Bump sdk
This commit is contained in:
Jeff Mitchell
parent
ee87ea8600
commit
eade600ca7
2
go.mod
2
go.mod
|
|
@ -83,7 +83,7 @@ require (
|
|||
github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.2-0.20190516000311-88f9a4f11829
|
||||
github.com/hashicorp/vault-plugin-secrets-kv v0.5.2-0.20190626201950-a6e92ff82578
|
||||
github.com/hashicorp/vault/api v1.0.3-0.20190627213952-21b5ec5dc34c
|
||||
github.com/hashicorp/vault/sdk v0.1.12-0.20190627213952-21b5ec5dc34c
|
||||
github.com/hashicorp/vault/sdk v0.1.12-0.20190629185034-b43299fe641c
|
||||
github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4
|
||||
github.com/jackc/fake v0.0.0-20150926172116-812a484cc733 // indirect
|
||||
github.com/jackc/pgx v3.3.0+incompatible // indirect
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import (
|
|||
"github.com/hashicorp/vault/sdk/helper/strutil"
|
||||
)
|
||||
|
||||
var ErrInvalidCertParams = errors.New("ca cert, client key and client cert must all be set, or none should be set")
|
||||
var ErrInvalidCertParams = errors.New("invalid certificate parameters")
|
||||
|
||||
// TLSLookup maps the tls_min_version configuration to the internal value
|
||||
var TLSLookup = map[string]uint16{
|
||||
|
|
@ -75,6 +75,8 @@ func ClientTLSConfig(caCert []byte, clientCert []byte, clientKey []byte) (*tls.C
|
|||
var pool *x509.CertPool
|
||||
|
||||
switch {
|
||||
case len(caCert) != 0:
|
||||
// Valid
|
||||
case len(clientCert) != 0 && len(clientKey) != 0:
|
||||
// Valid
|
||||
default:
|
||||
|
|
@ -86,18 +88,21 @@ func ClientTLSConfig(caCert []byte, clientCert []byte, clientKey []byte) (*tls.C
|
|||
pool.AppendCertsFromPEM(caCert)
|
||||
}
|
||||
|
||||
cert, err := tls.X509KeyPair(clientCert, clientKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
tlsConfig = &tls.Config{
|
||||
Certificates: []tls.Certificate{cert},
|
||||
RootCAs: pool,
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
MinVersion: tls.VersionTLS12,
|
||||
RootCAs: pool,
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
MinVersion: tls.VersionTLS12,
|
||||
}
|
||||
|
||||
var cert tls.Certificate
|
||||
var err error
|
||||
if len(clientCert) != 0 && len(clientKey) != 0 {
|
||||
cert, err = tls.X509KeyPair(clientCert, clientKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
tlsConfig.Certificates = []tls.Certificate{cert}
|
||||
}
|
||||
tlsConfig.BuildNameToCertificate()
|
||||
|
||||
return tlsConfig, nil
|
||||
|
|
|
|||
|
|
@ -172,6 +172,15 @@ func (t *TokenParams) ParseTokenFields(req *logical.Request, d *framework.FieldD
|
|||
t.TokenType = tokenType
|
||||
}
|
||||
|
||||
if t.TokenType == logical.TokenTypeBatch || t.TokenType == logical.TokenTypeDefaultBatch {
|
||||
if t.TokenPeriod != 0 {
|
||||
return errors.New("'token_type' cannot be 'batch' or 'default_batch' when set to generate periodic tokens")
|
||||
}
|
||||
if t.TokenNumUses != 0 {
|
||||
return errors.New("'token_type' cannot be 'batch' or 'default_batch' when set to generate tokens with limited use count")
|
||||
}
|
||||
}
|
||||
|
||||
if ttlRaw, ok := d.GetOk("token_ttl"); ok {
|
||||
t.TokenTTL = time.Duration(ttlRaw.(int)) * time.Second
|
||||
}
|
||||
|
|
|
|||
|
|
@ -364,7 +364,7 @@ github.com/hashicorp/vault-plugin-secrets-gcpkms
|
|||
github.com/hashicorp/vault-plugin-secrets-kv
|
||||
# github.com/hashicorp/vault/api v1.0.3-0.20190627213952-21b5ec5dc34c => ./api
|
||||
github.com/hashicorp/vault/api
|
||||
# github.com/hashicorp/vault/sdk v0.1.12-0.20190627213952-21b5ec5dc34c => ./sdk
|
||||
# github.com/hashicorp/vault/sdk v0.1.12-0.20190629185034-b43299fe641c => ./sdk
|
||||
github.com/hashicorp/vault/sdk/helper/salt
|
||||
github.com/hashicorp/vault/sdk/helper/strutil
|
||||
github.com/hashicorp/vault/sdk/helper/wrapping
|
||||
|
|
@ -376,6 +376,7 @@ github.com/hashicorp/vault/sdk/plugin
|
|||
github.com/hashicorp/vault/sdk/helper/cidrutil
|
||||
github.com/hashicorp/vault/sdk/helper/consts
|
||||
github.com/hashicorp/vault/sdk/helper/locksutil
|
||||
github.com/hashicorp/vault/sdk/helper/tokenutil
|
||||
github.com/hashicorp/vault/sdk/helper/jsonutil
|
||||
github.com/hashicorp/vault/sdk/helper/certutil
|
||||
github.com/hashicorp/vault/sdk/helper/password
|
||||
|
|
@ -404,7 +405,6 @@ github.com/hashicorp/vault/sdk/plugin/pb
|
|||
github.com/hashicorp/vault/sdk/database/helper/connutil
|
||||
github.com/hashicorp/vault/sdk/helper/license
|
||||
github.com/hashicorp/vault/sdk/helper/pluginutil
|
||||
github.com/hashicorp/vault/sdk/helper/tokenutil
|
||||
github.com/hashicorp/vault/sdk/helper/kdf
|
||||
github.com/hashicorp/vault/sdk/plugin/mock
|
||||
# github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d
|
||||
|
|
|
|||
Loading…
Reference in New Issue