Merge branch 'master' of https://github.com/hashicorp/vault

2015-10-03 00:07:34 -04:00 · 2015-10-03 00:07:34 -04:00 · 145aee229e
parent e3f04dc444 645932a0df
commit 145aee229e
7 changed files with 40 additions and 41 deletions
--- a/builtin/logical/ssh/backend_test.go
+++ b/builtin/logical/ssh/backend_test.go
@ -2,7 +2,7 @@ package ssh

 import (
 	"fmt"
-	"os/user"
+	"os"
 	"reflect"
 	"strings"
 	"testing"
@ -56,6 +56,7 @@ oOyBJU/HMVvBfv4g+OVFLVgSwwm6owwsouZ0+D/LasbuHqYyqYqdyPJQYzWA2Y+F
 )

 func testingFactory(conf *logical.BackendConfig) (logical.Backend, error) {
+	initTest()
 	defaultLeaseTTLVal := 2 * time.Minute
 	maxLeaseTTLVal := 10 * time.Minute
 	return Factory(&logical.BackendConfig{
@ -77,7 +78,7 @@ var testDynamicRoleData map[string]interface{}

 // Starts the server and initializes the servers IP address,
 // port and usernames to be used by the test cases.
-func init() {
+func initTest() {
 	addr, err := vault.StartSSHHostTestServer()
 	if err != nil {
 		panic(fmt.Sprintf("error starting mock server:%s", err))
@ -85,12 +86,11 @@ func init() {
 	input := strings.Split(addr, ":")
 	testIP = input[0]

-	u, err := user.Current()
-	if err != nil {
-		panic(fmt.Sprintf("error getting current username: '%s'", err))
+	testUserName := os.Getenv("VAULT_SSHTEST_USER")
+	if len(testUserName) == 0 {
+		panic("VAULT_SSHTEST_USER must be set to the desired user")
 	}
-	testUserName = u.Username
-	testAdminUser = u.Username
+	testAdminUser = testUserName

 	testOTPRoleData = map[string]interface{}{
 		"key_type":     testOTPKeyType,
--- a/command/ssh_test.go
+++ b/command/ssh_test.go
@ -5,7 +5,6 @@ import (
 	"fmt"
 	"io"
 	"os"
-	"os/user"
 	"strings"
 	"testing"

@ -57,7 +56,7 @@ var testAdminUser string

 // Starts the server and initializes the servers IP address,
 // port and usernames to be used by the test cases.
-func init() {
+func initTest() {
 	addr, err := vault.StartSSHHostTestServer()
 	if err != nil {
 		panic(fmt.Sprintf("Error starting mock server:%s", err))
@ -66,16 +65,16 @@ func init() {
 	testIP = input[0]
 	testPort = input[1]

-	u, err := user.Current()
-	if err != nil {
-		panic(fmt.Sprintf("Error getting current username: '%s'", err))
+	testUserName := os.Getenv("VAULT_SSHTEST_USER")
+	if len(testUserName) == 0 {
+		panic("VAULT_SSHTEST_USER must be set to the desired user")
 	}
-	testUserName = u.Username
-	testAdminUser = u.Username
+	testAdminUser = testUserName
 }

 // This test is broken. Hence temporarily disabling it.
 func testSSH(t *testing.T) {
+	initTest()
 	// Add the SSH backend to the unsealed test core.
 	// This should be done before the unsealed core is created.
 	err := vault.AddTestLogicalBackend("ssh", logicalssh.Factory)
--- a/vault/audit.go
+++ b/vault/audit.go
@ -180,8 +180,8 @@ func (c *Core) setupAudits() error {
 		audit, err := c.newAuditBackend(entry.Type, view, entry.Options)
 		if err != nil {
 			c.logger.Printf(
-				"[ERR] core: failed to create audit entry %#v: %v",
-				entry, err)
+				"[ERR] core: failed to create audit entry %s: %v",
+				entry.Path, err)
 			return errLoadAuditFailed
 		}

