luxolus/open-consul
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-consul/agent/consul
History
Matt Keeler 849eedd142
Fix identity resolution on clients and in secondary dcs (#7862) 
Previously this happened to be using the method on the Server/Client that was meant to allow the ACLResolver to locally resolve tokens. On Servers that had tokens (primary or secondary dc + token replication) this function would lookup the token from raft and return the ACLIdentity. On clients this was always a noop. We inadvertently used this function instead of creating a new one when we added logging accessor ids for permission denied RPC requests. 

With this commit, a new method is used for resolving the identity properly via the ACLResolver which may still resolve locally in the case of being on a server with tokens but also supports remote token resolution.
2020-05-13 13:00:08 -04:00
..
authmethod Add unconvert linter 2020-05-12 13:47:25 -04:00
autopilot Value is already an int, remove type cast 2020-05-12 13:13:09 -04:00
discoverychain Construct a default destination if one does not exist for service-router (#7783) 2020-05-05 10:49:50 -05:00
fsm Restoring config entries updates the gateway-services table (#7811) 2020-05-08 13:24:33 -05:00
prepared_query
state Add unconvert linter 2020-05-12 13:47:25 -04:00
testdata
wanfed wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
acl.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_authmethod.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
acl_client.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_endpoint.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_legacy.go Some boilerplate to allow for ACL Bootstrap disabling configurability 2020-04-28 09:42:46 -04:00
acl_endpoint_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_test.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_oss.go
acl_oss_test.go
acl_replication.go
acl_replication_legacy.go
acl_replication_legacy_test.go
acl_replication_test.go
acl_replication_types.go
acl_server.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_server_oss.go Allow the bootstrap endpoint to be disabled in enterprise. (#7614) 2020-04-14 11:45:39 -04:00
acl_test.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_token_exp.go
acl_token_exp_test.go
auto_encrypt.go Add unconvert linter 2020-05-12 13:47:25 -04:00
auto_encrypt_endpoint.go
auto_encrypt_endpoint_test.go
auto_encrypt_test.go
autopilot.go
autopilot_oss.go
autopilot_test.go
catalog_endpoint.go
catalog_endpoint_test.go Terminating gateway discovery (#7571) 2020-04-08 12:37:24 -06:00
client.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
client_serf.go
client_test.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
cluster_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
config.go agent: stub out auditing functionality in OSS 2020-04-16 15:07:52 -07:00
config_endpoint.go
config_endpoint_test.go
config_replication.go
config_replication_test.go
connect_ca_endpoint.go
connect_ca_endpoint_test.go
consul_ca_delegate.go
coordinate_endpoint.go
coordinate_endpoint_test.go
discovery_chain_endpoint.go
discovery_chain_endpoint_test.go
enterprise_client_oss.go
enterprise_config_oss.go
enterprise_server_oss.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
federation_state_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_replication.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_replication_test.go fix flaky TestReplication_FederationStates test due to race conditions (#7612) 2020-04-09 15:42:41 -05:00
filter.go
filter_test.go
flood.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
gateway_locator.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
gateway_locator_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
health_endpoint.go Ingress Gateways for TCP services (#7509) 2020-04-16 14:00:48 -07:00
health_endpoint_test.go Require individual services in ingress entry to match protocols (#7774) 2020-05-06 16:09:24 -05:00
helper_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
intention_endpoint.go Enable filtering language support for the v1/connect/intentions… (#7593) 2020-04-07 11:48:44 -04:00
intention_endpoint_test.go Enable filtering language support for the v1/connect/intentions… (#7593) 2020-04-07 11:48:44 -04:00
internal_endpoint.go Gateway Services Nodes UI Endpoint (#7685) 2020-05-11 11:35:17 -06:00
internal_endpoint_test.go Make new gateway tests compatible with enterprise (#7856) 2020-05-12 13:48:20 -05:00
issue_test.go
kvs_endpoint.go
kvs_endpoint_test.go
leader.go Update the Client code to use the common version checking infra… (#7558) 2020-04-14 11:54:27 -04:00
leader_connect.go Ensure server requirements checks are done against ALL known se… (#7491) 2020-03-27 12:31:43 -04:00
leader_connect_test.go
leader_federation_state_ae.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_federation_state_ae_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_routine_manager.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_routine_manager_test.go
leader_test.go Update the Client code to use the common version checking infra… (#7558) 2020-04-14 11:54:27 -04:00
logging.go
logging_test.go
merge.go agent: don't let left nodes hold onto their node-id (#7747) 2020-05-04 18:39:08 +02:00
merge_test.go
operator_autopilot_endpoint.go
operator_autopilot_endpoint_test.go
operator_endpoint.go
operator_raft_endpoint.go
operator_raft_endpoint_test.go
prepared_query_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
prepared_query_endpoint_test.go
raft_rpc.go
replication.go
replication_test.go
rpc.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
rpc_test.go server: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#7419) 2020-03-10 11:15:22 -05:00
rtt.go
rtt_test.go
segment_oss.go Fix spelling of deregister (#7804) 2020-05-08 10:03:45 -04:00
serf_test.go
server.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
server_lookup.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
server_lookup_test.go
server_oss.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
server_serf.go Add unconvert linter 2020-05-12 13:47:25 -04:00
server_test.go network_segments: stop advertising segment tags 2020-05-05 21:32:05 +02:00
session_endpoint.go
session_endpoint_test.go
session_timers.go
session_timers_test.go
session_ttl.go
session_ttl_test.go
snapshot_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
snapshot_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
stats_fetcher.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
stats_fetcher_test.go
status_endpoint.go
status_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
txn_endpoint.go
txn_endpoint_test.go
util.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
util_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00