2022-01-05 18:02:03 +00:00
|
|
|
//go:build !enterprise
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
package vault
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2022-02-17 21:08:51 +00:00
|
|
|
"fmt"
|
2018-09-18 03:03:00 +00:00
|
|
|
|
2022-02-17 21:08:51 +00:00
|
|
|
"github.com/hashicorp/go-hclog"
|
2021-04-06 23:40:43 +00:00
|
|
|
"github.com/hashicorp/vault/command/server"
|
2018-09-18 03:03:00 +00:00
|
|
|
"github.com/hashicorp/vault/helper/namespace"
|
2019-04-13 07:44:06 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/license"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
|
|
|
"github.com/hashicorp/vault/sdk/physical"
|
2020-06-26 21:13:16 +00:00
|
|
|
"github.com/hashicorp/vault/vault/quotas"
|
2019-02-15 02:14:56 +00:00
|
|
|
"github.com/hashicorp/vault/vault/replication"
|
2018-09-18 03:03:00 +00:00
|
|
|
)
|
|
|
|
|
2020-10-29 23:47:34 +00:00
|
|
|
const (
|
|
|
|
activityLogEnabledDefault = false
|
|
|
|
activityLogEnabledDefaultValue = "default-disabled"
|
|
|
|
)
|
|
|
|
|
2021-04-08 16:43:39 +00:00
|
|
|
type (
|
|
|
|
entCore struct{}
|
|
|
|
entCoreConfig struct{}
|
|
|
|
)
|
2020-02-15 00:39:13 +00:00
|
|
|
|
|
|
|
func (e entCoreConfig) Clone() entCoreConfig {
|
|
|
|
return entCoreConfig{}
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
|
2019-04-11 15:18:32 +00:00
|
|
|
type LicensingConfig struct {
|
|
|
|
AdditionalPublicKeys []interface{}
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
func coreInit(c *Core, conf *CoreConfig) error {
|
|
|
|
phys := conf.Physical
|
|
|
|
_, txnOK := phys.(physical.Transactional)
|
|
|
|
sealUnwrapperLogger := conf.Logger.Named("storage.sealunwrapper")
|
|
|
|
c.allLoggers = append(c.allLoggers, sealUnwrapperLogger)
|
|
|
|
c.sealUnwrapper = NewSealUnwrapper(phys, sealUnwrapperLogger)
|
|
|
|
// Wrap the physical backend in a cache layer if enabled
|
|
|
|
cacheLogger := c.baseLogger.Named("storage.cache")
|
|
|
|
c.allLoggers = append(c.allLoggers, cacheLogger)
|
|
|
|
if txnOK {
|
2020-10-13 15:11:54 +00:00
|
|
|
c.physical = physical.NewTransactionalCache(c.sealUnwrapper, conf.CacheSize, cacheLogger, c.MetricSink().Sink)
|
2018-09-18 03:03:00 +00:00
|
|
|
} else {
|
2020-10-13 15:11:54 +00:00
|
|
|
c.physical = physical.NewCache(c.sealUnwrapper, conf.CacheSize, cacheLogger, c.MetricSink().Sink)
|
2018-09-18 03:03:00 +00:00
|
|
|
}
|
|
|
|
c.physicalCache = c.physical.(physical.ToggleablePurgemonster)
|
|
|
|
|
2018-11-19 21:13:16 +00:00
|
|
|
// Wrap in encoding checks
|
|
|
|
if !conf.DisableKeyEncodingChecks {
|
|
|
|
c.physical = physical.NewStorageEncoding(c.physical)
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
return nil
|
|
|
|
}
|
2021-04-08 16:43:39 +00:00
|
|
|
|
2020-02-15 00:39:13 +00:00
|
|
|
func (c *Core) setupReplicationResolverHandler() error {
|
|
|
|
return nil
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
|
2022-02-17 21:08:51 +00:00
|
|
|
func NewPolicyMFABackend(core *Core, logger hclog.Logger) *PolicyMFABackend { return nil }
|
|
|
|
|
|
|
|
func (c *Core) barrierViewForNamespace(namespaceId string) (*BarrierView, error) {
|
|
|
|
if namespaceId != namespace.RootNamespaceID {
|
|
|
|
return nil, fmt.Errorf("failed to find barrier view for non-root namespace")
|
|
|
|
}
|
|
|
|
|
|
|
|
return c.systemBarrierView, nil
|
|
|
|
}
|
|
|
|
|
2021-04-06 23:40:43 +00:00
|
|
|
// GetCoreConfigInternal returns the server configuration
|
|
|
|
// in struct format.
