open-consul/agent/consul
Daniel Nephin 44f9229b96 ca: add a test that uses an intermediate CA as the primary CA
This test found a bug in the secondary. We were appending the root cert
to the PEM, but that cert was already appended. This was failing
validation in Vault here:
https://github.com/hashicorp/vault/blob/sdk/v0.3.0/sdk/helper/certutil/types.go#L329

Previously this worked because self signed certs have the same
SubjectKeyID and AuthorityKeyID. So having the same self-signed cert
repeated doesn't fail that check.

However with an intermediate that is not self-signed, those values are
different, and so we fail the check. A test I added in a previous commit
should show that this continues to work with self-signed root certs as
well.
2022-02-02 13:41:35 -05:00
..
authmethod testing: remove unnecessary calls to freeport 2021-11-29 12:19:43 -05:00
discoverychain Remove support for failover to partition 2021-12-06 12:32:24 -07:00
fsm bulk rewrite using this script 2022-01-20 10:46:23 -06:00
prepared_query various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
state streaming: split event buffer by key (#12080) 2022-01-28 12:27:00 +00:00
stream streaming: split event buffer by key (#12080) 2022-01-28 12:27:00 +00:00
testdata
usagemetrics Rename partition-exports to exported-services 2021-12-03 17:47:31 -07:00
wanfed grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
acl.go acl: un-embed ACLIdentity 2022-02-02 12:07:31 -05:00
acl_authmethod.go
acl_authmethod_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_authmethod_test.go
acl_client.go Merge pull request #12165 from hashicorp/dnephin/acl-resolve-token 2022-01-31 13:27:49 -05:00
acl_endpoint.go acl: embed ACLResolver in Client and Server 2022-01-22 14:07:26 -05:00
acl_endpoint_legacy.go acl: remove most of the rest of structs/acl_legacy.go 2021-10-25 17:20:06 -04:00
acl_endpoint_oss.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_endpoint_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
acl_oss.go various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
acl_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_replication.go acl: remove legacy ACL replication 2021-09-03 12:42:06 -04:00
acl_replication_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
acl_replication_types.go
acl_server.go Merge pull request #12167 from hashicorp/dnephin/acl-resolve-token-3 2022-01-31 19:21:06 -05:00
acl_server_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_test.go Merge pull request #12167 from hashicorp/dnephin/acl-resolve-token-3 2022-01-31 19:21:06 -05:00
acl_token_exp.go acl: embed ACLResolver in Client and Server 2022-01-22 14:07:26 -05:00
acl_token_exp_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
auto_config_backend.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_backend_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
auto_config_endpoint.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_endpoint_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_encrypt_endpoint.go
auto_encrypt_endpoint_test.go server: remove defaulting of PrimaryDatacenter 2021-08-06 18:45:24 -04:00
autopilot.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
autopilot_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
autopilot_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
catalog_endpoint.go Clarify service and check error messages (use ID) 2022-01-04 11:42:37 -08:00
catalog_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
client.go Merge pull request #12165 from hashicorp/dnephin/acl-resolve-token 2022-01-31 13:27:49 -05:00
client_serf.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
client_test.go testing: use the new freeport interfaces 2021-11-27 15:39:46 -05:00
cluster_test.go
config.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
config_endpoint.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_replication.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_replication_test.go Move ent config test to ent file 2021-11-29 12:15:17 -07:00
config_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
connect_ca_endpoint.go Use stored entmeta to fill authzContext 2021-10-14 08:57:40 -06:00
connect_ca_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
coordinate_endpoint.go acl: Fill authzContext from token in Coordinate endpoints (#11688) 2021-11-30 13:17:41 -05:00
coordinate_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
discovery_chain_endpoint.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
discovery_chain_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
enterprise_client_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
enterprise_config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
enterprise_server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
enterprise_server_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
federation_state_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
federation_state_endpoint_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
federation_state_replication.go
federation_state_replication_test.go