@ -280,7 +280,7 @@ func (a *AuditBroker) LogRequest(auth *logical.Auth, req *logical.Request, outer
 	defer a.l.RUnlock()
 	defer func() {
 		if r := recover(); r != nil {
-			a.logger.Printf("[ERR] audit: panic logging: auth: %#v, req: %#v: %v", auth, req, r)
+			a.logger.Printf("[ERR] audit: panic logging: req path: %s", req.Path)
 			reterr = fmt.Errorf("panic generating audit log")
 		}
 	}()
@ -312,7 +312,7 @@ func (a *AuditBroker) LogResponse(auth *logical.Auth, req *logical.Request,
 	defer a.l.RUnlock()
 	defer func() {
 		if r := recover(); r != nil {
-			a.logger.Printf("[ERR] audit: panic logging: auth: %#v, req: %#v, resp: %#v: %v", auth, req, resp, r)
+			a.logger.Printf("[ERR] audit: panic logging: req path: %s: %v", req.Path, r)
 			reterr = fmt.Errorf("panic generating audit log")
 		}
 	}()
--- a/vault/auth.go
+++ b/vault/auth.go
@ -245,8 +245,8 @@ func (c *Core) setupCredentials() error {
 		backend, err = c.newCredentialBackend(entry.Type, c.mountEntrySysView(entry), view, nil)
 		if err != nil {
 			c.logger.Printf(
-				"[ERR] core: failed to create credential entry %#v: %v",
-				entry, err)
+				"[ERR] core: failed to create credential entry %s: %v",
+				entry.Path, err)
 			return errLoadAuthFailed
 		}

@ -254,7 +254,7 @@ func (c *Core) setupCredentials() error {
 		path := credentialRoutePrefix + entry.Path
 		err = c.router.Mount(backend, path, entry, view)
 		if err != nil {
-			c.logger.Printf("[ERR] core: failed to mount auth entry %#v: %v", entry, err)
+			c.logger.Printf("[ERR] core: failed to mount auth entry %s: %v", entry.Path, err)
 			return errLoadAuthFailed
 		}

--- a/vault/core.go
+++ b/vault/core.go
@ -422,8 +422,8 @@ func (c *Core) HandleRequest(req *logical.Request) (resp *logical.Response, err

 	// Create an audit trail of the response
 	if err := c.auditBroker.LogResponse(auth, req, resp, err); err != nil {
-		c.logger.Printf("[ERR] core: failed to audit response (request: %#v, response: %#v): %v",
-			req, resp, err)
+		c.logger.Printf("[ERR] core: failed to audit response (request path: %s): %v",
+			req.Path, err)
 		return nil, ErrInternalError
 	}

@ -464,8 +464,8 @@ func (c *Core) handleRequest(req *logical.Request) (retResp *logical.Response, r
 		}

 		if err := c.auditBroker.LogRequest(auth, req, err); err != nil {
-			c.logger.Printf("[ERR] core: failed to audit request (%#v): %v",
-				req, err)
+			c.logger.Printf("[ERR] core: failed to audit request with path (%s): %v",
+				req.Path, err)
 		}

 		return logical.ErrorResponse(err.Error()), nil, errType
@ -476,8 +476,8 @@ func (c *Core) handleRequest(req *logical.Request) (retResp *logical.Response, r

 	// Create an audit trail of the request
 	if err := c.auditBroker.LogRequest(auth, req, nil); err != nil {
-		c.logger.Printf("[ERR] core: failed to audit request (%#v): %v",
-			req, err)
+		c.logger.Printf("[ERR] core: failed to audit request with path (%s): %v",
+			req.Path, err)
 		return nil, auth, ErrInternalError
 	}

@ -526,7 +526,7 @@ func (c *Core) handleRequest(req *logical.Request) (retResp *logical.Response, r
 			if err != nil {
 				c.logger.Printf(
 					"[ERR] core: failed to register lease "+
-						"(request: %#v, response: %#v): %v", req, resp, err)
+						"(request path: %s): %v", req.Path, err)
 				return nil, auth, ErrInternalError
 			}
 			resp.Secret.LeaseID = leaseID
@ -540,7 +540,7 @@ func (c *Core) handleRequest(req *logical.Request) (retResp *logical.Response, r
 		if !strings.HasPrefix(req.Path, "auth/token/") {
 			c.logger.Printf(
 				"[ERR] core: unexpected Auth response for non-token backend "+
-					"(request: %#v, response: %#v)", req, resp)
+					"(request path: %s)", req.Path)
 			return nil, auth, ErrInternalError
 		}

@ -557,7 +557,7 @@ func (c *Core) handleRequest(req *logical.Request) (retResp *logical.Response, r
 		// Register with the expiration manager
 		if err := c.expiration.RegisterAuth(req.Path, resp.Auth); err != nil {
 			c.logger.Printf("[ERR] core: failed to register token lease "+
-				"(request: %#v, response: %#v): %v", req, resp, err)
+				"(request path: %s): %v", req.Path, err)
 			return nil, auth, ErrInternalError
 		}
 	}
@ -573,8 +573,8 @@ func (c *Core) handleLoginRequest(req *logical.Request) (*logical.Response, *log

