9692 Commits

Author SHA1 Message Date
Chris Hoffman
3f97410fe4 adding back -dr-token flag to generate-root command (#3818) 2018-01-19 19:25:45 -05:00
Jeff Mitchell
e9d5863a2e
Use a separate var for active node replication state (#3819) 2018-01-19 19:24:04 -05:00
Jeff Mitchell
c6ff8d35f3 Update cache to satisfy Purge interface after context plumbing 2018-01-19 17:00:13 -05:00
Jeff Mitchell
1e78dfb8ac Embed derived contexts into replication clients 2018-01-19 07:22:31 -05:00
Jeff Mitchell
e1028c644f Add centrify plugin as builtin 2018-01-19 06:03:33 -05:00
Jeff Mitchell
07893b2659 Add gcp and kubernetes back now that they're updated 2018-01-19 05:56:34 -05:00
Jeff Mitchell
ca2306860b Fix compile 2018-01-19 05:31:55 -05:00
Jeff Mitchell
b27093b63c
Add context to barrier encryptor interface 2018-01-19 05:28:47 -05:00
Jeff Mitchell
84e92d5a02
Add context to barrier encryptor access 2018-01-19 05:24:40 -05:00
Jeff Mitchell
8b0f8de8ff A bit more context plumbing 2018-01-19 04:11:59 -05:00
Jeff Mitchell
cfc788f60e Remove context from a few extraneous places 2018-01-19 03:44:06 -05:00
Jeff Mitchell
048a35d903 Don't use context in barrier type/recovery type 2018-01-19 03:17:36 -05:00
Brian Kassouf
13e0cd3f7f
changelog++ 2018-01-18 23:49:51 -08:00
Jeff Mitchell
7698bec88c Add context to performPolicyChecks 2018-01-19 02:43:39 -05:00
Brian Kassouf
f1557a032c
changelog++ 2018-01-18 23:40:36 -08:00
Jeff Mitchell
11e5257420
Don't check recovery seal in Initialized()
It doesn't actually matter and can give false positives.
2018-01-19 01:55:33 -05:00
Brian Kassouf
8142b42d95 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Yoko Hyakuna
8c261067a6 WIP - Added personas 2018-01-18 17:40:35 -08:00
Jeff Mitchell
2864fbd697 bump go-plugin 2018-01-18 16:58:03 -05:00
Brian Kassouf
03f6108822
gRPC Backend Plugins (#3808)
* Add grpc plugins

* Add grpc plugins

* Translate wrap info to/from proto

* Add nil checks

* Fix nil marshaling errors

* Provide logging through the go-plugin logger

* handle errors in the messages

* Update the TLS config so bidirectional connections work

* Add connectivity checks

* Restart plugin and add timeouts where context is not availible

* Add the response wrap data into the grpc system implementation

* Add leaseoptions to pb.Auth

* Add an error translator

* Add tests for translating the proto objects

* Fix rename of function

* Add tracing to plugins for easier debugging

* Handle plugin crashes with the go-plugin context

* Add test for grpcStorage

* Add tests for backend and system

* Bump go-plugin for GRPCBroker

* Remove RegisterLicense

* Add casing translations for new proto messages

* Use doneCtx in grpcClient

* Use doneCtx in grpcClient

* s/shutdown/shut down/
2018-01-18 13:49:20 -08:00
Matthew Irish
94878e558d
changelog++ 2018-01-18 14:37:48 -06:00
Jeff Mitchell
f7ae903371 Remove RegisterLicense from logical.Backend
It's almost certainly the wrong signature and nothing uses it currently
anyways.
2018-01-18 13:44:29 -05:00
Calvin Leung Huang
06c062fafe changelog++ 2018-01-18 12:28:09 -05:00
Calvin Leung Huang
2069614486
Don't call LeaseExtend on login renewal paths when period is provided (#3803)
* Don't call LeaseExtend on login renewal paths when period is provided