|
|
|
|
func (c *Core) GetCoreConfigInternal() *server.Config {
|
|
|
|
conf := c.rawConfig.Load()
|
|
|
|
if conf == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return conf.(*server.Config)
|
|
|
|
}
|
|
|
|
|
2020-02-15 00:39:13 +00:00
|
|
|
func (c *Core) teardownReplicationResolverHandler() {}
|
|
|
|
func createSecondaries(*Core, *CoreConfig) {}
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
func addExtraLogicalBackends(*Core, map[string]logical.Factory) {}
|
|
|
|
|
|
|
|
func addExtraCredentialBackends(*Core, map[string]logical.Factory) {}
|
|
|
|
|
|
|
|
func preUnsealInternal(context.Context, *Core) error { return nil }
|
|
|
|
|
2020-06-29 17:23:10 +00:00
|
|
|
func postSealInternal(*Core) {}
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
func preSealPhysical(c *Core) {
|
|
|
|
switch c.sealUnwrapper.(type) {
|
|
|
|
case *sealUnwrapper:
|
|
|
|
c.sealUnwrapper.(*sealUnwrapper).stopUnwraps()
|
|
|
|
case *transactionalSealUnwrapper:
|
|
|
|
c.sealUnwrapper.(*transactionalSealUnwrapper).stopUnwraps()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Purge the cache
|
|
|
|
c.physicalCache.SetEnabled(false)
|
|
|
|
c.physicalCache.Purge(context.Background())
|
|
|
|
}
|
|
|
|
|
|
|
|
func postUnsealPhysical(c *Core) error {
|
|
|
|
switch c.sealUnwrapper.(type) {
|
|
|
|
case *sealUnwrapper:
|
|
|
|
c.sealUnwrapper.(*sealUnwrapper).runUnwraps()
|
|
|
|
case *transactionalSealUnwrapper:
|
|
|
|
c.sealUnwrapper.(*transactionalSealUnwrapper).runUnwraps()
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func loadMFAConfigs(context.Context, *Core) error { return nil }
|
|
|
|
|
|
|
|
func shouldStartClusterListener(*Core) bool { return true }
|
|
|
|
|
|
|
|
func hasNamespaces(*Core) bool { return false }
|
|
|
|
|
|
|
|
func (c *Core) Features() license.Features {
|
|
|
|
return license.FeatureNone
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) HasFeature(license.Features) bool {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2019-10-08 17:58:19 +00:00
|
|
|
func (c *Core) collectNamespaces() []*namespace.Namespace {
|
|
|
|
return []*namespace.Namespace{
|
|
|
|
namespace.RootNamespace,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-02-17 19:43:07 +00:00
|
|
|
func (c *Core) HasWALState(required *logical.WALState, perfStandby bool) bool {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2019-02-15 02:14:56 +00:00
|
|
|
func (c *Core) setupReplicatedClusterPrimary(*replication.Cluster) error { return nil }
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
func (c *Core) perfStandbyCount() int { return 0 }
|
|
|
|
|
2019-10-27 20:30:38 +00:00
|
|
|
func (c *Core) removePathFromFilteredPaths(context.Context, string, string) error {
|
2018-09-18 03:03:00 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) checkReplicatedFiltering(context.Context, *MountEntry, string) (bool, error) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) invalidateSentinelPolicy(PolicyType, string) {}
|
|
|
|
|
|
|
|
func (c *Core) removePerfStandbySecondary(context.Context, string) {}
|
2019-02-15 02:14:56 +00:00
|
|
|
|
2019-07-24 20:32:57 +00:00
|
|
|
func (c *Core) removeAllPerfStandbySecondaries() {}
|
|
|
|
|
2019-11-06 22:36:47 +00:00
|
|
|
func (c *Core) perfStandbyClusterHandler() (*replication.Cluster, chan struct{}, error) {
|
|
|
|
return nil, make(chan struct{}), nil
|
2019-02-15 02:14:56 +00:00
|
|
|
}
|
2019-10-15 19:48:23 +00:00
|
|
|
|
|
|
|
func (c *Core) initSealsForMigration() {}
|
2019-10-16 16:52:37 +00:00
|
|
|
|
|
|
|
func (c *Core) postSealMigration(ctx context.Context) error { return nil }
|
2020-06-26 21:13:16 +00:00
|
|
|
|
2021-09-02 14:54:21 +00:00
|
|
|
func (c *Core) applyLeaseCountQuota(_ context.Context, in *quotas.Request) (*quotas.Response, error) {
|
2020-06-26 21:13:16 +00:00
|
|
|
return "as.Response{Allowed: true}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) ackLeaseQuota(access quotas.Access, leaseGenerated bool) error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) quotaLeaseWalker(ctx context.Context, callback func(request *quotas.Request) bool) error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) quotasHandleLeases(ctx context.Context, action quotas.LeaseAction, leaseIDs []string) error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Core) namespaceByPath(path string) *namespace.Namespace {
|
|
|
|
return namespace.RootNamespace
|
|
|
|
}
|
2021-02-24 11:58:10 +00:00
|
|
|
|
|
|
|
func (c *Core) AllowForwardingViaHeader() bool {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2022-02-17 19:43:07 +00:00
|
|
|
func (c *Core) ForwardToActive() string {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
2021-06-11 17:18:16 +00:00
|
|
|
func (c *Core) MissingRequiredState(raw []string, perfStandby bool) bool {
|
2021-02-24 11:58:10 +00:00
|
|
|
return false
|
|
|
|
}
|
2021-06-25 21:18:34 +00:00
|
|
|
|
2021-08-02 17:50:49 +00:00
|
|
|
func DiagnoseCheckLicense(ctx context.Context, vaultCore *Core, coreConfig CoreConfig, generate bool) (bool, []string) {
|
2021-06-25 21:18:34 +00:00
|
|
|
return false, nil
|
|
|
|
}
|