mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-22 23:21:08 +02:00
Code Issues Projects Releases Wiki Activity
8,395 Commits 2,843 Branches 445 Tags
Commit Graph

102 Commits

Author SHA1 Message Date
Jeff Mitchell
5a2d80e487
Allow max request size to be user-specified (#4824) 
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
 2018-07-06 15:44:56 -04:00
Calvin Leung Huang
c212a86606
Move checkHCLKeys into hclutil (#4749) 2018-06-12 12:38:08 -04:00
Jeff Mitchell
7dce56bf73 Sync over changes to config.go 2018-05-30 08:34:46 -04:00
Shelby Moore
4a1c826d98 Updated proxy protocol config validation (#4528) 2018-05-09 10:53:44 -04:00
Jeff Mitchell
80b17705a9
X-Forwarded-For (#4380) 2018-04-17 18:52:09 -04:00
Calvin Leung Huang
b9ff16a4d1
Fix output-related tests (#4288) 
* Fix command tests

* More test fixes

* Use backticks to escape quoted strings

* More test fixes

* Fix mismatched error output failures

* Fix mismatched error output failures
 2018-04-05 20:43:29 -04:00
Vishal Nayak
e2bb2ec3b9
Errwrap everywhere (#4252) 
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
 2018-04-05 11:49:21 -04:00
Becca Petrin
792d219aa9 Move to "github.com/hashicorp/go-hclog" (#4227) 
* logbridge with hclog and identical output

* Initial search & replace

This compiles, but there is a fair amount of TODO
and commented out code, especially around the
plugin logclient/logserver code.

* strip logbridge

* fix majority of tests

* update logxi aliases

* WIP fixing tests

* more test fixes

* Update test to hclog

* Fix format

* Rename hclog -> log

* WIP making hclog and logxi love each other

* update logger_test.go

* clean up merged comments

* Replace RawLogger interface with a Logger

* Add some logger names

* Replace Trace with Debug

* update builtin logical logging patterns

* Fix build errors

* More log updates

* update log approach in command and builtin

* More log updates

* update helper, http, and logical directories

* Update loggers

* Log updates

* Update logging

* Update logging

* Update logging

* Update logging

* update logging in physical

* prefixing and lowercase

* Update logging

* Move phyisical logging name to server command

* Fix som tests

* address jims feedback so far

* incorporate brians feedback so far

* strip comments

* move vault.go to logging package

* update Debug to Trace

* Update go-plugin deps

* Update logging based on review comments

* Updates from review

* Unvendor logxi

* Remove null_logger.go
 2018-04-02 17:46:59 -07:00
Josh Soref
e43b76ef97 Spelling (#4119) 2018-03-20 14:54:10 -04:00
Bharath B
06524611cd Config parameter "tls_disable_client_certs" is wrongly evaluated. (#4049) 2018-02-28 10:07:23 -05:00
Jeff Mitchell
7d73ac4c96 go vet fixes 2018-02-05 14:26:31 -05:00
Chris Hoffman
098c66a624
Add support for encrypted TLS key files (#3685) 2017-12-15 17:33:55 -05:00
Calvin Leung Huang
faccf38997 Move HA-related config values to top level (#3550) 
* Move HA-related config values to top level

* Add config2.hcl test-fixture
 2017-11-08 14:19:41 -05:00
Calvin Leung Huang
c7b5b8b0b4 aws_region->region on awskms config 2017-11-02 16:31:16 -04:00
Jeff Mitchell
cd6d67d84b Final sync 2017-10-23 17:39:21 -04:00
Jeff Mitchell
6faf8365e9 Add option to disable client certificate requesting. (#3373) 
Fixes #3372
 2017-09-25 14:41:46 -04:00
Vishal Nayak
de7ac83df6 Add 'pid_file' config option (#3321) 
* add pid_file config option

* address review feedback

* address review comments
 2017-09-16 17:09:37 -04:00
Chris Hoffman
4a8c33cca3 Disable the sys/raw endpoint by default (#3329) 
* disable raw endpoint by default

* adding docs

* config option raw -> raw_storage_endpoint

* docs updates

* adding listing on raw endpoint

* reworking tests for enabled raw endpoints

* root protecting base raw endpoint
 2017-09-15 00:21:35 -04:00
Jeff Mitchell
3f31ed733f Add option to set cluster TLS cipher suites. (#3228) 
* Add option to set cluster TLS cipher suites.

