luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul
History
Chris S. Kim 8671448b73
Connect CA Primary Provider refactor (#16749) 
* Rename Intermediate cert references to LeafSigningCert

Within the Consul CA subsystem, the term "Intermediate"
is confusing because the meaning changes depending on
provider and datacenter (primary vs secondary). For
example, when using the Consul CA the "ActiveIntermediate"
may return the root certificate in a primary datacenter.

At a high level, we are interested in knowing which
CA is responsible for signing leaf certs, regardless of
its position in a certificate chain. This rename makes
the intent clearer.

* Move provider state check earlier

* Remove calls to GenerateLeafSigningCert

GenerateLeafSigningCert (formerly known
as GenerateIntermediate) is vestigial in
non-Vault providers, as it simply returns
the root certificate in primary
datacenters.

By folding Vault's intermediate cert logic
into `GenerateRoot` we can encapsulate
the intermediate cert handling within
`newCARoot`.

* Move GenerateLeafSigningCert out of PrimaryProvidder

Now that the Vault Provider calls
GenerateLeafSigningCert within
GenerateRoot, we can remove the method
from all other providers that never
used it in a meaningful way.

* Add test for IntermediatePEM

* Rename GenerateRoot to GenerateCAChain

"Root" was being overloaded in the Consul CA
context, as different providers and configs
resulted in a single root certificate or
a chain originating from an external trusted
CA. Since the Vault provider also generates
intermediates, it seems more accurate to
call this a CAChain.
 		2023-04-03 11:40:33 -04:00
..
auth copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
authmethod copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
autopilotevents copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
controller copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
discoverychain Add default resolvers to disco chains based on the default sameness group (#16837) 2023-03-31 14:35:56 -04:00
fsm copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
gateways copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
multilimiter copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
prepared_query copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rate copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
servercert copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
state Add default resolvers to disco chains based on the default sameness group (#16837) 2023-03-31 14:35:56 -04:00
stream copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
testdata ca: examine the full chain in newCARoot 2022-02-17 18:21:30 -05:00
usagemetrics copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
wanfed copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
watch copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
xdscapacity copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_authmethod.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_authmethod_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_client.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_endpoint_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_replication.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_replication_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_replication_types.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_server.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_server_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_token_exp.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_token_exp_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_config_backend.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_config_backend_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_config_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_config_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_encrypt_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto_encrypt_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
autopilot.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
autopilot_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
autopilot_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
catalog_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
catalog_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
client.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
client_serf.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
client_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
cluster_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_replication.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_replication_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
connect_ca_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
connect_ca_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
context.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
context_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
coordinate_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
coordinate_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
discovery_chain_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
discovery_chain_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
enterprise_client_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
enterprise_config_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
enterprise_server_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
enterprise_server_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
federation_state_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
federation_state_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
federation_state_replication.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
federation_state_replication_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
filter.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
filter_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
flood.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
fsm_data_store.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
gateway_locator.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
gateway_locator_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
grpc_integration_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
health_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
health_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
helper_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
intention_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
intention_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
internal_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
internal_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
issue_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
kvs_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
kvs_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_connect.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_connect_ca.go Connect CA Primary Provider refactor (#16749) 2023-04-03 11:40:33 -04:00
leader_connect_ca_test.go Connect CA Primary Provider refactor (#16749) 2023-04-03 11:40:33 -04:00
leader_connect_test.go Connect CA Primary Provider refactor (#16749) 2023-04-03 11:40:33 -04:00
leader_federation_state_ae.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_federation_state_ae_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_intentions.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_intentions_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_intentions_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_intentions_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_log_verification.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_metrics.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_peering.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_peering_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
leader_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
logging.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
logging_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
merge.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
merge_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
merge_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
merge_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_autopilot_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_autopilot_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_backend.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_backend_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_raft_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_raft_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_usage_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
options.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
options_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_backend.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_backend_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_backend_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_backend_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
prepared_query_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
prepared_query_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
raft_rpc.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
replication.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
replication_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rpc.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rpc_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rtt.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rtt_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
segment_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
serf_filter.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
serf_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_connect.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_log_verification.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_lookup.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_lookup_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_overview.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_overview_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_register.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_serf.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
server_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_timers.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_timers_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_ttl.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_ttl_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
snapshot_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
snapshot_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
stats_fetcher.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
stats_fetcher_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
status_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
status_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
subscribe_backend.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
subscribe_backend_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
system_metadata.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
system_metadata_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
txn_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
txn_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
util.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
util_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00