open-consul/agent
Hans Hasselberg 50281032e0
Security fixes (#7182)
* Mitigate HTTP/RPC Services Allow Unbounded Resource Usage

Fixes #7159.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-31 11:19:37 -05:00
..
ae Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
agentpb Updates to allow for Namespacing ACL resources in Consul Enterp… (#6675) 2019-10-24 14:38:09 -04:00
cache fix spelling errors (#7135) 2020-01-27 07:00:33 -06:00
cache-types fix spelling errors (#7135) 2020-01-27 07:00:33 -06:00
checks Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
config Security fixes (#7182) 2020-01-31 11:19:37 -05:00
connect Fix a couple bugs regarding intentions with namespaces (#7169) 2020-01-29 17:30:38 -05:00
consul Security fixes (#7182) 2020-01-31 11:19:37 -05:00
debug fix comment typos (#4890) 2018-11-02 12:00:39 -05:00
exec
local various tweaks on top of the hclog work (#7165) 2020-01-29 11:16:08 -06:00
metadata Sync some feature flag support from enterprise (#7167) 2020-01-29 13:21:38 -05:00
mock Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
pool Add note about RPC multiplexing and TLS content type mutual exc… (#6698) 2019-10-30 09:24:30 -04:00
proxycfg Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
router Sync some feature flag support from enterprise (#7167) 2020-01-29 13:21:38 -05:00
structs Updates to the Txn API for namespaces (#7172) 2020-01-30 13:12:26 -05:00
systemd
token acl: use constant time comparing to check token (#6943) 2019-12-16 21:54:52 +01:00
xds Fix a couple bugs regarding intentions with namespaces (#7169) 2020-01-29 17:30:38 -05:00
acl.go various tweaks on top of the hclog work (#7165) 2020-01-29 11:16:08 -06:00
acl_endpoint.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_endpoint_legacy.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
acl_endpoint_legacy_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
acl_endpoint_test.go [Feature] API: Add a internal endpoint to query for ACL authori… (#6888) 2019-12-06 09:25:26 -05:00
acl_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
agent.go Security fixes (#7182) 2020-01-31 11:19:37 -05:00
agent_endpoint.go ACL enforcement for the agent/health/services endpoints (#7191) 2020-01-31 11:16:24 -05:00
agent_endpoint_test.go agent: add ACL enforcement to the v1/agent/health/service/* endpoints 2020-01-31 09:57:38 -05:00
agent_oss.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
agent_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
bindata_assetfs.go update bindata_assetfs.go 2020-01-24 17:08:21 +00:00
blacklist.go
blacklist_test.go
catalog_endpoint.go Add the v1/catalog/node-services/:node endpoint (#7115) 2020-01-24 09:27:25 -05:00
catalog_endpoint_test.go Add the v1/catalog/node-services/:node endpoint (#7115) 2020-01-24 09:27:25 -05:00
check.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
config.go Make a few config entry endpoints return 404s and allow for snake_case and lowercase key names. (#5748) 2019-04-30 18:19:19 -04:00
config_endpoint.go Small refactoring to move meta parsing into the switch statement (#7170) 2020-01-29 19:12:48 -05:00
config_endpoint_test.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
connect_auth.go Intentions ACL enforcement updates (#7028) 2020-01-13 15:51:40 -05:00
connect_ca_endpoint.go connect: Add AWS PCA provider (#6795) 2019-11-21 17:40:29 +00:00
connect_ca_endpoint_test.go connect: check if intermediate cert needs to be renewed. (#6835) 2020-01-17 23:27:13 +01:00
coordinate_endpoint.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
coordinate_endpoint_test.go fix spelling errors (#7135) 2020-01-27 07:00:33 -06:00
discovery_chain_endpoint.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
discovery_chain_endpoint_test.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
dns.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
dns_oss.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
dns_test.go Add support for dual stack IPv4/IPv6 network (#6640) 2020-01-17 09:54:17 -05:00
enterprise_delegate_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
event_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
event_endpoint_test.go Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
health_endpoint.go Add support for dual stack IPv4/IPv6 network (#6640) 2020-01-17 09:54:17 -05:00
health_endpoint_test.go test: unflake two TestHealthServiceNode_* tests 2019-11-18 16:21:01 -06:00
http.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
http_decode_test.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
http_oss.go fix spelling errors (#7135) 2020-01-27 07:00:33 -06:00
http_oss_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
http_register.go Add the v1/catalog/node-services/:node endpoint (#7115) 2020-01-24 09:27:25 -05:00
http_test.go Security fixes (#7182) 2020-01-31 11:19:37 -05:00
intentions_endpoint.go Fix a couple bugs regarding intentions with namespaces (#7169) 2020-01-29 17:30:38 -05:00
intentions_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
keyring.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
keyring_test.go test: ensure all TestAgent constructions use a constructor (#6443) 2019-09-05 10:24:36 -07:00
kvs_endpoint.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
kvs_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
notify.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
notify_test.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
operator_endpoint.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
operator_endpoint_test.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
prepared_query_endpoint.go Add support for dual stack IPv4/IPv6 network (#6640) 2020-01-17 09:54:17 -05:00
prepared_query_endpoint_test.go Add tagged addresses for services (#5965) 2019-06-17 10:51:50 -04:00
remote_exec.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
remote_exec_test.go Update retries that weren't using retry.R (#6146) 2019-07-16 14:47:45 -06:00
retry_join.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
retry_join_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
service_checks_test.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
service_manager.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
service_manager_test.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
session_endpoint.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
session_endpoint_test.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
sidecar_service.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
sidecar_service_test.go test: don't leak agent goroutines in TestAgent_sidecarServiceFromNodeService (#6396) 2019-08-26 15:19:59 -05:00
signal_unix.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
signal_windows.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
snapshot_endpoint.go
snapshot_endpoint_test.go add wait to TestSnapshot 2019-02-22 17:34:45 -05:00
status_endpoint.go Allow forwarding of some status RPCs (#6198) 2019-07-25 14:26:22 -04:00
status_endpoint_test.go Fix flaky tests (#6229) 2019-07-29 15:07:25 -04:00
testagent.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
testagent_test.go
translate_addr.go Add the v1/catalog/node-services/:node endpoint (#7115) 2020-01-24 09:27:25 -05:00
txn_endpoint.go Updates to the Txn API for namespaces (#7172) 2020-01-30 13:12:26 -05:00
txn_endpoint_test.go Output proper HTTP status codes for Txn requests that are too large (#7157) 2020-01-28 16:22:40 -05:00
ui_endpoint.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
ui_endpoint_test.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
user_event.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
user_event_test.go Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
util.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
util_test.go Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
watch_handler.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
watch_handler_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00