This project is mirrored from https://gitee.com/NQL886/vault.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
- 11 Nov, 2021 4 commits
-
-
Gary Frederick authored
-
Gary Frederick authored
-
vinay-gopalan authored
-
skhilar authored
-
- 10 Nov, 2021 7 commits
-
-
vinay-gopalan authored
-
Arnav Palnitkar authored
* Add message while adding Oracle db connection - Since UI currently doesn't have support for custom plugin names, inform user to use the default plugin name for oracle * Updated warning message * Updated message
-
Chelsea Shaw authored
-
Scott Miller authored
* Add a periodic test of the autoseal to detect loss of connectivity * Keep the logic adjacent to autoseal * imports * typo, plus unnecessary constant time compare * changelog * pr feedback * More feedback * Add locking and a unit test * unnecessary * Add timeouts to encrypt/decrypt operations, capture activeContext before starting loop * Add a block scope for the timeout * copy/paste ftl * Refactor to use two timeouts, and cleanup the repetitive failure code * Readd 0ing gauge * use millis * Invert the unit test logic
-
John-Michael Faircloth authored
* return full issuer uri on read provider * remove err check * simplify full issuer logic
-
Loann Le authored
-
Jonas-Taha El Sesiy authored
-
- 09 Nov, 2021 8 commits
-
-
VAL authored
-
swayne275 authored
* add api lock doc * add docs nav data * Update website/content/api-docs/system/namespaces.mdx Co-authored-by:
Chris Capurso <christopher.capurso@gmail.com> * update command doc * clarify locked http status code * add example exempt path * further exempt clarification * link api locked response * add x-vault-namespace api example * Update website/content/docs/concepts/namespace-api-lock.mdx Co-authored-by:
Loann Le <84412881+taoism4504@users.noreply.github.com> * review suggestions * few other small tweaks Co-authored-by:
Chris Capurso <christopher.capurso@gmail.com> Co-authored-by:
Loann Le <84412881+taoism4504@users.noreply.github.com>
-
Jordan Reimer authored
* fixes issue removing raft peer via cli not reflected in UI until refresh * adds changelog entry
-
Chelsea Shaw authored
-
swayne275 authored
* update activity log to use core's activeContext for cleaner worker termination * update tests to use core activeContext instead of generic context * pass context around instead * revert context change * undo test context changes * change worker context * accidentally undid context for fcn signature changes
-
Steven Clark authored
-
Steven Clark authored
- When loading an existing alias within processLocalAlias we aren't cloning the object from the memory store. There seems to be a data race within the function when calling entity.UpsertAlias and a concurrent invalidation routine. ================== WARNING: DATA RACE Read at 0x00c00bd03d08 by goroutine 94: google.golang.org/protobuf/internal/impl.pointer.Elem() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/internal/impl/pointer_unsafe.go:118 +0x2b3 google.golang.org/protobuf/internal/impl.(*MessageInfo).sizePointerSlow() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/internal/impl/encode.go:76 +0x265 google.golang.org/protobuf/internal/impl.(*MessageInfo).sizePointer() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/internal/impl/encode.go:56 +0x12a google.golang.org/protobuf/internal/impl.(*MessageInfo).size() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/internal/impl/encode.go:40 +0x95 google.golang.org/protobuf/internal/impl.(*MessageInfo).size-fm() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/internal/impl/encode.go:33 +0x6c google.golang.org/protobuf/proto.MarshalOptions.marshal() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/proto/encode.go:153 +0x1f3 google.golang.org/protobuf/proto.MarshalOptions.MarshalAppend() /go/pkg/mod/google.golang.org/protobuf@v1.27.1/proto/encode.go:122 +0xa5 github.com/golang/protobuf/proto.marshalAppend() /go/pkg/mod/github.com/golang/protobuf@v1.5.2/proto/wire.go:40 +0xe4 github.com/golang/protobuf/proto.Marshal() /go/pkg/mod/github.com/golang/protobuf@v1.5.2/proto/wire.go:23 +0x64 github.com/hashicorp/vault/helper/identity.