mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-26 09:01:13 +02:00
Code Issues Projects Releases Wiki Activity
9,692 Commits 2,837 Branches 445 Tags
Commit Graph

9692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
vishalnayak
7c7771c600 changelog++ 2016-02-24 11:04:19 -05:00
Vishal Nayak
8915b3ce8c Merge pull request #1039 from hashicorp/vault-iss539-app-id 
Added renewal capability to app-id backend
 2016-02-24 10:59:58 -05:00
vishalnayak
fc08007106 check CIDR block for renewal as well 2016-02-24 10:55:31 -05:00
vishalnayak
72b0390c9e Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Vishal Nayak
4679c01a01 Merge pull request #1123 from hashicorp/ssh-add-tls-skip-verify 
Use tls_skip_verify in vault-ssh-helper
 2016-02-23 22:06:46 -05:00
vishalnayak
26cdd93088 Use tls_skip_verify in vault-ssh-helper 2016-02-23 17:32:49 -05:00
Jeff Mitchell
bcdf66369c changelog++ 2016-02-23 13:24:57 -05:00
Jeff Mitchell
6fef0f2b30 Merge pull request #1121 from mhurne/improve-error-on-sts-read-with-arn-policy 
Improve error message when client attempts to generate STS creds for managed policy
 2016-02-23 13:22:44 -05:00
Matt Hurne
ac835c4e61 Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation 2016-02-23 09:06:52 -05:00
Matt Hurne
8bd0cc6391 Improve error message returned when client attempts to generate STS credentials for a managed policy; addresses #1113 2016-02-23 08:58:28 -05:00
Vishal Nayak
864d70cfc4 Merge pull request #1118 from hashicorp/ssh-api-fix 
ssh-helper related API changes
 2016-02-23 00:20:20 -05:00
vishalnayak
1e4ee603a7 ssh-helper api changes 2016-02-23 00:16:00 -05:00
Jeff Mitchell
5f9c3e6837 We treat put/post the same, so allow init to use POST 2016-02-22 20:22:31 -05:00
Jeff Mitchell
9233a507b2 changelog++ 2016-02-22 19:52:48 -05:00
Jeff Mitchell
d8fb8a935d Merge pull request #1117 from hashicorp/add-time-to-responses 
Add the server's time in UTC to the health response.
 2016-02-22 19:52:03 -05:00
Jeff Mitchell
a8a227b97a Add the server's time in UTC to the health response. 2016-02-22 19:51:18 -05:00
Jeff Mitchell
50082a61d8 Merge pull request #1114 from hashicorp/dont-delete-certs 
Do not delete certs (or revocation information)
 2016-02-22 16:11:13 -05:00
Jeff Mitchell
db8b4287e3 Address review feedback 2016-02-22 16:11:01 -05:00
Jeff Mitchell
98487a4a33 changelog++ 2016-02-22 13:40:27 -05:00
Jeff Mitchell
5176c75a0f Remove extra debugging from PKI tests 2016-02-22 13:39:05 -05:00
Jeff Mitchell
9685c94459 Do not delete certs (or revocation information) to avoid potential 
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
 2016-02-22 13:36:17 -05:00
Jeff Mitchell
4c2c932816 Fix issue where leftover values after cn tests could trigger errors in ipsan tests 2016-02-22 13:35:57 -05:00
vishalnayak
b6153d5813 changelog++ 2016-02-22 11:41:13 -05:00
Vishal Nayak
7dac5efe27 Merge pull request #1112 from hashicorp/1089-postgres-connection-url 
postgres: connection_url fix
 2016-02-22 11:36:04 -05:00
Jeff Mitchell
7c60548b9a More improvements to PKI tests; allow setting a specific seed, output 
the seed to the console, and split generated steps to make it
understandable which seed is for which set of steps.
