mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-24 08:01:07 +02:00
Code Issues Projects Releases Wiki Activity
9,692 Commits 2,840 Branches 445 Tags
Commit Graph

9692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robison Jacka
7a46918f8c Adding path roles test coverage for storing PKIX fields (#4003) 2018-02-18 16:22:35 -05:00
Robison Jacka
45a90a9fe3 Add test coverage for recently-added PKIX fields. (#4002) 2018-02-18 13:21:54 -05:00
Jeff Mitchell
fbcad150aa Fix missing CommonName in subject generation 2018-02-17 21:01:36 -05:00
Jeff Mitchell
9b8dfd43fa changelog++ 2018-02-17 20:53:29 -05:00
Jeff Mitchell
9c88c9ddac
Handle missed error case in seal status output format (#4001) 
Fixes #3998
 2018-02-17 20:52:42 -05:00
Brian Kassouf
8ded4d2a37
changelogg++ 2018-02-16 17:44:51 -08:00
Brian Kassouf
d9be0e0707
plugin/grpc: Add RemoteAddr to the request object (#3997) 2018-02-16 17:41:01 -08:00
vishalnayak
bd20fb9e8a changelog++ 2018-02-16 17:46:04 -05:00
Vishal Nayak
1deaed2ffe
Verify DNS SANs if PermittedDNSDomains is set (#3982) 
* Verify DNS SANs if PermittedDNSDomains is set

* Use DNSNames check and not PermittedDNSDomains on leaf certificate

* Document the check

* Add RFC link

* Test for success case

* fix the parameter name

* rename the test

* remove unneeded commented code
 2018-02-16 17:42:29 -05:00
Jeff Mitchell
04eb86b799 changelog++ 2018-02-16 17:22:57 -05:00
Jeff Mitchell
a43a854740
Support other names in SANs (#3889) 2018-02-16 17:19:34 -05:00
Jeff Mitchell
e95b0d01b0 changelog++ 2018-02-16 12:53:43 -05:00
Vitya
3a8ca5fec4 Fix compatibility with some Postgres versions (#3986) 
use server_version_num instead of parsing the text version. See: https://www.postgresql.org/docs/10/static/functions-info.html
 2018-02-16 12:52:34 -05:00
Jeff Mitchell
d325b32a9d Update website for AWS client max_retries 2018-02-16 11:13:55 -05:00
Jeff Mitchell
143c8d4672 changelog++ 2018-02-16 11:12:19 -05:00
Mohsen
9db39c8d09 Maximum number of retries aws sdk attempts for recoverable exceptions. (#3965) 2018-02-16 11:11:17 -05:00
Jeff Mitchell
324422162a Also exclude init command from race detector 2018-02-16 11:09:36 -05:00
Seth Vargo
40445b7d73 Add useragent helper (#3991) 
* Add useragent package

This helper provides a consistent user-agent header for Vault, taking into account different versions.

* Add user-agent headers to spanner and gcs
 2018-02-15 18:30:31 -05:00
Brian Kassouf
e8c5d89ec0
plugin/gRPC: Add more documentation to the proto file (#3988) 
* plugin/gRPC: Add more documentation to the proto file

* Fix typo

* Update comments
 2018-02-15 14:20:50 -08:00
Matthew Irish
a2139a1d8e
changelog ++ 2018-02-15 16:15:53 -06:00
Jeff Mitchell
e36a49fdf1 Add some info about cert reloading behavior on SIGHUP 
CC #3990
 2018-02-15 17:11:48 -05:00
Jeff Mitchell
b24cf9a8af
Allow formatted data when using -field and -format together. (#3987) 
* Allow formatted data when using -field and -format together.

As a special case, allows "data" to be passed in to get the entire data
struct output.

* If data exists in the output map use that instead when special casing
 2018-02-15 09:11:56 -05:00
Jeff Mitchell
32c81ea8c8 changelog++ 2018-02-14 20:31:45 -05:00
Seth Vargo
7af2bdc5a4 Add support for Google Cloud Spanner (#3977) 2018-02-14 20:31:20 -05:00
Jeff Mitchell
6420c5510b changelog++ 2018-02-14 20:30:36 -05:00
Brian Nuszkowski
0e2d214864 Add Okta specific MFA workflow to Okta auth method (#3980) 
* Add Okta specific MFA workflow to Okta auth method. Note this only
supports Okta Push.
 2018-02-14 20:28:19 -05:00
Brian Nuszkowski
7a628e64ca Disable redirects on the http client that calls AWS STS api, which (#3983) 
is used in the AWS IAM auth method.

