luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul
History
R.B. Boyer 91d9544803
connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 
This fixes an issue where leaf certificates issued in primary
datacenters using Vault as a Connect CA would be reissued very
frequently (every ~20 seconds) because the logic meant to detect root
rotation was errantly triggering.

The hash of the rootCA was being compared against a hash of the
intermediateCA and always failing. This doesn't apply to the Consul
built-in CA provider because there is no intermediate in use in the
primary DC.

This is reminiscent of #6513
 		2021-02-08 13:18:51 -06:00
..
authmethod Fix a bunch of unparam lint issues 2020-06-24 13:00:14 -04:00
discoverychain structs: Fix printing of IDs 2021-01-07 18:47:38 -05:00
fsm state: Remove unnecessary entMeta arg to EnsureConfigEntry 2021-02-03 18:10:38 -05:00
prepared_query Enable gofmt simplify 2020-06-16 13:21:11 -04:00
state Merge pull request #9719 from hashicorp/oss/state-store-4 2021-02-05 14:02:38 -05:00
stream testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
testdata
usagemetrics trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
wanfed
acl.go Merge pull request #9213 from hashicorp/dnephin/resolve-tokens-take-2 2021-01-06 18:51:51 -05:00
acl_authmethod.go ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
acl_authmethod_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_test.go
acl_client.go Remove two unused delegate methods 2020-11-17 18:16:26 -05:00
acl_endpoint.go add the service name in the agent rather than in the definitions themselves 2020-11-13 13:18:04 -08:00
acl_endpoint_legacy.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
acl_endpoint_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_test.go Merge pull request #9340 from hashicorp/dnephin/skip-slow-tests-with-short 2020-12-11 13:33:44 -05:00
acl_oss.go
acl_oss_test.go
acl_replication.go
acl_replication_legacy.go
acl_replication_legacy_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
acl_replication_test.go Merge pull request #9340 from hashicorp/dnephin/skip-slow-tests-with-short 2020-12-11 13:33:44 -05:00
acl_replication_types.go acl: global tokens created by auth methods now correctly replicate to secondary datacenters (#9351) 2020-12-09 15:22:29 -06:00
acl_server.go acl: use the presence of a management policy in the state store as a sign that we already migrated to v2 acls (#9505) 2021-01-05 17:04:27 -06:00
acl_server_oss.go
acl_test.go Merge pull request #9213 from hashicorp/dnephin/resolve-tokens-take-2 2021-01-06 18:51:51 -05:00
acl_token_exp.go Remove ACLsEnabled from delegate interface 2020-07-03 17:00:20 -04:00
acl_token_exp_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
auto_config_endpoint.go Agent Auto Config: Implement Certificate Generation (#8360) 2020-07-28 15:31:48 -04:00
auto_config_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
auto_encrypt_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
auto_encrypt_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
autopilot.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
autopilot_oss.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
autopilot_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
catalog_endpoint.go add missing descriptions for metrics 2020-11-23 22:06:30 +01:00
catalog_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
client.go agent/consuk: Rename RPCRate -> RPCRateLimit 2021-01-14 17:26:00 -05:00
client_serf.go Add per-agent reconnect timeouts (#8781) 2020-10-08 15:02:19 -04:00
client_test.go agent/consuk: Rename RPCRate -> RPCRateLimit 2021-01-14 17:26:00 -05:00
cluster_test.go
config.go agent/consuk: Rename RPCRate -> RPCRateLimit 2021-01-14 17:26:00 -05:00
config_endpoint.go merge master 2020-11-16 10:46:53 -08:00
config_endpoint_test.go state: Remove unnecessary entMeta arg to EnsureConfigEntry 2021-02-03 18:10:38 -05:00
config_replication.go server: config entry replication now correctly uses namespaces in comparisons (#9024) 2020-10-23 13:41:54 -05:00
config_replication_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
connect_ca_endpoint.go Merge pull request #9009 from hashicorp/update-secondary-ca 2020-11-30 14:49:28 -08:00
connect_ca_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
consul_ca_delegate.go
coordinate_endpoint.go Move RPC router from Client/Server and into BaseDeps (#8559) 2020-08-27 11:23:52 -04:00
coordinate_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
discovery_chain_endpoint.go Add method for downstreams from disco chain 2020-10-05 10:24:50 -06:00
discovery_chain_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
enterprise_client_oss.go
enterprise_config_oss.go
enterprise_server_oss.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
federation_state_endpoint.go add the service name in the agent rather than in the definitions themselves 2020-11-13 13:18:04 -08:00
federation_state_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
federation_state_replication.go server: when wan federating via mesh gateways only do heuristic primary DC bypass on the leader (#9366) 2021-01-22 10:03:24 -06:00
federation_state_replication_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
filter.go
filter_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
flood.go
gateway_locator.go server: initialize mgw-wanfed to use local gateways more on startup (#9528) 2021-01-25 17:30:38 -06:00
gateway_locator_test.go server: initialize mgw-wanfed to use local gateways more on startup (#9528) 2021-01-25 17:30:38 -06:00
health_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
health_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
