luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul
History
Matt Keeler 849eedd142
Fix identity resolution on clients and in secondary dcs (#7862) 
Previously this happened to be using the method on the Server/Client that was meant to allow the ACLResolver to locally resolve tokens. On Servers that had tokens (primary or secondary dc + token replication) this function would lookup the token from raft and return the ACLIdentity. On clients this was always a noop. We inadvertently used this function instead of creating a new one when we added logging accessor ids for permission denied RPC requests. 

With this commit, a new method is used for resolving the identity properly via the ACLResolver which may still resolve locally in the case of being on a server with tokens but also supports remote token resolution.
 		2020-05-13 13:00:08 -04:00
..
authmethod Add unconvert linter 2020-05-12 13:47:25 -04:00
autopilot Value is already an int, remove type cast 2020-05-12 13:13:09 -04:00
discoverychain Construct a default destination if one does not exist for service-router (#7783) 2020-05-05 10:49:50 -05:00
fsm Restoring config entries updates the gateway-services table (#7811) 2020-05-08 13:24:33 -05:00
prepared_query Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
state Add unconvert linter 2020-05-12 13:47:25 -04:00
testdata Fix support for RSA CA keys in Connect. (#6638) 2019-11-01 13:20:26 +00:00
wanfed wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
acl.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_authmethod.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
acl_client.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_endpoint.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_legacy.go Some boilerplate to allow for ACL Bootstrap disabling configurability 2020-04-28 09:42:46 -04:00
acl_endpoint_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_test.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_oss.go Allow the PolicyResolve and RoleResolve endpoints to process na… (#7296) 2020-02-13 14:55:27 -05:00
acl_oss_test.go Update the ACL Resolver to allow for Consul Enterprise specific hooks. (#6687) 2019-10-25 11:06:16 -04:00
acl_replication.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
acl_replication_legacy.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
acl_replication_legacy_test.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_replication_test.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_replication_types.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_server.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_server_oss.go Allow the bootstrap endpoint to be disabled in enterprise. (#7614) 2020-04-14 11:45:39 -04:00
acl_test.go Fix identity resolution on clients and in secondary dcs (#7862) 2020-05-13 13:00:08 -04:00
acl_token_exp.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
acl_token_exp_test.go acl: adding support for kubernetes auth provider login (#5600) 2019-04-26 14:49:25 -05:00
auto_encrypt.go Add unconvert linter 2020-05-12 13:47:25 -04:00
auto_encrypt_endpoint.go auto_encrypt: check previously ignored error (#6604) 2020-02-03 10:35:11 +01:00
auto_encrypt_endpoint_test.go auto_encrypt: set dns and ip san for k8s and provide configuration (#6944) 2020-01-17 23:25:26 +01:00
auto_encrypt_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
autopilot.go Remove failed nodes from serfWAN (#6028) 2019-06-28 12:40:07 -05:00
autopilot_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
autopilot_test.go Fix flaky TestAutopilot_BootstrapExpect (#7242) 2020-02-10 14:52:58 -06:00
catalog_endpoint.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
catalog_endpoint_test.go Terminating gateway discovery (#7571) 2020-04-08 12:37:24 -06:00
client.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
client_serf.go agent: differentiate wan vs lan loggers in memberlist and serf (#7205) 2020-02-05 09:52:43 -06:00
client_test.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
cluster_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
config.go agent: stub out auditing functionality in OSS 2020-04-16 15:07:52 -07:00
config_endpoint.go Fix a bug with ACL enforcement of reads on namespaced config entries. (#7239) 2020-02-07 08:30:40 -05:00
config_endpoint_test.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
config_replication.go various tweaks on top of the hclog work (#7165) 2020-01-29 11:16:08 -06:00
config_replication_test.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
connect_ca_endpoint.go Catalog + Namespace OSS changes. (#7219) 2020-02-10 10:40:44 -05:00
connect_ca_endpoint_test.go Support Connect CAs that can't cross sign (#6726) 2019-11-11 21:36:22 +00:00
consul_ca_delegate.go connect: derive connect certificate serial numbers from a memdb index instead of the provider table max index (#7011) 2020-01-09 16:32:19 +01:00
coordinate_endpoint.go Catalog + Namespace OSS changes. (#7219) 2020-02-10 10:40:44 -05:00
coordinate_endpoint_test.go Add fmt and vet (#5671) 2019-04-25 12:26:33 -04:00
discovery_chain_endpoint.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
discovery_chain_endpoint_test.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
enterprise_client_oss.go Sync some feature flag support from enterprise (#7167) 2020-01-29 13:21:38 -05:00
enterprise_config_oss.go Add EnterpriseConfig stubs (#6566) 2019-10-01 14:34:55 -04:00
enterprise_server_oss.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
federation_state_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_replication.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