* WIP tests

* NoopBackend accept backend ttl values

* Test period value on credentials backend

* Use t.Fatalf instead

* Remove mockCoreExpiration

* Add login renewal test for approle backend

* Add resp.Auth.Period check on aws and cert backend tests

* Pass in approle's period via role's period

* Correctly set period in valid-role's role

* Add period renewal test using TestCluster and approle backend

* Check for ttl values after renewals on test
2018-01-18 12:19:18 -05:00
Jeff Mitchell
8997f580a0 changelog++ 2018-01-18 12:15:11 -05:00
samiam
4ddd1f2668 Write password prompts to stderr to avoid co-mingling stdout (#3781) (#3782) 2018-01-18 12:14:19 -05:00
Jeff Mitchell
8bbece953d Enhance TLS client forwarding test to ensure each client is distinct 2018-01-18 12:01:07 -05:00
Jeff Mitchell
66206f264e Move around some logic to be neater 2018-01-18 11:47:24 -05:00
Jeff Mitchell
f0acb3a995 Actually print out forwarded stacktrace 2018-01-18 11:40:59 -05:00
Calvin Leung Huang
de46ae8905 Fix sys/health tests 2018-01-18 10:00:28 -05:00
Jeff Mitchell
c60f00869f changelog++ 2018-01-18 01:45:10 -05:00
Jeff Mitchell
69eca11b62
Fix max_ttl not being honored in database backend when default_ttl is zero (#3814)
Fixes #3812
2018-01-18 01:43:38 -05:00
Calvin Leung Huang
b907a2e01f Remove vlogger, add log.Logger to PolicyStore struct (#3813) 2018-01-18 01:01:51 -05:00
Jeff Mitchell
54f245822d Allow API to return health response when in a custom state 2018-01-17 23:50:37 -05:00
Jeff Mitchell
e7480ae4c8 Rename var from last commit 2018-01-17 23:08:35 -05:00
Jeff Mitchell
11ac5fb484 Make heartbeatInterval a package var to allow tests to modify it 2018-01-17 23:05:11 -05:00
Jeff Mitchell
ad053987e5 Add replication mode sys health information to Go API 2018-01-17 22:50:37 -05:00
Jeff Mitchell
41d32e998a replication state -> replication mode in sys/health 2018-01-17 22:38:03 -05:00
Jeff Mitchell
af7cabd8d5 changelog++ 2018-01-17 22:19:23 -05:00
Jeff Mitchell
ba219f4917
Add replication state to EchoReply (#3810) 2018-01-17 22:17:47 -05:00
Jeff Mitchell
98e888488f changelog++ 2018-01-17 20:55:38 -05:00
Yoko Hyakuna
93601bb786 WIP - new guides 2018-01-17 17:39:21 -08:00
Vishal Nayak
d552102457
SHA2-256 salting for AppID (#3806)
* Use SHA2-256 hash with prefix to upgrade the paths

* test the SHA1 upgrade to SHA256

* Remove hash identifier and the delimiter; use 's' instead

* Added API test to verify the correctness of the fix

* Fix broken test

* remove unneeded test
2018-01-17 19:48:32 -05:00
Jeff Mitchell
9a7c7a88a3 Change next major release of Vault to 0.11 or later to make it less scary 2018-01-17 19:31:52 -05:00
Jeff Mitchell
a60d27dbbe changelog++ 2018-01-17 19:25:08 -05:00
Jeff Mitchell
8db0f1f18a changelog++ 2018-01-17 19:22:45 -05:00
Chris Hoffman
c7b4fc314b Locking updates in database backend (#3774) 2018-01-17 19:21:59 -05:00
Jeff Mitchell
95eea30d88 changelog++ 2018-01-17 19:20:32 -05:00
Tom Wilkie
e88494684c Make the plugin catalog endpoint roundtrip so we can use terraform to manage them. (#3778) 2018-01-17 19:19:28 -05:00
Jeff Mitchell
bb45c06371 Sync in latest go-plugin 2018-01-17 11:57:24 -05:00