 	// Create an audit trail of the request, auth is not available on login requests
 	if err := c.auditBroker.LogRequest(nil, req, nil); err != nil {
-		c.logger.Printf("[ERR] core: failed to audit request (%#v): %v",
-			req, err)
+		c.logger.Printf("[ERR] core: failed to audit request with path %s: %v",
+			req.Path, err)
 		return nil, nil, ErrInternalError
 	}

@ -584,7 +584,7 @@ func (c *Core) handleLoginRequest(req *logical.Request) (*logical.Response, *log
 	// A login request should never return a secret!
 	if resp != nil && resp.Secret != nil {
 		c.logger.Printf("[ERR] core: unexpected Secret response for login path"+
-			"(request: %#v, response: %#v)", req, resp)
+			"(request path: %s)", req.Path)
 		return nil, nil, ErrInternalError
 	}

@ -604,7 +604,7 @@ func (c *Core) handleLoginRequest(req *logical.Request) (*logical.Response, *log
 		sysView := c.router.MatchingSystemView(req.Path)
 		if sysView == nil {
 			c.logger.Printf("[ERR] core: unable to look up sys view for login path"+
-				"(request: %#v, response: %#v)", req, resp)
+				"(request path: %s)", req.Path)
 			return nil, nil, ErrInternalError
 		}

@ -639,7 +639,7 @@ func (c *Core) handleLoginRequest(req *logical.Request) (*logical.Response, *log
 		// Register with the expiration manager
 		if err := c.expiration.RegisterAuth(req.Path, auth); err != nil {
 			c.logger.Printf("[ERR] core: failed to register token lease "+
-				"(request: %#v, response: %#v): %v", req, resp, err)
+				"(request path: %s): %v", req.Path, err)
 			return nil, auth, ErrInternalError
 		}

--- a/vault/logical_system.go
+++ b/vault/logical_system.go
@ -467,7 +467,7 @@ func (b *SystemBackend) handleMount(

 	// Attempt mount
 	if err := b.Core.mount(me); err != nil {
-		b.Backend.Logger().Printf("[ERR] sys: mount %#v failed: %v", me, err)
+		b.Backend.Logger().Printf("[ERR] sys: mount %s failed: %v", me.Path, err)
 		return handleError(err)
 	}

@ -715,7 +715,7 @@ func (b *SystemBackend) handleEnableAuth(

 	// Attempt enabling
 	if err := b.Core.enableCredential(me); err != nil {
-		b.Backend.Logger().Printf("[ERR] sys: enable auth %#v failed: %v", me, err)
+		b.Backend.Logger().Printf("[ERR] sys: enable auth %s failed: %v", me.Path, err)
 		return handleError(err)
 	}
 	return nil, nil
@ -851,7 +851,7 @@ func (b *SystemBackend) handleEnableAudit(

 	// Attempt enabling
 	if err := b.Core.enableAudit(me); err != nil {
-		b.Backend.Logger().Printf("[ERR] sys: enable audit %#v failed: %v", me, err)
+		b.Backend.Logger().Printf("[ERR] sys: enable audit %s failed: %v", me.Path, err)
 		return handleError(err)
 	}
 	return nil, nil
--- a/vault/mount.go
+++ b/vault/mount.go
@ -480,8 +480,8 @@ func (c *Core) setupMounts() error {
 		backend, err = c.newLogicalBackend(entry.Type, c.mountEntrySysView(entry), view, nil)
 		if err != nil {
 			c.logger.Printf(
-				"[ERR] core: failed to create mount entry %#v: %v",
-				entry, err)
+				"[ERR] core: failed to create mount entry %s: %v",
+				entry.Path, err)
 			return errLoadMountsFailed
 		}

@ -497,7 +497,7 @@ func (c *Core) setupMounts() error {
 		// Mount the backend
 		err = c.router.Mount(backend, entry.Path, entry, view)
 		if err != nil {
-			c.logger.Printf("[ERR] core: failed to mount entry %#v: %v", entry, err)
+			c.logger.Printf("[ERR] core: failed to mount entry %s: %v", entry.Path, err)
 			return errLoadMountsFailed
 		} else {
 			c.logger.Printf("[INFO] core: mounted backend of type %s at %s", entry.Type, view.prefix)