vishalnayak
57117f0e56
git add tlsutil
2016-07-13 11:29:17 -04:00
vishalnayak
150cba24a7
Added tls_min_version to consul storage backend
2016-07-12 20:10:54 -04:00
Nathan J. Mehl
417cf49bb7
allow overriding the default truncation length for mysql usernames
...
see https://github.com/hashicorp/vault/issues/1605
2016-07-12 17:05:43 -07:00
vishalnayak
ee6ba1e85e
Make 'tls_min_version' configurable
2016-07-12 19:32:47 -04:00
vishalnayak
f200a8568b
Set minimum TLS version in all tls.Config objects
2016-07-12 17:06:28 -04:00
vishalnayak
9f208ae8f2
Revert 'risky' changes
2016-07-12 16:38:07 -04:00
Jeff Mitchell
97360e55bd
Whoops, fix vendoring
2016-07-11 23:13:26 +00:00
Jeff Mitchell
478f420912
Migrate number of retries down by one to have it be max retries, not tries
2016-07-11 21:57:14 +00:00
Jeff Mitchell
7129fd5785
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages
2016-07-11 21:37:46 +00:00
Jeff Mitchell
dc5b4a052e
Merge pull request #1608 from hashicorp/tune-duration-second
...
Factor out parsing duration second type and use it for parsing tune v…
2016-07-11 14:26:36 -06:00
Jeff Mitchell
58efdcba47
Return a duration instead and port a few other places to use it
2016-07-11 18:19:35 +00:00
Jeff Mitchell
984641af21
Factor out parsing duration second type and use it for parsing tune values too
2016-07-11 17:53:39 +00:00
Mick Hansen
cc742a6fc5
incorporate code style guidelines
2016-07-11 13:35:35 +02:00
Mick Hansen
463294f4c6
handle revocations for roles that have privileges on sequences
2016-07-11 13:16:45 +02:00
Nathan J. Mehl
0648160276
use role name rather than token displayname in generated mysql usernames
...
If a single token generates multiple myself roles, the generated mysql
username was previously prepended with the displayname of the vault
user; this makes the output of `show processlist` in mysql potentially
difficult to correlate with the roles actually in use without cross-
checking against the vault audit log.
See https://github.com/hashicorp/vault/pull/1603 for further discussion.
2016-07-10 15:57:47 -07:00
Matt Hurne
57d3af8a4e
Merge branch 'master' into mongodb-secret-backend
2016-07-09 21:14:21 -04:00
Matt Hurne
0a5a815c68
mongodb secret backend: Improve safety of MongoDB roles storage
2016-07-09 21:12:42 -04:00
vishalnayak
24b89dd452
Fix broken build
2016-07-08 23:16:58 -04:00
vishalnayak
fa4a00f65b
Fix broken build
2016-07-08 20:30:27 -04:00
vishalnayak
d5b73fa0f5
Place error check before the response check in expiration test
2016-07-08 19:01:36 -04:00
vishalnayak
f59a69bc52
Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC
2016-07-08 18:30:18 -04:00
Jeff Mitchell
3345322132
changelog++
2016-07-08 10:42:13 -04:00
Jeff Mitchell
a1bbd24031
Add documentation of retry env vars
2016-07-08 10:41:11 -04:00
Jeff Mitchell
3ff2bf7147
Merge pull request #1594 from hashicorp/api-retryable
...
Make the API client retry on 5xx errors.
2016-07-08 10:34:56 -04:00
Jeff Mitchell
b14497df95
Do some extra checking in the modified renewal check
2016-07-08 10:34:49 -04:00
Matt Hurne
5a6547fdaa
Merge branch 'master' into mongodb-secret-backend
2016-07-08 08:32:03 -04:00
Jeff Mitchell
5f5ebb62dd
Merge pull request #1601 from hashicorp/clarify-policy
...
Some policy concept page clarifications
2016-07-08 01:06:16 -04:00
Jeff Mitchell
9cfce6c3f3
Some policy concept page clarifications
2016-07-08 05:05:46 +00:00
Matt Hurne
0a4638080a
Format code in mongodb secret backend
2016-07-07 23:16:11 -04:00
Matt Hurne
2c3b5513df
mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages
2016-07-07 23:09:45 -04:00
Matt Hurne
8a2e9a316b
Add note about MongoDB secret backend to changelog
2016-07-07 22:53:57 -04:00
Matt Hurne
f2a3471f37
Update mongodb secret backend documentation to indicate that ttl and max_ttl lease config parameters are optional rather than required
2016-07-07 22:34:00 -04:00
Matt Hurne
a130c7462a
mongodb secret backend documentation: Use single quotes around roles JSON to avoid needing to escape double quotes within the JSON
2016-07-07 22:31:35 -04:00
Matt Hurne
611b08a5b9
mongodb secret backend: Refactor to eliminate unnecessary variable
2016-07-07 22:29:17 -04:00
Matt Hurne
afcff23362
mongodb secret backend: Consider a "user not found" response a success when removing a user from Mongo
2016-07-07 22:27:47 -04:00
Matt Hurne
67c2c0a1dd
mongodb secret backend: Improve roles path help
2016-07-07 22:16:34 -04:00
Matt Hurne
8a6959211e
mongodb secret backend: Remove default value for Mongo authentication DB for roles; validate that role name and authentication db were specified when creating a role
2016-07-07 22:09:00 -04:00
Matt Hurne
1fa764275b
mongodb secret backend: Leverage framework.TypeDurationSecond to simplify storage of lease ttl and max_ttl
2016-07-07 21:48:44 -04:00
Matt Hurne
350ffcf79f
mongodb secret backend: Verify existing Session is still working before reusing it
2016-07-07 21:37:44 -04:00
Matt Hurne
1751d4da68
Merge branch 'master' into mongodb-secret-backend
2016-07-07 21:24:40 -04:00
vishalnayak
35cbe22f56
Use go-uuid's GenerateUUID in PutWAL and discart logical.UUID()
2016-07-07 17:57:36 -04:00
Vishal Nayak
d274bcb8e6
Merge pull request #1598 from evertrue/evertrue/eherot/doc_fix
...
Pretty sure the method to delete a token role is DELETE (not GET)
2016-07-07 14:10:13 -04:00
Eric Herot
1a2b13c204
Pretty sure the method to delete a token role is not GET
2016-07-07 13:54:20 -04:00
vishalnayak
c62a368ccd
Added jsonutil functional tests
2016-07-07 12:12:51 -04:00
vishalnayak
2dc811d1b3
Input validations for jsonutil
2016-07-07 11:29:38 -04:00
vishalnayak
80b8e1f2d2
Added jsonutil helper
2016-07-07 10:51:49 -04:00
Jeff Mitchell
28ed4f4c9b
Add go-retryablehttp dep
2016-07-07 10:42:08 -04:00
vishalnayak
c99cc155ff
Fix transit tests
2016-07-06 22:04:08 -04:00
Jeff Mitchell
c7e59ffe28
Fix upgrade to 0.6 docs
2016-07-06 19:00:23 -04:00
vishalnayak
40d6be9b66
Added json.Number as recognized type for FieldData
2016-07-06 18:54:18 -04:00
