a certificate authority and generate signed TLS certificates. [GH-310]
  • New secret backend: cassandra: Generate dynamic credentials for Cassandra [GH-363]
  • New storage backend: etcd: store physical data in etcd [GH-259] [GH-297]
  • New storage backend: s3: store physical data in S3. Does not support HA. [GH-242]
  • New storage backend: MySQL: store physical data in MySQL. Does not support HA. [GH-324]
  • transit secret backend supports derived keys for per-transaction unique keys [GH-399]

IMPROVEMENTS:

  • cli/auth: Enable cert method [GH-380]
  • cli/auth: read input from stdin [GH-250]
  • cli/read: Ability to read a single field from a secret [GH-257]
  • cli/write: Adding a force flag when no input required
  • core: allow time duration format in place of seconds for some inputs
  • core: audit log provides more useful information [GH-360]
  • core: graceful shutdown for faster HA failover
  • core: change policy format to use explicit globbing [GH-400] Any existing policy in Vault is automatically upgraded to avoid issues. All policy files must be updated for future writes. Adding the explicit glob character * to the path specification is all that is required.
  • core: policy merging to give deny highest precedence [GH-400]
  • credential/app-id: Protect against timing attack on app-id
  • credential/cert: Record the common name in the metadata [GH-342]
  • credential/ldap: Allow TLS verification to be disabled [GH-372]
  • credential/ldap: More flexible names allowed [GH-245] [GH-379] [GH-367]
  • credential/userpass: Protect against timing attack on password
  • credential/userpass: Use bcrypt for password matching
  • http: response codes improved to reflect error [GH-366]
  • http: the sys/health endpoint supports ?standbyok to return 200 on standby [GH-389]
  • secret/app-id: Support deleting AppID and UserIDs [GH-200]
  • secret/consul: Fine grained lease control [GH-261]
  • secret/transit: Decouple raw key from key management endpoint [GH-355]
  • secret/transit: Upsert named key when encrypt is used [GH-355]
  • storage/zk: Support for HA configuration [GH-252]

BUG FIXES:

  • audit/file: file removing TLS connection state
  • audit/syslog: fix removing TLS connection state
  • command/*: commands accepting k=v allow blank values
  • core: Allow building on FreeBSD [GH-365]
  • core: Fixed various panics when audit logging enabled
  • core: Lease renewal does not create redundant lease
  • core: fixed leases with negative duration [GH-354]
  • core: token renewal does not create child token
  • core: fixing panic when lease increment is null [GH-408]
  • credential/app-id: Salt the paths in storage backend to avoid information leak
  • credential/cert: Fixing client certificate not being requested
  • credential/cert: Fixing panic when no certificate match found [GH-361]
  • http: Accept PUT as POST for sys/auth
  • http: Accept PUT as POST for sys/mounts [GH-349]
  • http: Return 503 when sealed [GH-225]
  • secret/postgres: Username length is capped to exceeding limit
  • server: Do not panic if backend not configured [GH-222]
  • server: Explicitly check value of tls_diable [GH-201]
  • storage/zk: Fixed issues with version conflicts [GH-190]

MISC:

  • cli/path-help: renamed from help to avoid confusion

0.1.2 (May 11, 2015)

FEATURES:

  • New physical backend: zookeeper: store physical data in Zookeeper. HA not supported yet.
  • New credential backend: ldap: authenticate using LDAP credentials.

IMPROVEMENTS:

  • core: Auth backends can store internal data about auth creds
  • audit: display name for auth is shown in logs [GH-176]
  • command/*: -insecure has been renamed to -tls-skip-verify [GH-130]
  • command/*: VAULT_TOKEN overrides local stored auth [GH-162]
  • command/server: environment variables are copy-pastable
  • credential/app-id: hash of app and user ID are in metadata [GH-176]
  • http: HTTP API accepts X-Vault-Token as auth header [GH-124]
  • logical/*: Generate help output even if no synopsis specified

BUG FIXES:

  • core: login endpoints should never return secrets
  • core: Internal data should never be returned from core endpoints
  • core: defer barrier initialization to as late as possible to avoid error cases during init that corrupt data (no data loss)
  • core: guard against invalid init config earlier
  • audit/file: create file if it doesn't exist [GH-148]
  • command/*: ignore directories when traversing CA paths [GH-181]
  • credential/*: all policy mapping keys are case insensitive [GH-163]
  • physical/consul: Fixing path for locking so HA works in every case

0.1.1 (May 2, 2015)

SECURITY CHANGES:

  • physical/file: create the storge with 0600 permissions [GH-102]
  • token/disk: write the token to disk with 0600 perms

IMPROVEMENTS:

  • core: Very verbose error if mlock fails [GH-59]
  • command/*: On error with TLS oversized record, show more human-friendly error message. [GH-123]
  • command/read: lease_renewable is now outputed along with the secret to show whether it is renewable or not
  • command/server: Add configuration option to disable mlock
  • command/server: Disable mlock for dev mode so it works on more systems

BUG FIXES:

  • core: if token helper isn't absolute, prepend with path to Vault executable, not "vault" (which requires PATH) [GH-60]
  • core: Any "mapping" routes allow hyphens in keys [GH-119]
  • core: Validate advertise_addr is a valid URL with scheme [GH-106]
  • command/auth: Using an invalid token won't crash [GH-75]
  • credential/app-id: app and user IDs can have hyphens in keys [GH-119]
  • helper/password: import proper DLL for Windows to ask password [GH-83]

0.1.0 (April 28, 2015)

  • Initial release