mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 12:37:02 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,844 Branches 445 Tags 454 MiB
68b40b814c
Commit Graph

10543 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
afa1af0131
Fixes a regression in forwarding from #6115 (#6191) 
* Fixes a regression in forwarding from #6115

Although removing the authentication header is good defense in depth,
for forwarding mechanisms that use the raw request, we never add it
back. This caused perf standby tests to throw errors. Instead, once
we're past the point at which we would do any raw forwarding, but before
routing the request, remove the header.

To speed this up, a flag is set in the logical.Request to indicate where
the token is sourced from. That way we don't iterate through maps
unnecessarily.
 2019-02-11 13:08:15 -05:00
Jeff Mitchell
964460a240 changelog++ 2019-02-11 13:04:29 -05:00
Clint
7c78575660 Add signed key constraints to SSH CA [continued] (#6030) 
* Adds the ability to enforce particular ssh key types and minimum key
lengths when using Signed SSH Certificates via the SSH Secret Engine.
 2019-02-11 13:03:26 -05:00
Jeff Mitchell
a0ede31dd0 changelog++ 2019-02-10 18:35:28 -05:00
Andrej van der Zee
d41c72664f Added socket keep alive option to Cassandra plugin. (#6201) 2019-02-10 18:34:50 -05:00
Matthew Irish
b16527d791
fix nav-to-nearest mixin when there are no ancestors (#6198) 2019-02-08 18:50:50 -06:00
vishalnayak
be968f0edd changelog++ 2019-02-08 16:34:23 -05:00
Vishal Nayak
0ce70b89c7
Merge entities during unseal only on the primary (#6075) 
* Merge entities during unseal only on the primary

* Add another guard check

* Add perf standby to the check

* Make primary to not differ from case-insensitivity status w.r.t secondaries

* Ensure mutual exclusivity between loading and invalidations

* Both primary and secondaries won't persist during startup and invalidations

* Allow primary to persist when loading case sensitively

* Using core.perfStandby

* Add a tweak in core for testing

* Address review feedback

* update memdb but not storage in secondaries

* Wire all the things directly do mergeEntity

* Fix persist behavior

* Address review feedback
 2019-02-08 16:32:06 -05:00
Becca Petrin
06fffd7b27
Use null strings in MSSQL to prevent errs (#6099) 2019-02-08 10:04:54 -08:00
Michel Vocks
f95ac48db8 Added missing backslash in iam identity guide (#6193) 2019-02-08 09:56:36 -08:00
Jeff Mitchell
3bb2dbbdfb Make fmt 2019-02-08 09:12:55 -05:00
Naoki Ainoya
47166fc9ca add missing key bound_cidrs in pathCertRead Response (#6080) 2019-02-07 22:41:38 -05:00
Brian Nuszkowski
9495b09de8 Add SHA1 signing/verification support to transit engine (#6037) 
* Add SHA1 signing/verification support to transit engine

* Update signing/verification endpoint documentation to include sha1 hash algorithm
 2019-02-07 15:31:31 -08:00
Graham Land
1c2c8fad34 Add Vault supported log levels (#6185) 
Documentation : Add the supported log level configurations

`Supported log levels: Trace, Debug, Error, Warn, Info.`
 2019-02-07 11:27:08 -08:00
Martins Sipenko
f51e49e581 Fix section heading size (#6137) 2019-02-07 11:18:58 -08:00
Becca Petrin
7ba7309b8b Return a more helpful error message for unknown db roles (#6157) 
* return a more helpful err msg

* update test, print fmt

* fix other test failure
 2019-02-07 11:16:23 -08:00
Eero Niemi
8f1f0d7aab Fixed typo (newtwork -> network) (#6177) 2019-02-07 13:06:38 -05:00
Jeff Mitchell
8381a9fb16
If the log level isn't set, don't display "(not set)" (#6183) 2019-02-07 03:48:50 -05:00
Jeff Mitchell
f472965f24 Remove refresh_interval from kvv1 API docs and CLI docs since kv get doesn't use it 2019-02-06 21:51:08 -05:00
Aidan Daniels-Soles
7693674cbd Fix wrong file name in service definition (#6174) 2019-02-06 15:43:03 -05:00
Jeff Mitchell
95f9ba363e changelog++ 2019-02-05 21:03:03 -05:00
Jeff Mitchell
9a980d34c7
Fix leader info repopulation (#6167) 
* Two things:

* Change how we populate and clear leader UUID. This fixes a case where
if a standby disconnects from an active node and reconnects, without the
active node restarting, the UUID doesn't change so triggers on a new
active node don't get run.