federation_state_replication_test.go fix flaky TestReplication_FederationStates test due to race conditions (#7612) 2020-04-09 15:42:41 -05:00
filter.go Updates to the Txn API for namespaces (#7172) 2020-01-30 13:12:26 -05:00
filter_test.go OSS KV Modifications to Support Namespaces 2019-11-25 12:57:35 -05:00
flood.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
gateway_locator.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
gateway_locator_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
health_endpoint.go Ingress Gateways for TCP services (#7509) 2020-04-16 14:00:48 -07:00
health_endpoint_test.go Require individual services in ingress entry to match protocols (#7774) 2020-05-06 16:09:24 -05:00
helper_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
intention_endpoint.go Enable filtering language support for the v1/connect/intentions… (#7593) 2020-04-07 11:48:44 -04:00
intention_endpoint_test.go Enable filtering language support for the v1/connect/intentions… (#7593) 2020-04-07 11:48:44 -04:00
internal_endpoint.go Gateway Services Nodes UI Endpoint (#7685) 2020-05-11 11:35:17 -06:00
internal_endpoint_test.go Make new gateway tests compatible with enterprise (#7856) 2020-05-12 13:48:20 -05:00
issue_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
kvs_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
kvs_endpoint_test.go OSS KV Modifications to Support Namespaces 2019-11-25 12:57:35 -05:00
leader.go Update the Client code to use the common version checking infra… (#7558) 2020-04-14 11:54:27 -04:00
leader_connect.go Ensure server requirements checks are done against ALL known se… (#7491) 2020-03-27 12:31:43 -04:00
leader_connect_test.go connect: add validations around intermediate cert ttl (#7213) 2020-02-11 00:05:49 +01:00
leader_federation_state_ae.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_federation_state_ae_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_routine_manager.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
leader_routine_manager_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
leader_test.go Update the Client code to use the common version checking infra… (#7558) 2020-04-14 11:54:27 -04:00
logging.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
logging_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
merge.go agent: don't let left nodes hold onto their node-id (#7747) 2020-05-04 18:39:08 +02:00
merge_test.go Skips unique node ID check for old versions of Consul. 2017-09-05 22:57:29 -07:00
operator_autopilot_endpoint.go Add managed service provider token (#7218) 2020-02-04 13:58:56 -07:00
operator_autopilot_endpoint_test.go Set MinQuorum variable in Autopilot (#6654) 2019-10-29 09:04:41 -05:00
operator_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
operator_raft_endpoint.go Add managed service provider token (#7218) 2020-02-04 13:58:56 -07:00
operator_raft_endpoint_test.go sdk: add freelist tracking and ephemeral port range skipping to freeport 2019-09-17 14:30:43 -05:00
prepared_query_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
prepared_query_endpoint_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
raft_rpc.go agent: move conn pool for muxed connections into separate pkg 2017-06-21 05:42:39 +02:00
replication.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
replication_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
rpc.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
rpc_test.go server: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#7419) 2020-03-10 11:15:22 -05:00
rtt.go Added Coordinate.Node rpc endpoint and client api method 2017-10-26 19:16:40 -07:00
rtt_test.go Fix more unstable tests in agent and command 2018-09-12 14:49:27 +01:00
segment_oss.go Fix spelling of deregister (#7804) 2020-05-08 10:03:45 -04:00
serf_test.go pkg refactor 2017-06-10 18:52:45 +02:00
server.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
server_lookup.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
server_lookup_test.go More cleanup from code review 2017-08-30 12:31:36 -05:00
server_oss.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
server_serf.go Add unconvert linter 2020-05-12 13:47:25 -04:00
server_test.go network_segments: stop advertising segment tags 2020-05-05 21:32:05 +02:00
session_endpoint.go Fix session backwards incompatibility with 1.6.x and earlier. 2020-03-05 15:34:55 -05:00
session_endpoint_test.go Fix session backwards incompatibility with 1.6.x and earlier. 2020-03-05 15:34:55 -05:00
session_timers.go address review comments 2017-07-07 09:22:34 +02:00
session_timers_test.go rpc: refactor sessionTimers and fix racy tests 2017-07-07 09:22:34 +02:00
session_ttl.go agent: add server raft.{last,applied}_index gauges (#6694) 2020-02-11 10:50:18 +01:00
session_ttl_test.go OSS Modifications necessary for sessions namespacing 2019-11-25 12:07:04 -05:00
snapshot_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
snapshot_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
stats_fetcher.go rpc: oss changes for network area connection pooling (#7735) 2020-04-30 22:12:17 +02:00
stats_fetcher_test.go Flaky test overhaul (#6100) 2019-07-12 09:52:26 -06:00
status_endpoint.go Allow forwarding of some status RPCs (#6198) 2019-07-25 14:26:22 -04:00
status_endpoint_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
txn_endpoint.go Updates to the Txn API for namespaces (#7172) 2020-01-30 13:12:26 -05:00
txn_endpoint_test.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
util.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
util_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00