luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/vault/external_tests/api/sys_rekey_ext_test.go

297 lines
8 KiB
Go
Raw Normal View History

This moves api_test package tests into vault/external_tests This prevents projects importing Vault's API from then also importing the rest of Vault.
2019-03-06 16:20:42 +00:00
package api
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
import (
Finish non-recovery test
2018-05-20 06:42:15 +00:00
"encoding/base64"
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
"fmt"
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
"testing"
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
"github.com/hashicorp/go-hclog"
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
"github.com/hashicorp/vault/api"
Finish api tests for verification
2018-05-20 23:01:24 +00:00
"github.com/hashicorp/vault/helper/testhelpers"
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
vaulthttp "github.com/hashicorp/vault/http"
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
"github.com/hashicorp/vault/sdk/helper/logging"
"github.com/hashicorp/vault/sdk/physical/inmem"
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
"github.com/hashicorp/vault/vault"
)
func TestSysRekey_Verification(t *testing.T) {
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
testcases := []struct {
recovery bool
legacyShamir bool
}{
{recovery: true, legacyShamir: false},
{recovery: false, legacyShamir: false},
{recovery: false, legacyShamir: true},
}
for _, tc := range testcases {
recovery, legacy := tc.recovery, tc.legacyShamir
t.Run(fmt.Sprintf("recovery=%v,legacyShamir=%v", recovery, legacy), func(t *testing.T) {
t.Parallel()
testSysRekey_Verification(t, recovery, legacy)
})
}
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
}
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
func testSysRekey_Verification(t *testing.T, recovery bool, legacyShamir bool) {
opts := &vault.TestClusterOptions{
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
HandlerFunc: vaulthttp.Handler,
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
}
switch {
case recovery:
if legacyShamir {
panic("invalid case")
}
opts.SealFunc = func() vault.Seal {
return vault.NewTestSeal(t, &vault.TestSealOpts{
StoredKeys: vault.StoredKeysSupportedGeneric,
})
}
case legacyShamir:
opts.SealFunc = func() vault.Seal {
return vault.NewTestSeal(t, &vault.TestSealOpts{
StoredKeys: vault.StoredKeysNotSupported,
})
}
}
inm, err := inmem.NewInmemHA(nil, logging.NewVaultLogger(hclog.Debug))
if err != nil {
t.Fatal(err)
}
conf := vault.CoreConfig{
Physical: inm,
}
cluster := vault.NewTestCluster(t, &conf, opts)
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
cluster.Start()
defer cluster.Cleanup()
vault.TestWaitActive(t, cluster.Cores[0].Core)
client := cluster.Cores[0].Client
Add some more test structure and update test
2018-05-20 04:02:45 +00:00
client.SetMaxRetries(0)
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
initFunc := client.Sys().RekeyInit
updateFunc := client.Sys().RekeyUpdate
verificationUpdateFunc := client.Sys().RekeyVerificationUpdate
verificationStatusFunc := client.Sys().RekeyVerificationStatus
verificationCancelFunc := client.Sys().RekeyVerificationCancel
if recovery {
initFunc = client.Sys().RekeyRecoveryKeyInit
updateFunc = client.Sys().RekeyRecoveryKeyUpdate
verificationUpdateFunc = client.Sys().RekeyRecoveryKeyVerificationUpdate
verificationStatusFunc = client.Sys().RekeyRecoveryKeyVerificationStatus
verificationCancelFunc = client.Sys().RekeyRecoveryKeyVerificationCancel
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
var verificationNonce string
var newKeys []string
doRekeyInitialSteps := func() {
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
status, err := initFunc(&api.RekeyInitRequest{
Finish non-recovery test
2018-05-20 06:42:15 +00:00
SecretShares: 5,
SecretThreshold: 3,
RequireVerification: true,
})
if err != nil {
t.Fatal(err)
}
if status == nil {
t.Fatal("nil status")
}
if !status.VerificationRequired {
t.Fatal("expected verification required")
}
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
keys := cluster.BarrierKeys
if recovery {
keys = cluster.RecoveryKeys
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
var resp *api.RekeyUpdateResponse
for i := 0; i < 3; i++ {
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
resp, err = updateFunc(base64.StdEncoding.EncodeToString(keys[i]), status.Nonce)
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err != nil {
t.Fatal(err)
}
}
switch {
case !resp.Complete:
t.Fatal("expected completion")
case !resp.VerificationRequired:
t.Fatal("expected verification required")
case resp.VerificationNonce == "":
t.Fatal("verification nonce expected")
}
verificationNonce = resp.VerificationNonce
newKeys = resp.KeysB64
t.Logf("verification nonce: %q", verificationNonce)
}
doRekeyInitialSteps()
// We are still going, so should not be able to init again
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
_, err = initFunc(&api.RekeyInitRequest{
Add some more test structure and update test
2018-05-20 04:02:45 +00:00
SecretShares: 5,
SecretThreshold: 3,
RequireVerification: true,
})
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err == nil {
t.Fatal("expected error")
}
// Sealing should clear state, so after this we should be able to perform
// the above again
cluster.EnsureCoresSealed(t)
TestSysRekey_Verification would fail sometimes when recovery=true (#7710) because when unsealing it wouldn't wait for core 0 to come up and become the active node. Much of our testing code assumes that core0 is the active node.