helper_test.go server: use the presense of stored federation state data as a sign that we already activated the federation state feature flag (#9519) 2021-01-25 13:24:32 -06:00
intention_endpoint.go server: deletions of intentions by name using the intention API is now idempotent (#9278) 2021-01-04 11:27:00 -06:00
intention_endpoint_test.go server: deletions of intentions by name using the intention API is now idempotent (#9278) 2021-01-04 11:27:00 -06:00
internal_endpoint.go Add protocol to the topology endpoint response (#8868) 2020-10-08 17:31:54 -06:00
internal_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
issue_test.go stream: Use a no-op event publisher if streaming is disabled 2020-10-28 13:54:19 -04:00
kvs_endpoint.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
kvs_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
leader.go Upgrade raft-autopilot and wait for autopilot it to stop when revoking leadership (#9644) 2021-01-27 11:14:52 -05:00
leader_connect.go Ensure that CA initialization does not block leader election. 2021-01-19 15:27:48 -05:00
leader_connect_ca.go connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
leader_connect_ca_test.go Ensure that CA initialization does not block leader election. 2021-01-19 15:27:48 -05:00
leader_connect_test.go connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
leader_federation_state_ae.go server: use the presense of stored federation state data as a sign that we already activated the federation state feature flag (#9519) 2021-01-25 13:24:32 -06:00
leader_federation_state_ae_test.go server: use the presense of stored federation state data as a sign that we already activated the federation state feature flag (#9519) 2021-01-25 13:24:32 -06:00
leader_intentions.go server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
leader_intentions_oss.go server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
leader_intentions_oss_test.go server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
leader_intentions_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
leader_routine_manager.go server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
leader_routine_manager_test.go server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
leader_test.go acl: use the presence of a management policy in the state store as a sign that we already migrated to v2 acls (#9505) 2021-01-05 17:04:27 -06:00
logging.go
logging_test.go
merge.go
merge_test.go
operator_autopilot_endpoint.go Prevent panic if autopilot health is requested prior to leader establishment finishing. (#9204) 2020-11-16 17:08:17 -05:00
operator_autopilot_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
operator_endpoint.go
operator_raft_endpoint.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
operator_raft_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
options.go subscribe: add a stateless subscribe service for the gRPC server 2020-10-06 12:49:35 -04:00
prepared_query_endpoint.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
prepared_query_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
raft_rpc.go
replication.go Log replication warnings when no error suppression is defined (#9320) 2021-01-08 14:03:06 -06:00
replication_test.go
rpc.go Special case the error returned when we have a Raft leader but are not tracking it in the ServerLookup (#9487) 2021-01-04 14:05:23 -05:00
rpc_test.go agent/consuk: Rename RPCRate -> RPCRateLimit 2021-01-14 17:26:00 -05:00
rtt.go
rtt_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
segment_oss.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
serf_test.go
server.go Ensure that CA initialization does not block leader election. 2021-01-19 15:27:48 -05:00
server_connect.go Ensure that CA initialization does not block leader election. 2021-01-19 15:27:48 -05:00
server_lookup.go
server_lookup_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
server_oss.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
server_register.go server: remove config entry CAS in legacy intention API bridge code (#9151) 2020-11-13 14:42:21 -06:00
server_serf.go Refactor to call non-voting servers read replicas (#9191) 2020-11-17 10:53:57 -05:00
server_test.go Add flags to support CA generation for Connect (#9585) 2021-01-27 08:52:15 +01:00
session_endpoint.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
session_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
session_timers.go
session_timers_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
session_ttl.go add missing descriptions for metrics 2020-11-23 22:06:30 +01:00
session_ttl_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
snapshot_endpoint.go Special case the error returned when we have a Raft leader but are not tracking it in the ServerLookup (#9487) 2021-01-04 14:05:23 -05:00
snapshot_endpoint_test.go Upgrade raft-autopilot and wait for autopilot it to stop when revoking leadership (#9644) 2021-01-27 11:14:52 -05:00
stats_fetcher.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
stats_fetcher_test.go Maybe fix another data race in a test 2020-12-22 18:53:54 -05:00
status_endpoint.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
status_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
subscribe_backend.go state: use enterprise meta for creating events 2020-10-30 14:34:04 -04:00
system_metadata.go connect: intentions are now managed as a new config entry kind "service-intentions" (#8834) 2020-10-06 13:24:05 -05:00
system_metadata_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
txn_endpoint.go trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
txn_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
util.go Move RPC router from Client/Server and into BaseDeps (#8559) 2020-08-27 11:23:52 -04:00
util_test.go Remove bytesToUint64 from agent/consul 2020-06-18 12:45:43 -04:00