filter.go acl: some acl authz refactors for nodes (#10909) 2021-08-25 13:43:11 -05:00
filter_test.go acl: remove id and revision from Policy constructors 2021-11-05 15:45:08 -04:00
flood.go
gateway_locator.go
gateway_locator_test.go
health_endpoint.go health: support ResultsFilteredByACLs flag/header (#11602) 2021-12-03 17:31:32 +00:00
health_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
helper_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
intention_endpoint.go acl: rename ResolveTokenToIdentityAndAuthorizer to ResolveToken 2022-01-31 18:04:19 -05:00
intention_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
internal_endpoint.go acl: un-embed ACLIdentity 2022-02-02 12:07:31 -05:00
internal_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
issue_test.go
kvs_endpoint.go kv: support ResultsFilteredByACLs in list/list keys (#11593) 2021-12-03 17:31:48 +00:00
kvs_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
leader.go acl: embed ACLResolver in Client and Server 2022-01-22 14:07:26 -05:00
leader_connect.go Add virtual IP generation for term gateway backed services 2022-01-12 12:08:49 -08:00
leader_connect_ca.go ca: add a test that uses an intermediate CA as the primary CA 2022-02-02 13:41:35 -05:00
leader_connect_ca_test.go ca: add a test that uses an intermediate CA as the primary CA 2022-02-02 13:41:35 -05:00
leader_connect_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
leader_federation_state_ae.go agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669) 2021-07-22 13:20:45 -05:00
leader_federation_state_ae_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
leader_intentions.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
leader_intentions_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
leader_metrics.go ca: use the new leaf signing lookup func in leader metrics 2022-01-06 16:55:49 -05:00
leader_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
leader_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
logging.go
logging_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
merge.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
merge_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_test.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
operator_autopilot_endpoint.go acl: un-embed ACLIdentity 2022-02-02 12:07:31 -05:00
operator_autopilot_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
operator_endpoint.go
operator_raft_endpoint.go acl: un-embed ACLIdentity 2022-02-02 12:07:31 -05:00
operator_raft_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
options.go grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
options_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
prepared_query_endpoint.go query: support ResultsFilteredByACLs in query list endpoint (#11620) 2021-12-03 23:04:09 +00:00
prepared_query_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
raft_rpc.go rpc: authorize raft requests (#10925) 2021-08-26 15:04:32 -07:00
replication.go Apply suggestions from code review 2022-01-26 12:24:13 -05:00
replication_test.go
rpc.go rpc: cleanup exit and blocking condition logic in blockingQuery 2022-01-17 16:59:25 -05:00
rpc_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
rtt.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
rtt_test.go
segment_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
serf_filter.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
serf_test.go
server.go Merge pull request #12165 from hashicorp/dnephin/acl-resolve-token 2022-01-31 13:27:49 -05:00
server_connect.go ca: accept only the cluster ID to SpiffeIDSigningForCluster 2021-11-16 16:57:21 -05:00
server_lookup.go
server_lookup_test.go
server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
server_register.go
server_serf.go acl: embed ACLResolver in Client and Server 2022-01-22 14:07:26 -05:00
server_test.go [OSS] Remove remaining references to master (#11827) 2022-01-20 12:47:50 +00:00
session_endpoint.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
session_timers.go
session_timers_test.go
session_ttl.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_ttl_test.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
snapshot_endpoint.go Groundwork for exposing when queries are filtered by ACLs (#11569) 2021-12-03 17:11:26 +00:00
snapshot_endpoint_test.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
stats_fetcher.go
stats_fetcher_test.go
status_endpoint.go
status_endpoint_test.go ENT to OSS sync (#11703) 2021-12-01 14:56:10 -05:00
subscribe_backend.go grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
subscribe_backend_test.go subscribe: attempt to fix a flaky test 2021-10-27 15:09:09 -04:00
system_metadata.go
system_metadata_test.go testing: Revert assertion for virtual IP flag (#11932) 2022-01-04 11:24:56 -05:00
txn_endpoint.go txn: support ResultsFilteredByACLs flag in Read endpoint (#11632) 2021-12-03 20:41:03 +00:00
txn_endpoint_test.go Merge pull request #12109 from hashicorp/dnephin/blocking-query-1 2022-01-26 18:13:55 -05:00
util.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
util_test.go acl: remove legacy ACL upgrades from Server 2021-09-29 15:19:23 -04:00