2019-10-22 13:35:48 +00:00
if err := cluster.UnsealCoresWithError(recovery); err != nil {
t.Fatal(err)
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
doRekeyInitialSteps()
doStartVerify := func() {
// Start the process
for i := 0; i < 2; i++ {
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
status, err := verificationUpdateFunc(newKeys[i], verificationNonce)
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err != nil {
t.Fatal(err)
}
switch {
case status.Nonce != verificationNonce:
t.Fatalf("unexpected nonce, expected %q, got %q", verificationNonce, status.Nonce)
case status.Complete:
t.Fatal("unexpected completion")
}
}
// Check status
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
vStatus, err := verificationStatusFunc()
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err != nil {
t.Fatal(err)
}
switch {
case vStatus.Nonce != verificationNonce:
t.Fatalf("unexpected nonce, expected %q, got %q", verificationNonce, vStatus.Nonce)
case vStatus.T != 3:
t.Fatal("unexpected threshold")
case vStatus.N != 5:
t.Fatal("unexpected number of new keys")
case vStatus.Progress != 2:
t.Fatal("unexpected progress")
}
}
doStartVerify()
// Cancel; this should still keep the rekey process going but just cancel
// the verification operation
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
err = verificationCancelFunc()
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
if err != nil {
t.Fatal(err)
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
// Verify cannot init again
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
_, err = initFunc(&api.RekeyInitRequest{
Finish non-recovery test
2018-05-20 06:42:15 +00:00
SecretShares: 5,
SecretThreshold: 3,
RequireVerification: true,
})
if err == nil {
t.Fatal("expected error")
}
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
vStatus, err := verificationStatusFunc()
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err != nil {
t.Fatal(err)
}
switch {
case vStatus.Nonce == verificationNonce:
t.Fatalf("unexpected nonce, expected not-%q but got it", verificationNonce)
case vStatus.T != 3:
t.Fatal("unexpected threshold")
case vStatus.N != 5:
t.Fatal("unexpected number of new keys")
case vStatus.Progress != 0:
t.Fatal("unexpected progress")
}
verificationNonce = vStatus.Nonce
doStartVerify()
More work on recovery test
2018-05-20 22:42:14 +00:00
if !recovery {
// Sealing should clear state, but we never actually finished, so it should
// still be the old keys (which are still currently set)
cluster.EnsureCoresSealed(t)
cluster.UnsealCores(t)
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
vault.TestWaitActive(t, cluster.Cores[0].Core)
More work on recovery test
2018-05-20 22:42:14 +00:00
// Should be able to init again and get back to where we were
doRekeyInitialSteps()
doStartVerify()
Finish api tests for verification
2018-05-20 23:01:24 +00:00
} else {
// We haven't finished, so generating a root token should still be the
// old keys (which are still currently set)