 2016-02-22 11:22:52 -05:00
vishalnayak
046d7f87b4 postgres: connection_url fix 2016-02-22 11:22:49 -05:00
Vishal Nayak
bd08980375 Merge pull request #1108 from vanhalt/fixing_write_help 
When writing from a file it must be a JSON file
 2016-02-22 11:01:21 -05:00
Jeff Mitchell
ec97c6c8e2 Use more fuzziness in PKI backend tests 2016-02-22 10:59:37 -05:00
vanhalt
5b916974c5 help sentence improved 2016-02-22 09:38:30 -06:00
Jeff Mitchell
d993993f18 Better handle errors from fetchCertBySerial 2016-02-22 10:36:26 -05:00
vanhalt
805cf6d302 When writing from a file it must be a JSON file 
Making clear from write help text that when writing secrets
using @file, the file must be a JSON file.
 2016-02-21 19:02:09 -06:00
Kevin Pike
6ac1a8c48b Update update operation and uuid references 2016-02-21 15:31:22 -08:00
Kevin Pike
79ed734a2f Merge branch 'master' into rabbitmq 2016-02-21 14:55:06 -08:00
Kevin Pike
d805f2ef57 Add RabbitMQ secret backend 2016-02-21 14:52:57 -08:00
Jeff Mitchell
2be9a34a83 Merge pull request #1107 from vanhalt/fixing_auth-enable_help 
Fixing auth-enable help text
 2016-02-21 16:14:29 -05:00
vanhalt
4a4550eb04 Fixing auth-enable help text 
auth-enable command help in the "Auth Enable Options" is suggesting
the usage of a non-existing command called 'auth-list' instead of
the correct one "auth -methods"
 2016-02-21 14:54:50 -06:00
Jeff Mitchell
0d2cef0c5d changelog++ 2016-02-21 15:35:43 -05:00
Jeff Mitchell
8112386dc3 Merge pull request #1106 from hashicorp/issue-468 
Remove root requirement for certs/ and crls/ in TLS auth backend.
 2016-02-21 15:34:26 -05:00
Jeff Mitchell
e065a1cd22 Remove root requirement for certs/ and crls/ in TLS auth backend. 
Fixes #468
 2016-02-21 15:33:33 -05:00
Jeff Mitchell
3e33878dbd changelog++ 2016-02-19 21:43:37 -05:00
Jeff Mitchell
f5861cce6f changelog++ 2016-02-19 21:42:50 -05:00
Jeff Mitchell
f677fb583a Merge pull request #1104 from hashicorp/check-role-keybits 
Check role key type and bits when signing CSR.
 2016-02-19 21:41:27 -05:00
Jeff Mitchell
d3af63193b Add tests for minimum key size checking. (This will also verify that the 
key type matches that of the role, since type assertions are required to
check the bit size). Like the rest, these are fuzz tests; I have
verified that the random seed will eventually hit error conditions if
ErrorOk is not set correctly when we expect an error.
 2016-02-19 21:39:40 -05:00
Jeff Mitchell
5da2949d45 Check role key type and bits when signing CSR. 
Two exceptions: signing an intermediate CA CSR, and signing a CSR via
the 'sign-verbatim' path.
 2016-02-19 20:50:49 -05:00
vishalnayak
9f5d45d45c changelog++ 2016-02-19 18:34:23 -05:00
vishalnayak
992a32975c Cap the length midString in IAM user's username to 42 2016-02-19 18:31:10 -05:00
Vishal Nayak
d123d4c02e Merge pull request #1102 from hashicorp/shorten-aws-usernames 
Set limits on generated IAM user and STS token names.
 2016-02-19 18:25:29 -05:00
vishalnayak
8c62b0b2b3 changelog++ 2016-02-19 16:52:19 -05:00
Jeff Mitchell
9b57078b26 Some minor changes in mysql commenting and names 2016-02-19 16:44:52 -05:00
Jeff Mitchell
63a8061e87 Set limits on generated IAM user and STS token names. 
Fixes #1031
Fixes #1063
 2016-02-19 16:35:06 -05:00