open-consul

Commit Graph

Author	SHA1	Message	Date
R.B. Boyer	1d54909333	connect: intermediate CA certs generated with the vault provider lack URI SANs (#6491 ) This only affects vault versions >=1.1.1 because the prior code accidentally relied upon a bug that was fixed in https://github.com/hashicorp/vault/pull/6505 The existing tests should have caught this, but they were using a vendored copy of vault version 0.10.3. This fixes the tests by running an actual copy of vault instead of an in-process copy. This has the added benefit of changing the dependency on vault to just vault/api. Also update VaultProvider to use similar SetIntermediate validation code as the ConsulProvider implementation.	2019-09-23 12:04:40 -05:00
Jeff Mitchell	b43800125c	Update vendoring from go mod. (#5566 )	2019-03-26 17:50:42 -04:00
Pierre Souchay	ab9dd18bec	Bump version of miekg/dns to 1.0.4 See https://github.com/hashicorp/consul/issues/3977 While trying to improve furthermore #3948 (This pull request is still valid since we are not using Compression to compute the result anyway). I saw a strange behaviour of dns library. Basically, msg.Len() and len(msg.Pack()) disagree on Message len. Thus, calculation of DNS response is false consul relies on msg.Len() instead of the result of Pack() This is linked to miekg/dns#453 and a fix has been provided with miekg/dns#454 Would it be possible to upgrade miekg/dns to a more recent function ? Consul might for instance upgrade to a post 1.0 release such as https://github.com/miekg/dns/releases/tag/v1.0.4	2018-03-28 10:23:57 -05:00

Author

SHA1

Message

Date

R.B. Boyer

1d54909333

connect: intermediate CA certs generated with the vault provider lack URI SANs (#6491 )

This only affects vault versions >=1.1.1 because the prior code
accidentally relied upon a bug that was fixed in
https://github.com/hashicorp/vault/pull/6505

The existing tests should have caught this, but they were using a
vendored copy of vault version 0.10.3. This fixes the tests by running
an actual copy of vault instead of an in-process copy. This has the
added benefit of changing the dependency on vault to just vault/api.

Also update VaultProvider to use similar SetIntermediate validation code
as the ConsulProvider implementation.

2019-09-23 12:04:40 -05:00

Jeff Mitchell

b43800125c

Update vendoring from go mod. (#5566 )

2019-03-26 17:50:42 -04:00

Pierre Souchay

ab9dd18bec

Bump version of miekg/dns to 1.0.4

See https://github.com/hashicorp/consul/issues/3977

While trying to improve furthermore #3948 (This pull request is still valid since we are not using Compression to compute the result anyway).

I saw a strange behaviour of dns library.
Basically, msg.Len() and len(msg.Pack()) disagree on Message len.

Thus, calculation of DNS response is false consul relies on msg.Len() instead of the result of Pack()

This is linked to miekg/dns#453 and a fix has been provided with miekg/dns#454

Would it be possible to upgrade miekg/dns to a more recent function ?

Consul might for instance upgrade to a post 1.0 release such as https://github.com/miekg/dns/releases/tag/v1.0.4

2018-03-28 10:23:57 -05:00

3 Commits