Recovery Mode (#7559) * Initial work * rework * s/dr/recovery * Add sys/raw support to recovery mode (#7577) * Factor the raw paths out so they can be run with a SystemBackend. # Conflicts: # vault/logical_system.go * Add handleLogicalRecovery which is like handleLogical but is only sufficient for use with the sys-raw endpoint in recovery mode. No authentication is done yet. * Integrate with recovery-mode. We now handle unauthenticated sys/raw requests, albeit on path v1/raw instead v1/sys/raw. * Use sys/raw instead raw during recovery. * Don't bother persisting the recovery token. Authenticate sys/raw requests with it. * RecoveryMode: Support generate-root for autounseals (#7591) * Recovery: Abstract config creation and log settings * Recovery mode integration test. (#7600) * Recovery: Touch up (#7607) * Recovery: Touch up * revert the raw backend creation changes * Added recovery operation token prefix * Move RawBackend to its own file * Update API path and hit it using CLI flag on generate-root * Fix a panic triggered when handling a request that yields a nil response. (#7618) * Improve integ test to actually make changes while in recovery mode and verify they're still there after coming back in regular mode. * Refuse to allow a second recovery token to be generated. * Resize raft cluster to size 1 and start as leader (#7626) * RecoveryMode: Setup raft cluster post unseal (#7635) * Setup raft cluster post unseal in recovery mode * Remove marking as unsealed as its not needed * Address review comments * Accept only one seal config in recovery mode as there is no scope for migration
2019-10-15 04:55:31 +00:00
testhelpers.GenerateRoot(t, cluster, testhelpers.GenerateRootRegular)
More work on recovery test
2018-05-20 22:42:14 +00:00
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
// Provide the final new key
Refactor test to add recovery support
2018-05-20 21:38:04 +00:00
vuStatus, err := verificationUpdateFunc(newKeys[2], verificationNonce)
Finish non-recovery test
2018-05-20 06:42:15 +00:00
if err != nil {
t.Fatal(err)
}
switch {
case vuStatus.Nonce != verificationNonce:
t.Fatalf("unexpected nonce, expected %q, got %q", verificationNonce, vuStatus.Nonce)
case !vuStatus.Complete:
t.Fatal("expected completion")
}
More work on recovery test
2018-05-20 22:42:14 +00:00
if !recovery {
// Seal and unseal -- it should fail to unseal because the key has now been
// rotated
cluster.EnsureCoresSealed(t)
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
// Simulate restarting Vault rather than just a seal/unseal, because
// the standbys may not have had time to learn about the new key before
// we sealed them. We could sleep, but that's unreliable.
oldKeys := cluster.BarrierKeys
opts.SkipInit = true
opts.SealFunc = nil // post rekey we should use the barrier config on disk
cluster = vault.NewTestCluster(t, &conf, opts)
cluster.BarrierKeys = oldKeys
cluster.Start()
defer cluster.Cleanup()
TestSysRekey_Verification would fail sometimes when recovery=true (#7710) because when unsealing it wouldn't wait for core 0 to come up and become the active node. Much of our testing code assumes that core0 is the active node.
2019-10-22 13:35:48 +00:00
if err := cluster.UnsealCoresWithError(false); err == nil {
More work on recovery test
2018-05-20 22:42:14 +00:00
t.Fatal("expected error")
}
Finish non-recovery test
2018-05-20 06:42:15 +00:00
More work on recovery test
2018-05-20 22:42:14 +00:00
// Swap out the keys with our new ones and try again
var newKeyBytes [][]byte
for _, key := range newKeys {
val, err := base64.StdEncoding.DecodeString(key)
if err != nil {
t.Fatal(err)
}
newKeyBytes = append(newKeyBytes, val)
}
cluster.BarrierKeys = newKeyBytes
TestSysRekey_Verification would fail sometimes when recovery=true (#7710) because when unsealing it wouldn't wait for core 0 to come up and become the active node. Much of our testing code assumes that core0 is the active node.
