luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul
History
Freddy f7eeffb98d
Use anonymousToken when querying by secret ID (#11813) 
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Dan Upton <daniel@floppy.co>

This query has been incorrectly querying by accessor ID since New ACLs
were added. However, the legacy token compat allowed this to continue to
work, since it made a fallback query for the anonymousToken ID.

PR #11184 removed this legacy token query, which means that the query by
accessor ID is now the only check for the anonymous token's existence.

This PR updates the GetBySecret call to use the secret ID of the token.
 		2021-12-13 10:56:09 -07:00
..
authmethod testing: remove unnecessary calls to freeport 2021-11-29 12:19:43 -05:00
discoverychain Remove support for failover to partition 2021-12-06 12:32:24 -07:00
fsm Merge pull request #11721 from hashicorp/dnephin/ca-export-fsm-operation 2021-12-08 17:49:00 -05:00
prepared_query various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
state various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
stream state: adjust streaming event generation to account for partitioned nodes (#10860) 2021-08-17 16:49:26 -05:00
testdata Fix support for RSA CA keys in Connect. (#6638) 2019-11-01 13:20:26 +00:00
usagemetrics Rename partition-exports to exported-services 2021-12-03 17:47:31 -07:00
wanfed grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
acl.go various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
acl_authmethod.go ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
acl_authmethod_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_authmethod_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
acl_client.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_endpoint_legacy.go acl: remove most of the rest of structs/acl_legacy.go 2021-10-25 17:20:06 -04:00
acl_endpoint_oss.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
acl_oss.go various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
acl_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_replication.go acl: remove legacy ACL replication 2021-09-03 12:42:06 -04:00
acl_replication_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
acl_replication_types.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
acl_server.go rename helper method to reflect the non-deprecated terminology (#11509) 2021-11-05 13:51:50 -05:00
acl_server_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_test.go agent/token: rename `agent_master` to `agent_recovery` (internally) (#11744) 2021-12-07 12:12:47 +00:00
acl_token_exp.go rename helper method to reflect the non-deprecated terminology (#11509) 2021-11-05 13:51:50 -05:00
acl_token_exp_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
auto_config_backend.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_backend_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_endpoint.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_endpoint_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_encrypt_endpoint.go rpc: remove unnecessary arg to ForwardRPC 2021-05-06 13:30:07 -04:00
auto_encrypt_endpoint_test.go server: remove defaulting of PrimaryDatacenter 2021-08-06 18:45:24 -04:00
autopilot.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
autopilot_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
autopilot_test.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
catalog_endpoint.go Godocs updates for catalog endpoints (#11716) 2021-12-07 10:18:28 -05:00
catalog_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
client.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
client_serf.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
client_test.go testing: use the new freeport interfaces 2021-11-27 15:39:46 -05:00
cluster_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
config.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
config_endpoint.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_replication.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_replication_test.go Move ent config test to ent file 2021-11-29 12:15:17 -07:00
config_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
connect_ca_endpoint.go Use stored entmeta to fill authzContext 2021-10-14 08:57:40 -06:00
connect_ca_endpoint_test.go ca: remove duplicate WaitFor function 2021-12-08 18:42:52 -05:00
coordinate_endpoint.go acl: Fill authzContext from token in Coordinate endpoints (#11688) 2021-11-30 13:17:41 -05:00
coordinate_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
discovery_chain_endpoint.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
discovery_chain_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
enterprise_client_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
enterprise_config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
enterprise_server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
enterprise_server_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
federation_state_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
federation_state_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
federation_state_replication.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
federation_state_replication_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
filter.go acl: some acl authz refactors for nodes (#10909) 2021-08-25 13:43:11 -05:00
filter_test.go acl: remove id and revision from Policy constructors 2021-11-05 15:45:08 -04:00
flood.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
gateway_locator.go server: initialize mgw-wanfed to use local gateways more on startup (#9528) 2021-01-25 17:30:38 -06:00
