CVS commit: pkgsrc/security/vault

["Filip Hajny" <fhajny%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   fhajny
Date:           Thu Aug 17 07:58:53 UTC 2017

Modified Files:
        pkgsrc/security/vault: Makefile distinfo

Log Message:
Update security/vault to 0.8.1.

DEPRECATIONS/CHANGES:

- PKI Root Generation: Calling `pki/root/generate` when a CA cert/key already
  exists will now return a `204` instead of overwriting an existing root. If
  you want to recreate the root, first run a delete operation on `pki/root`
  (requires `sudo` capability), then generate it again.

FEATURES:

- Oracle Secret Backend: There is now an external plugin to support leased
  credentials for Oracle databases (distributed separately).
- GCP IAM Auth Backend: There is now an authentication backend that allows
  using GCP IAM credentials to retrieve Vault tokens. This is available as
  both a plugin and built-in to Vault.
- PingID Push Support for Path-Baased MFA (Enterprise): PingID Push can
  now be used for MFA with the new path-based MFA introduced in Vault
  Enterprise 0.8.
- Permitted DNS Domains Support in PKI: The `pki` backend now supports
  specifying permitted DNS domains for CA certificates, allowing you to
  narrowly scope the set of domains for which a CA can issue or sign child
  certificates.
- Plugin Backend Reload Endpoint: Plugin backends can now be triggered to
  reload using the `sys/plugins/reload/backend` endpoint and providing either
  the plugin name or the mounts to reload.
- Self-Reloading Plugins: The plugin system will now attempt to reload a
  crashed or stopped plugin, once per request.

IMPROVEMENTS:

- auth/approle: Allow array input for policies in addition to comma-delimited
  strings
- auth/aws: Allow using root credentials for IAM authentication
- plugins: Send logs through Vault's logger rather than stdout
- secret/pki: Add `pki/root` delete operation
- secret/pki: Don't overwrite an existing root cert/key when calling generate

BUG FIXES:

- aws: Don't prefer a nil HTTP client over an existing one
- core: If there is an error when checking for create/update existence, return
  500 instead of 400
- secret/database: Avoid creating usernames that are too long for legacy MySQL


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/security/vault/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/security/vault/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/vault/Makefile
diff -u pkgsrc/security/vault/Makefile:1.14 pkgsrc/security/vault/Makefile:1.15
--- pkgsrc/security/vault/Makefile:1.14 Wed Aug 16 12:18:32 2017
+++ pkgsrc/security/vault/Makefile      Thu Aug 17 07:58:53 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.14 2017/08/16 12:18:32 fhajny Exp $
+# $NetBSD: Makefile,v 1.15 2017/08/17 07:58:53 fhajny Exp $
 
-DISTNAME=      vault-0.8.0
+DISTNAME=      vault-0.8.1
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=hashicorp/}
 

Index: pkgsrc/security/vault/distinfo
diff -u pkgsrc/security/vault/distinfo:1.9 pkgsrc/security/vault/distinfo:1.10
--- pkgsrc/security/vault/distinfo:1.9  Wed Aug 16 12:18:32 2017
+++ pkgsrc/security/vault/distinfo      Thu Aug 17 07:58:53 2017
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.9 2017/08/16 12:18:32 fhajny Exp $
+$NetBSD: distinfo,v 1.10 2017/08/17 07:58:53 fhajny Exp $
 
-SHA1 (vault-0.8.0.tar.gz) = 13dca1df577d156c584c47530a4f25929a64ab0c
-RMD160 (vault-0.8.0.tar.gz) = 6bedd05b97333e8101ba238fdfe37eda8c337823
-SHA512 (vault-0.8.0.tar.gz) = 2b30927290bb5db089297c857839e2ee3dfa88efb14037245be4965a9053dfaeb889d7c9d8b2c337b4d649842274c97eb10e4cf4e13f1e60bb3efadda50f26ee
-Size (vault-0.8.0.tar.gz) = 6958162 bytes
+SHA1 (vault-0.8.1.tar.gz) = 5c03b57bdae9148fbf15a7ab3b3a7aff6456a2ba
+RMD160 (vault-0.8.1.tar.gz) = 16c31bd2607d9eed9be54c8c40bc312cb960098f
+SHA512 (vault-0.8.1.tar.gz) = d1400a203dc61d76ffb710388913b45cd5287e1215f34d3fe8e85a36c24024b0eb882b8403f44c85c863658b035a9b7f2c19cb5599cdfd21e0a79788b8d1413a
+Size (vault-0.8.1.tar.gz) = 7263861 bytes