Fixes #3227
 2017-08-30 16:28:23 -04:00
Doyoon Kim
f855da7a89 Moved PROXY protocol wrap to execute before the TLS wrap (#3195) 2017-08-23 12:00:09 -04:00
Gobin Sougrakpam
f166016ae8 tls_client_ca_file option for verifying client (#3034) 2017-08-03 07:33:06 -04:00
Jeff Mitchell
608322b546 Add PROXY protocol support (#3098) 2017-08-02 18:24:12 -04:00
Jeff Mitchell
c6615e1b51 Add a -dev-three-node option for devs. (#3081) 2017-07-31 11:28:06 -04:00
Jeff Mitchell
22e06c05e8 Convert listener arguments to map[string]interface{} (#2905) 
This allows people to use more natural constructs, e.g. for tls_disable
it can be a bool, int, or string.
 2017-06-22 20:29:53 +01:00
Jeff Mitchell
f5de93f1bf Add DogStatsD metrics output. (#2883) 
Fixes #2490
 2017-06-16 23:51:46 -04:00
Brian Kassouf
07f3f4fc26 Update the plugin directory logic 2017-04-13 11:22:53 -07:00
Brian Kassouf
f2401c0128 Merge branch 'master' into database-refactor 2017-04-12 14:29:10 -07:00
Brian Kassouf
ac519abecf Plugin catalog 2017-04-03 17:52:29 -07:00
Jeff Mitchell
317c664370 Add option to require valid client certificates (#2457) 2017-03-08 10:21:31 -05:00
Jeff Mitchell
b1ed578f3d Rename physical backend to storage and alias old value (#2456) 2017-03-08 09:17:00 -05:00
Jeff Mitchell
df575f0b3a Rename helper 'duration' to 'parseutil'. (#2449) 
Add a ParseBool function that accepts various kinds of ways of
specifying booleans.

Have config use ParseBool for UI and disabling mlock/cache.
 2017-03-07 11:21:22 -05:00
Jeff Mitchell
bfaf9022fa Do some porting to make diffing easier 2017-02-24 10:45:29 -05:00
Jeff Mitchell
8acbdefdf2 More porting from rep (#2388) 
* More porting from rep

* Address review feedback
 2017-02-16 16:29:30 -05:00
Roman Vynar
51bb8bc544 Added tls_cipher_suites, tls_prefer_server_ciphers config options to listener (#2293) 2017-01-23 13:48:35 -05:00
Chris Lundquist
61411f2f4f prevent binding 0.0.0.0 -> ::0 (#2094) 2016-11-15 12:00:57 -05:00
matt maier
2cd3cfd83e Vendor circonus (#2082) 2016-11-10 16:17:55 -05:00
Jeff Mitchell
0765d8e938 Switch default case of disable cluster. (#1959) 2016-10-02 14:54:01 -04:00
Jeff Mitchell
ad62b32ff0 Rejig where the reload functions live 2016-09-30 00:07:22 -04:00
Jeff Mitchell
c748ff322f Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
Evan Phoenix
d5038f34b0 Advertise the cluster_(id|name) in the Scada handshake (#1906) 2016-09-23 10:55:51 -04:00
Jeff Mitchell
ce7680022b Force tls_disable on scada connection inside outer TLS connection as it's not currently supported anyways 2016-09-20 14:56:16 -04:00
vishalnayak
618949ae0b Update atlas listener factory to use version with pre-release info. 2016-09-01 17:21:11 -04:00
Jeff Mitchell
d40277a18f Plumb through the ability to set the storage read cache size. (#1784) 
Plumb through the ability to set the storage read cache size.

Fixes #1772
 2016-08-26 10:27:06 -04:00
Jeff Mitchell
68345eb770 Convert to logxi 2016-08-21 18:13:37 -04:00
Jeff Mitchell
645540012f Request forwarding (#1721) 
Add request forwarding.
 2016-08-15 09:42:42 -04:00
Vishal Nayak
8d0bce03be Merge pull request #1655 from hashicorp/cluster-id 
Vault cluster name and ID
 2016-07-26 14:12:48 -04:00
Evan Phoenix
6135e246e3 Report the simple version string 2016-07-26 10:21:24 -07:00
vishalnayak
f76c926b0a Added cluster_name for existing config tests 2016-07-26 11:38:24 -04:00
vishalnayak
46b94d8612 Update cluster name during config merge 2016-07-26 11:11:12 -04:00
vishalnayak
e5c61509d6 Remove global name/id. Make only cluster name configurable. 2016-07-26 10:01:35 -04:00