2019-10-22 13:35:48 +00:00
if err := cluster.UnsealCoresWithError(false); err != nil {
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
t.Fatal(err)
Finish non-recovery test
2018-05-20 06:42:15 +00:00
}
Finish api tests for verification
2018-05-20 23:01:24 +00:00
} else {
// The old keys should no longer work
Recovery Mode (#7559) * Initial work * rework * s/dr/recovery * Add sys/raw support to recovery mode (#7577) * Factor the raw paths out so they can be run with a SystemBackend. # Conflicts: # vault/logical_system.go * Add handleLogicalRecovery which is like handleLogical but is only sufficient for use with the sys-raw endpoint in recovery mode. No authentication is done yet. * Integrate with recovery-mode. We now handle unauthenticated sys/raw requests, albeit on path v1/raw instead v1/sys/raw. * Use sys/raw instead raw during recovery. * Don't bother persisting the recovery token. Authenticate sys/raw requests with it. * RecoveryMode: Support generate-root for autounseals (#7591) * Recovery: Abstract config creation and log settings * Recovery mode integration test. (#7600) * Recovery: Touch up (#7607) * Recovery: Touch up * revert the raw backend creation changes * Added recovery operation token prefix * Move RawBackend to its own file * Update API path and hit it using CLI flag on generate-root * Fix a panic triggered when handling a request that yields a nil response. (#7618) * Improve integ test to actually make changes while in recovery mode and verify they're still there after coming back in regular mode. * Refuse to allow a second recovery token to be generated. * Resize raft cluster to size 1 and start as leader (#7626) * RecoveryMode: Setup raft cluster post unseal (#7635) * Setup raft cluster post unseal in recovery mode * Remove marking as unsealed as its not needed * Address review comments * Accept only one seal config in recovery mode as there is no scope for migration
2019-10-15 04:55:31 +00:00
_, err := testhelpers.GenerateRootWithError(t, cluster, testhelpers.GenerateRootRegular)
Finish api tests for verification
2018-05-20 23:01:24 +00:00
if err == nil {
t.Fatal("expected error")
}
Shamir seals now come in two varieties: legacy and new-style. (#7694) Shamir seals now come in two varieties: legacy and new-style. Legacy Shamir is automatically converted to new-style when a rekey operation is performed. All new Vault initializations using Shamir are new-style. New-style Shamir writes an encrypted master key to storage, just like AutoUnseal. The stored master key is encrypted using the shared key that is split via Shamir's algorithm. Thus when unsealing, we take the key fragments given, combine them into a Key-Encryption-Key, and use that to decrypt the master key on disk. Then the master key is used to read the keyring that decrypts the barrier.
2019-10-18 18:46:00 +00:00
// Put the new keys in place and run again
Finish api tests for verification
2018-05-20 23:01:24 +00:00
cluster.RecoveryKeys = nil
for _, key := range newKeys {
dec, err := base64.StdEncoding.DecodeString(key)
if err != nil {
t.Fatal(err)
}
cluster.RecoveryKeys = append(cluster.RecoveryKeys, dec)
}
if err := client.Sys().GenerateRootCancel(); err != nil {
t.Fatal(err)
}
Recovery Mode (#7559) * Initial work * rework * s/dr/recovery * Add sys/raw support to recovery mode (#7577) * Factor the raw paths out so they can be run with a SystemBackend. # Conflicts: # vault/logical_system.go * Add handleLogicalRecovery which is like handleLogical but is only sufficient for use with the sys-raw endpoint in recovery mode. No authentication is done yet. * Integrate with recovery-mode. We now handle unauthenticated sys/raw requests, albeit on path v1/raw instead v1/sys/raw. * Use sys/raw instead raw during recovery. * Don't bother persisting the recovery token. Authenticate sys/raw requests with it. * RecoveryMode: Support generate-root for autounseals (#7591) * Recovery: Abstract config creation and log settings * Recovery mode integration test. (#7600) * Recovery: Touch up (#7607) * Recovery: Touch up * revert the raw backend creation changes * Added recovery operation token prefix * Move RawBackend to its own file * Update API path and hit it using CLI flag on generate-root * Fix a panic triggered when handling a request that yields a nil response. (#7618) * Improve integ test to actually make changes while in recovery mode and verify they're still there after coming back in regular mode. * Refuse to allow a second recovery token to be generated. * Resize raft cluster to size 1 and start as leader (#7626) * RecoveryMode: Setup raft cluster post unseal (#7635) * Setup raft cluster post unseal in recovery mode * Remove marking as unsealed as its not needed * Address review comments * Accept only one seal config in recovery mode as there is no scope for migration
2019-10-15 04:55:31 +00:00
testhelpers.GenerateRoot(t, cluster, testhelpers.GenerateRootRegular)
Update rekey methods to indicate proper error codes in responses
2018-05-20 03:43:48 +00:00
}
}
Reference in a new issue Copy permalink