* Add a bunch of test helpers and minor updates to things.
 2019-02-05 21:01:18 -05:00
d
33b18b24b0 Revert "fixed trailing slash in consul.html.md example" 
This reverts commit 4310bb58c8.

Accidental push to master, my apologies. See PR https://github.com/hashicorp/vault/pull/6175
 2019-02-05 17:42:15 -07:00
Dominic Porreco
4310bb58c8 fixed trailing slash in consul.html.md example 2019-02-05 17:01:39 -07:00
Noelle Daley
2e42352d7c
changelog++ 2019-02-05 15:53:31 -08:00
Lexman
f15faa57fe
adds port parameter (#6145) 2019-02-05 15:40:00 -08:00
Becca Petrin
06864a5c06 dont automatically accept mssql eula (#6169) 2019-02-05 14:11:06 -08:00
Jeff Mitchell
0720db665f changelog++ 2019-02-05 16:03:25 -05:00
ncabatoff
78edbf6d1f
Do the rotate-root query without prepared statements, as we do for create/revoke user. Fixes #6116. (#6119) 2019-02-05 16:02:48 -05:00
Jeff Mitchell
20423f7082
Add allowed_response_headers (#6115) 2019-02-05 16:02:15 -05:00
Aidan Daniels-Soles
69d3fdd2b8 Replace special hyphen (#6165) 2019-02-05 10:48:26 -08:00
Jeff Mitchell
42c2857598 Fix test build 2019-02-05 12:26:25 -05:00
Becca Petrin
077aa1bf80
Don't run MSSQL revocations as a transaction (#6154) 2019-02-04 09:02:56 -08:00
Brian Shumate
bad69b7d75 Update AppRole API docs (#6047) 
- Use consistent "Create/Update" heading text style
 2019-02-04 11:17:16 -05:00
nickwales
281b7cad1d Removed typo (#6162) 2019-02-04 11:13:37 -05:00
Matthew Potter
3e3e3f134c Add libvault to the list of elixir libraries (#6158) 2019-02-04 11:12:29 -05:00
Jeff Mitchell
c523c0c2b4 changelog++ 2019-02-01 17:15:00 -05:00
Jeff Mitchell
f404e0acd2
Add the ability to print curl commands from CLI (#6113) 2019-02-01 17:13:51 -05:00
Jeff Mitchell
d647681a37 Update go-retryablehttp to get bodybytes, and circonus deps as those break without it 2019-02-01 17:13:21 -05:00
Jeff Mitchell
c0739a0f23
Add more perf standby guards (#6149) 2019-02-01 16:56:57 -05:00
Brian Kassouf
b7f3823ad1
Updates to recovery keys (#6152) 2019-02-01 11:29:55 -08:00
Yoko
0da50446f5
Adding a mention for 'kv-v2' as type (#6151) 2019-02-01 11:26:08 -08:00
Jeff Mitchell
47d339fce1 Revert "Refactor common token fields and operations into a helper (#5953)" 
This reverts commit 66c226c593.
 2019-02-01 11:23:40 -05:00
Jeff Mitchell
e60b72250e Update example output for PKI serial -> serial_number 
Fixes #6146
 2019-02-01 10:29:34 -05:00
Jeff Mitchell
0569b7fe5b Remove regenerate-key docs as it no longer exists 2019-02-01 09:29:40 -05:00
Jeff Mitchell
f10857c6da Update go-ldap to fix #6135 2019-01-31 17:07:25 -05:00
Jeff Mitchell
671131669a Add npm to apt-get command 2019-01-31 15:56:04 -05:00
Joel Thompson
043b20e46f Fix typo in help text (#6136) 
Small typo introduced in #6133
 2019-01-31 08:53:54 -08:00
Jeff Mitchell
e9256ed477
Split SubView functionality into logical.StorageView (#6141) 
This lets other parts of Vault that can't depend on the vault package
take advantage of the subview functionality.

This also allows getting rid of BarrierStorage and vault.Entry, two
totally redundant abstractions.
 2019-01-31 09:25:18 -05:00
Jim Kalafut
0377c836c1
Add json.Number handling to TypeHeader (#6134) 
Fixes #6131
 2019-01-30 15:24:39 -08:00