(*Entity).Clone() /go/src/github.com/hashicorp/vault/helper/identity/identity.go:34 +0x150 github.com/hashicorp/vault/vault.(*IdentityStore).MemDBEntitiesByBucketKeyInTxn() /go/src/github.com/hashicorp/vault/vault/identity_store_util.go:1214 +0x306 github.com/hashicorp/vault/vault.(*IdentityStore).Invalidate() /go/src/github.com/hashicorp/vault/vault/identity_store.go:216 +0xd6c github.com/hashicorp/vault/vault.(*IdentityStore).Invalidate-fm() /go/src/github.com/hashicorp/vault/vault/identity_store.go:160 +0x6d github.com/hashicorp/vault/sdk/framework.(*Backend).InvalidateKey() /go/src/github.com/hashicorp/vault/sdk/framework/backend.go:347 +0x8a github.com/hashicorp/vault/vault.(*IdentityStore).InvalidateKey() <autogenerated>:1 +0x7d github.com/hashicorp/vault/vault.(*Core).asyncInvalidateKey() /go/src/github.com/hashicorp/vault/vault/replication_invalidation_ent.go:58 +0x390 github.com/hashicorp/vault/vault.(*Core).asyncInvalidateHandler() /go/src/github.com/hashicorp/vault/vault/replication_invalidation_ent.go:71 +0x9b github.com/hashicorp/vault/vault.startReplicationEnt·dwrap·453() /go/src/github.com/hashicorp/vault/vault/replication_util_ent.go:331 +0x71 Previous write at 0x00c00bd03d08 by goroutine 52: github.com/hashicorp/vault/helper/identity.(*Entity).UpsertAlias() /go/src/github.com/hashicorp/vault/helper/identity/identity.go:55 +0x271 github.com/hashicorp/vault/vault.(*IdentityStore).processLocalAlias() /go/src/github.com/hashicorp/vault/vault/identity_store_util.go:720 +0x672 github.com/hashicorp/vault/vault.possiblyForwardEntityCreation() /go/src/github.com/hashicorp/vault/vault/request_handling_util_ent.go:230 +0x286 github.com/hashicorp/vault/vault.(*Core).handleLoginRequest() /go/src/github.com/hashicorp/vault/vault/request_handling.go:1345 +0x234a github.com/hashicorp/vault/vault.(*Core).handleCancelableRequest() /go/src/github.com/hashicorp/vault/vault/request_handling.go:607 +0x1a11 github.com/hashicorp/vault/vault.(*Core).switchedLockHandleRequest() /go/src/github.com/hashicorp/vault/vault/request_handling.go:442 +0x5b5 github.com/hashicorp/vault/vault.(*Core).HandleRequest() /go/src/github.com/hashicorp/vault/vault/request_handling.go:408 +0xf2 github.com/hashicorp/vault/http.request() /go/src/github.com/hashicorp/vault/http/handler.go:953 +0xb1 github.com/hashicorp/vault/http.handleLogicalInternal.func1() /go/src/github.com/hashicorp/vault/http/logical.go:341 +0xca net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/vault/http.handleRequestForwarding.func1() /go/src/github.com/hashicorp/vault/http/handler.go:887 +0x4eb net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d net/http.(*ServeMux).ServeHTTP() /usr/local/go/src/net/http/server.go:2424 +0xc5 github.com/hashicorp/vault/http.wrapHelpHandler.func1() /go/src/github.com/hashicorp/vault/http/help.go:23 +0x281 net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/vault/http.wrapCORSHandler.func1() /go/src/github.com/hashicorp/vault/http/cors.go:29 +0xb0e net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/vault/http.rateLimitQuotaWrapping.func1() /go/src/github.com/hashicorp/vault/http/util.go:97 +0xf28 net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/vault/http.wrapDRSecondaryHandler.func1() /go/src/github.com/hashicorp/vault/http/util_ent.go:81 +0x7e3 net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/vault/http.wrapGenericHandler.func1() /go/src/github.com/hashicorp/vault/http/handler.go:465 +0x1843 net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d github.com/hashicorp/go-cleanhttp.PrintablePathCheckHandler.func1() /go/pkg/mod/github.com/hashicorp/go-cleanhttp@v0.5.2/handlers.go:42 +0xc1 net/http.HandlerFunc.ServeHTTP() /usr/local/go/src/net/http/server.go:2046 +0x4d net/http.serverHandler.ServeHTTP() /usr/local/go/src/net/http/server.go:2878 +0x89a net/http.initALPNRequest.ServeHTTP() /usr/local/go/src/net/http/server.go:3479 +0x34d net/http.(*initALPNRequest).ServeHTTP() <autogenerated>:1 +0x8f net/http.Handler.ServeHTTP-fm() /usr/local/go/src/net/http/server.go:87 +0x75 net/http.(*http2serverConn).runHandler() /usr/local/go/src/net/http/h2_bundle.go:5832 +0xdd net/http.(*http2serverConn).processHeaders·dwrap·31() /usr/local/go/src/net/http/h2_bundle.go:5562 +0x64