gateway_locator_test.go server: initialize mgw-wanfed to use local gateways more on startup (#9528) 2021-01-25 17:30:38 -06:00
health_endpoint.go health: support `ResultsFilteredByACLs` flag/header (#11602) 2021-12-03 17:31:32 +00:00
health_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
helper_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
intention_endpoint.go intention: support `ResultsFilteredByACLs` flag/header (#11612) 2021-12-03 20:35:54 +00:00
intention_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
internal_endpoint.go internal: support `ResultsFilteredByACLs` flag/header (#11643) 2021-12-03 23:04:24 +00:00
internal_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
issue_test.go stream: Use a no-op event publisher if streaming is disabled 2020-10-28 13:54:19 -04:00
kvs_endpoint.go kv: support `ResultsFilteredByACLs` in list/list keys (#11593) 2021-12-03 17:31:48 +00:00
kvs_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader.go Use anonymousToken when querying by secret ID (#11813) 2021-12-13 10:56:09 -07:00
leader_connect.go Exit before starting the vip check routine if possible 2021-12-10 14:30:50 -08:00
leader_connect_ca.go ca: fix flakes in RenewIntermediate tests 2021-12-08 18:42:52 -05:00
leader_connect_ca_test.go ca: fix flakes in RenewIntermediate tests 2021-12-08 18:42:52 -05:00
leader_connect_test.go ca: prune some unnecessary lookups in the tests 2021-12-08 18:42:52 -05:00
leader_federation_state_ae.go agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669) 2021-07-22 13:20:45 -05:00
leader_federation_state_ae_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader_intentions.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
leader_intentions_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader_metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
leader_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
leader_test.go Use anonymousToken when querying by secret ID (#11813) 2021-12-13 10:56:09 -07:00
logging.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
logging_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
merge.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
merge_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_test.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
operator_autopilot_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
operator_autopilot_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
operator_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
operator_raft_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
operator_raft_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
options.go grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
options_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
prepared_query_endpoint.go query: support `ResultsFilteredByACLs` in query list endpoint (#11620) 2021-12-03 23:04:09 +00:00
prepared_query_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
raft_rpc.go rpc: authorize raft requests (#10925) 2021-08-26 15:04:32 -07:00
replication.go Refactor of serf feature flag tags. 2021-05-20 12:57:06 -04:00
replication_test.go Move some things around to allow for license updating via config reload 2021-05-25 09:57:50 -04:00
rpc.go rpc: Unset partition before forwarding to remote datacenter (#11758) 2021-12-08 11:02:14 -08:00
rpc_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
rtt.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
rtt_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
segment_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
serf_filter.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
serf_test.go
server.go leader: move the virtual IP version check into a goroutine 2021-12-09 17:00:33 -08:00
server_connect.go ca: accept only the cluster ID to SpiffeIDSigningForCluster 2021-11-16 16:57:21 -05:00
server_lookup.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
server_lookup_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
server_register.go connect: update centralized upstreams representation in service-defaults (#10015) 2021-04-15 14:21:44 -05:00
server_serf.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
server_test.go test: test server should auto cleanup (#11779) 2021-12-08 13:26:06 -06:00
session_endpoint.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
session_timers.go
session_timers_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
session_ttl.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_ttl_test.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
snapshot_endpoint.go Groundwork for exposing when queries are filtered by ACLs (#11569) 2021-12-03 17:11:26 +00:00
snapshot_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
stats_fetcher.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
stats_fetcher_test.go Maybe fix another data race in a test 2020-12-22 18:53:54 -05:00
status_endpoint.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
status_endpoint_test.go ENT to OSS sync (#11703) 2021-12-01 14:56:10 -05:00
subscribe_backend.go grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
subscribe_backend_test.go subscribe: attempt to fix a flaky test 2021-10-27 15:09:09 -04:00
system_metadata.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
system_metadata_test.go consul: add virtual IP generation for connect services 2021-12-02 15:42:47 -08:00
txn_endpoint.go txn: support `ResultsFilteredByACLs` flag in `Read` endpoint (#11632) 2021-12-03 20:41:03 +00:00
txn_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
util.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
util_test.go acl: remove legacy ACL upgrades from Server 2021-09-29 15:19:23 -04:00