Co-authored-by: Max Justicz <max@justi.cz>
 2018-02-14 20:27:13 -05:00
Jeff Mitchell
83e397451e changelog++ 2018-02-14 16:11:55 -05:00
Jeff Mitchell
7ddc025dee
Re-add lost stored-shares parameter to operator rekey command. (#3974) 
Also change the rekey API to not require explicitly setting values to 1.

Fixes #3969
 2018-02-14 16:10:45 -05:00
Seth Vargo
ee4327d71b Remove mlock warning when mlock is explicitly disabled (#3979) 2018-02-14 15:11:33 -05:00
Jeff Mitchell
3c1c80972d changelog++ 2018-02-14 12:00:39 -05:00
Jeff Mitchell
ef00a69f11
Add ChaCha20-Poly1305 support to transit (#3975) 2018-02-14 11:59:46 -05:00
Jeff Mitchell
901f98f3ce Fix manta test 2018-02-14 10:39:52 -05:00
Nick
1489c08ea0 Update lease.html.md (#3759) 2018-02-14 09:44:34 -05:00
Brian Shumate
2b617f305a DOCS: update Telemetry with more coverage (#3968) 
- Add initial secrets engines metrics
- Update metrics types/values
- Update language for auth methods, secrets engines, audit devices
- Add more linking to relevant documentation
 2018-02-14 09:39:51 -05:00
Jeff Mitchell
dddf5e726e Update Okta dep. 
Fixes #3963
 2018-02-14 09:38:46 -05:00
Jeff Mitchell
0822882eee changelog++ 2018-02-14 09:24:26 -05:00
Gobin Sougrakpam
632a5f37a9 Log warnings when too many leases are active (#3957) 2018-02-14 09:22:46 -05:00
Seth Vargo
4ae1310b8b Fix code in header font size (#3970) 
* Fix code in header font size

This fixes the tiny code font in header names.

* Update _global.scss
 2018-02-13 22:17:51 -05:00
Jeff Mitchell
89dbe2deff
Add newline on non-ttl output (#3967) 
Output is formatted with newlines in mind, so without this those get
lost and things get funky due to multiple outputs running together.
 2018-02-13 14:46:57 -05:00
Brian Shumate
c400463298 Clarify with example of file-backend specific metrics (#3913) 2018-02-13 11:04:11 -05:00
George Perez
dba4bc10b9 Update generate-root.html.md (#3894) 
Fix typo: "providers" to "provides"
 2018-02-13 11:03:35 -05:00
Brian Shumate
bea6121359 DOCS: update Telemetry (#3964) 
- Correct time to millis
- Correct storage backend summaries from # ops to duration of ops
 2018-02-13 10:15:19 -05:00
Jeff Mitchell
a0ccf7bab4 Plumb context through manta 2018-02-13 10:03:12 -05:00
Nicolas Troncoso
6e6b0eb086 Turns the okta groups array into a coma separated string (#3956) 2018-02-13 08:18:43 -05:00
Jeff Mitchell
effb396185 Make fmt 2018-02-12 21:01:14 -05:00
Jeff Mitchell
bd8f461f17 Update triton version 2018-02-12 18:27:18 -05:00
Jeff Mitchell
de1ee7fbb9 changelog++ 2018-02-12 18:26:27 -05:00
Jeff Mitchell
6ae03f2965 changelog++ 2018-02-12 18:24:55 -05:00
Paul Stack
7181749031 Adding Manta Storage Backend (#3720) 
This PR adds a new Storage Backend for Triton's Object Storage - Manta

```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v  -timeout 45m
=== RUN   TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok  	github.com/hashicorp/vault/physical/manta	61.210s
```

Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store

Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value

The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`

The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
 2018-02-12 18:22:41 -05:00