-
Jim Kalafut authored
-
- 08 Nov, 2021 8 commits
-
-
Hridoy Roy authored
* add function for routing activity log client counts to ent namespaces * changelog
-
Jordan Reimer authored
* updates secret list header to display badge for all versions * adds changelog entry * updates secret list header to only show badge for kv and generic engine types * adds secret-engine mirage factory * adds test helper for pushing serialized mirage data into store and returning ember data models * adds secret engine type version badge display test * updates mirage application serializer to return singular type key
-
Matt Schultz authored
-
Nick Cabatoff authored
-
Rémi Lapeyre authored
* Add read support to sys/mounts/:path Closes https://github.com/hashicorp/vault/issues/12349 * Add changelog entry * Empty commit to trigger CI * Empty commit to trigger CI
-
Daniel Nathan Gray authored
* Consistency: GPG keys are PGP keys * Consistency: GPG keys are PGP keys * Consistency: GPG keys are PGP keys * Consistency: GPG keys are PGP keys * Consistency: GPG keys are PGP keys * Consistency: s/GPG/PGP keys, use GPG's proper name * Use GPG's proper name GnuPG * Use GPG's proper name GnuPG * Consistency: GPG keys are PGP keys * Fix typo
-
Meggie authored
* Add note that monitor command may truncate logs * Apply suggestions from code review Co-authored-by:
Nick Cabatoff <ncabatoff@hashicorp.com> Co-authored-by:
Nick Cabatoff <ncabatoff@hashicorp.com>
-
Nick Cabatoff authored
-
- 05 Nov, 2021 5 commits
-
-
Jim Kalafut authored
-
Steven Clark authored
- Add a 'Connect Timeout' query parameter to the test helper to set a timeout value of 30 seconds in an attempt to address the following failure we see at times in TestDeleteUser and TestUpdateUser mssql_test.go:253: Failed to initialize: error verifying connection: TLS Handshake failed: cannot read handshake packet: EOF
-
Kevin Wang authored
-
Jason O'Donnell authored
* secrets/azure: add doc for rotate-root and AAD migration * Formatting * Fix bad link, update warnings
-
Nick Cabatoff authored
-
- 04 Nov, 2021 8 commits
-
-
claire bontempo authored
* small bar chart attr fix * truncates and adds ellipsis of label is long * adds tooltip for long labels * updates storybook * adds changelog * only calculate overflow if query selectors grab elements * moves tooltip pointer to left
-
claire bontempo authored
* adds pagination to auth methods list * adds changelog
-
Meggie authored
-
castironclay authored
error seen on host /var/log/auth.log: userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]
-
Meggie authored
-
John-Michael Faircloth authored
* add docs for OIDC provider and scopes * fix json formatting * add oidc docs path to nav data * create provider with scope * update client ids description * update provider and scope docs * add issuer string additional docs info * OIDC: docs for oidc flow endpoints * fix formatting and wording * improve headings, formatting; fix wording Co-authored-by:
Vinay Gopalan <vinay@hashicorp.com>
-
Dominik Roos authored
* certutil: select appropriate hash algorithm for ECDSA signature Select the appropriate signature algorithm for certificates signed with an ECDSA private key. The algorithm is selected based on the curve: - P-256 -> x509.ECDSAWithSHA256 - P-384 -> x509.ECDSAWithSHA384 - P-521 -> x509.ECDSAWithSHA512 - Other -> x509.ECDSAWithSHA256 fixes #11006
-
Jordan Reimer authored
* fixes issue with pgp list file input count not matching key shares number * adds changelog entry
-