mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-03 13:01:12 +02:00
Code Issues Projects Releases Wiki Activity
4,408 Commits 2,840 Branches 446 Tags
Commit Graph

4408 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
fece3ca069 Merge pull request #1744 from hashicorp/jbs-clarification 
Add a bit of clarification
 2016-08-17 17:47:06 -04:00
Jeff Mitchell
86ac08ba8b Protobuf for forwarding (#1743) 2016-08-17 16:15:15 -04:00
Brian Shumate
31f7e58be2 Add a bit of clarification 2016-08-17 16:07:30 -04:00
Jeff Mitchell
09491388f4 Don't serialize the full connection state, instead just the peer certificates, and parse them on the other side 2016-08-17 10:29:53 -04:00
Jeff Mitchell
b5653fc8e3 Merge pull request #1740 from hashicorp/fix-upgrade-periodic-roles 
Ensure we don't use a token entry period of 0 in role comparisons.
 2016-08-16 16:59:56 -04:00
Jeff Mitchell
35c139c262 Ensure we don't use a token entry period of 0 in role comparisons. 
When we added support for generating periodic tokens for root/sudo in
auth/token/create we used the token entry's period value to store the
shortest period found to eventually populate the TTL. The problem was
that we then assumed later that this value would be populated for
periodic tokens, when it wouldn't have been in the upgrade case.

Instead, use a temp var to store the proper value to use; populate
te.Period only if actually given; and check that it's not zero before
comparing against role value during renew.
 2016-08-16 16:47:46 -04:00
Jeff Mitchell
5253c84e0e Make time logic a bit clearer 2016-08-16 16:29:07 -04:00
Jeff Mitchell
1beb65611e Add local into handler path for forwarded requests 2016-08-16 11:46:37 -04:00
Jeff Mitchell
18fe7034ad update Dockerfile for Go 1.7 final 2016-08-16 11:23:43 -04:00
Jeff Mitchell
565b45d57a Add permit pool to dynamodb 2016-08-15 19:45:06 -04:00
Jeff Mitchell
e65b48a7e4 Actually show the error occurring if a file audit log can't be opened 2016-08-15 16:26:36 -04:00
Jeff Mitchell
abb14c42bc Use dockertest for physical consul tests, and always run them 2016-08-15 16:20:32 -04:00
Matt Hurne
587b481a29 AppRole documentation tweaks (#1735) 
* Fix spelling error in AppRole docs

* Add force flag to sample command to generate a secret ID in AppRole docs

* Update sample output for AppRole login in docs
 2016-08-15 16:12:08 -04:00
Jeff Mitchell
edde7d0068 changelog++ 2016-08-15 16:02:06 -04:00
Jeff Mitchell
ed48b008ce Provide base64 keys in addition to hex encoded. (#1734) 
* Provide base64 keys in addition to hex encoded.

Accept these at unseal/rekey time.

Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
 2016-08-15 16:01:15 -04:00
Jeff Mitchell
98d6218cfc
Cut version 0.6.1-rc3 v0.6.1-rc3 2016-08-15 09:54:06 -04:00
Jeff Mitchell
68b2b86073 Bump version 2016-08-15 09:49:18 -04:00
Jeff Mitchell
c7fcc9e0e3 changelog++ 2016-08-15 09:45:23 -04:00
Jeff Mitchell
645540012f Request forwarding (#1721) 
Add request forwarding.
 2016-08-15 09:42:42 -04:00
Jeff Mitchell
5eaab9f104 Merge pull request #1732 from hashicorp/pre0.6.1-restore-compat 
Restore compatibility with pre-0.6.1 servers for CLI/Go API calls
 2016-08-15 08:15:11 -04:00
Jeff Mitchell
6eca449261 Parameter change 
Both revocation times are UTC so clarify via parameter name that it's just a formatting difference. Also leave as a time.Time here, as it automatically marshals into RFC3339.
 2016-08-14 21:43:57 -04:00
Jeff Mitchell
92cb23fc85 Restore compatibility with pre-0.6.1 servers for CLI/Go API calls 2016-08-14 14:52:45 -04:00
Jeff Mitchell
edbe830db9 changelog++ 2016-08-14 07:21:05 -04:00
Jeff Mitchell
3e118a7754 Merge pull request #1725 from hashicorp/periodic-authtokencreate 
Add periodic support for root/sudo tokens to auth/token/create
 2016-08-14 07:17:38 -04:00
Jeff Mitchell
69d4b6fbde Add another test and fix some output 2016-08-14 07:17:14 -04:00
vishalnayak
1a10df3292 Fix typo. Fixes #1731. 2016-08-14 02:13:46 -04:00
Jeff Mitchell
1ba2ab39a1 Completely revamp token documentation 2016-08-13 17:05:31 -04:00
Jeff Mitchell
4287b35fb1 Minor wording change 2016-08-13 15:45:13 -04:00
Jeff Mitchell
0deeee1802 Add some tests and fix some bugs 2016-08-13 14:03:22 -04:00
Jeff Mitchell
213bd1c3fb Don't check the role period again as we've checked it earlier and it may be greater than the te Period 2016-08-13 13:21:56 -04:00
Jeff Mitchell
fbecd94926 changelog++ 2016-08-13 11:54:01 -04:00
Jeff Mitchell
6cb05c7522 Merge pull request #1728 from hashicorp/fix-crl-revocation-time 
Ensure values to be encoded in a CRL are in UTC.
 2016-08-13 11:53:11 -04:00
Jeff Mitchell
5a12143f16 Cleanup 2016-08-13 11:52:09 -04:00
Jeff Mitchell
f0e0f960ca Ensure utc value is not zero before adding 2016-08-13 11:50:57 -04:00
Jeff Mitchell
8fd8ae7330 Ensure values to be encoded in a CRL are in UTC. This aligns with the 
RFC. You might expect Go to ensure this in the CRL generation call,
but...it doesn't.

Fixes #1727
 2016-08-13 08:40:09 -04:00
Jeff Mitchell
a2c525aa45 changelog++ 2016-08-13 07:25:46 -04:00
Jeff Mitchell
56a60fddde Merge pull request #1726 from jen20/f-illumos 
build: Add support for building on Illumos
 2016-08-13 07:24:54 -04:00
James Nugent
2e7a3aae7d build: Add support for building on Illumos 
This commit adds support for building for Illumos-derived operating
systems. Regrettably, the cyrpto/ssh/terminal package does not include
implementations of the functions IsTerminal, MakeRaw or Restore for the
solaris OS. Consequently this commit implements them in Vault.

makeRaw(fd int) is based on the Illumos implementation of the getpass
function [1] for the correct flags. isTerminal(fd int) is based on the
Illumos libc implementation [2] of isatty.

[1] http://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libast/common/uwin/getpass.c
[2] http://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libbc/libc/gen/common/isatty.c
 2016-08-13 00:20:15 -04:00
Jeff Mitchell
146cdc69eb Add periodic support for root/sudo tokens to auth/token/create 2016-08-12 21:14:12 -04:00
Jeff Mitchell
5a149c0573 Add some info about -f to the "expects two arguments" error. 
Ping #1722
 2016-08-12 15:47:16 -04:00
Jeff Mitchell
04c5ba4961 changelog++ 2016-08-12 15:15:35 -04:00
Jeff Mitchell
bc2b3c1f8a Merge pull request #1724 from hashicorp/no-redirection-retry 
Don't retry on redirections.
 2016-08-12 15:14:53 -04:00
Jeff Mitchell
2a0f946f6b Don't retry on redirections. 2016-08-12 15:13:42 -04:00
Vishal Nayak
865efbbba9 Merge pull request #1723 from hashicorp/nil-config-client 
Use default config and read environment by default while creating client object
 2016-08-12 13:09:37 -04:00
vishalnayak
b01a4ff1cb Use default config and read environment by default while creating client object 2016-08-12 11:37:13 -04:00
Jeff Mitchell
0d5a2e3f8a Fix version number 2016-08-11 17:23:47 -04:00
Jeff Mitchell
3eba24de39 Change to keybase openpgp fork as it has important fixes 2016-08-11 08:31:43 -04:00
Jeff Mitchell
5c00a45aed Allow version to build without requiring a build tag 2016-08-10 20:01:15 -04:00
Jeff Mitchell
e57af52b41 Fix default makefile target and README 2016-08-10 15:38:17 -04:00
vishalnayak
707ef00e3a changelog++ 2016-08-10 15:35:50 -04:00