Commit graph

405 commits

Author SHA1 Message Date
Jeff Mitchell 9ef0680e7f
Fix leader info repopulation (#6167)
* Two things:

* Change how we populate and clear leader UUID. This fixes a case where
if a standby disconnects from an active node and reconnects, without the
active node restarting, the UUID doesn't change so triggers on a new
active node don't get run.

* Add a bunch of test helpers and minor updates to things.
2019-02-05 21:01:18 -05:00
Jeff Mitchell 5f249d4005
Add allowed_response_headers (#6115) 2019-02-05 16:02:15 -05:00
Jeff Mitchell bbc1d53a5d Revert "Refactor common token fields and operations into a helper (#5953)"
This reverts commit 66c226c593bb1cd48cfd8364ac8510cb42b7d67a.
2019-02-01 11:23:40 -05:00
Jeff Mitchell 27c960d8df
Split SubView functionality into logical.StorageView (#6141)
This lets other parts of Vault that can't depend on the vault package
take advantage of the subview functionality.

This also allows getting rid of BarrierStorage and vault.Entry, two
totally redundant abstractions.
2019-01-31 09:25:18 -05:00
Jim Kalafut b98cc2e2cf
Add json.Number handling to TypeHeader (#6134)
Fixes #6131
2019-01-30 15:24:39 -08:00
Jeff Mitchell 85a560abba
Refactor common token fields and operations into a helper (#5953) 2019-01-30 16:23:28 -05:00
Jim Kalafut 7842e320aa
Add fields to support UI/display uses, along with OpenAPI mappings (#6082) 2019-01-29 15:35:37 -08:00
Jeff Mitchell e781ea3ac4
First part of perf standby entity race fix (#6106) 2019-01-25 14:08:42 -05:00
Thomas L. Kula 319324f731 Incredibly tiny comment fix on secret.go (#6078) 2019-01-21 16:57:39 -05:00
Jim Kalafut 0374a1ed6d
Add Sprintf capability to logical.ErrorResponse (#6076)
Roughly 25% of calls to logical.ErrorResponse() include an inner fmt.Sprintf() call.
This PR would simplify these cases:

`return logical.ErrorResponse(fmt.Sprintf("unable to read role '%s'", role))`

  could become

`return logical.ErrorResponse("unable to read role '%s'", role)`

With only a single parameter passed in, behavior is unchanged.
2019-01-18 15:12:38 -08:00
Jim Kalafut 84fe48b6f9
Support for AllowedValues in FieldSchema (#6008)
Currently used for enum output in OpenAPI.
2019-01-08 16:50:24 -08:00
Jim Kalafut d0e2badbae Run goimports across the repository (#6010)
The result will still pass gofmtcheck and won't trigger additional
changes if someone isn't using goimports, but it will avoid the
piecemeal imports changes we've been seeing.
2019-01-08 16:48:57 -08:00
Jim Kalafut 347d481930
Add tests for OpenAPI operation ids (#5998) 2019-01-04 11:46:54 -08:00
Jeff Mitchell cb1a686e3b
Strip empty strings from database revocation stmts (#5955)
* Strip empty strings from database revocation stmts

It's technically valid to give empty strings as statements to run on
most databases. However, in the case of revocation statements, it's not
only generally inadvisable but can lead to lack of revocations when you
expect them. This strips empty strings from the array of revocation
statements.

It also makes two other changes:

* Return statements on read as empty but valid arrays rather than nulls,
so that typing information is inferred (this is more in line with the
rest of Vault these days)

* Changes field data for TypeStringSlice and TypeCommaStringSlice such
that a client-supplied value of `""` doesn't turn into `[]string{""}`
but rather `[]string{}`.

The latter and the explicit revocation statement changes are related,
and defense in depth.
2018-12-14 09:12:26 -05:00
Jim Kalafut 5687892530
Add operationId field to OpenAPI output (#5876)
Fixes #5842
2018-12-12 13:59:23 -08:00
Brian Kassouf 4fa5580383
fix panic when listing nil resp (#5886) 2018-12-03 09:18:28 -08:00
Becca Petrin 7bd22e6779
Run all builtins as plugins (#5536) 2018-11-06 17:21:24 -08:00
Jim Kalafut 959ed289c7
Update OpenAPI path parsing of alternation parameters (#5710)
This will handle patterns of the form:
  `^plugins/catalog/(?P<type>auth|database|secret)/(?P<name>.+)$`
2018-11-06 15:04:30 -08:00
Jim Kalafut 8ac04495d3
Framework and API changes to support OpenAPI (#5546) 2018-11-05 12:24:39 -08:00
Vishal Nayak 332e32294a
Remove namespace.TestContext and namespace.TestNamespace (#5682) 2018-11-05 11:11:32 -05:00
Vishal Nayak 142a944bfd
Allow @ to be part of key name in TOTP secret engine (#5652)
* Allow @ to be part of key name in TOTP secret engine

* Allow @ for key name while generating the code
2018-10-31 12:57:18 -04:00
Jeff Mitchell 3c1a82e60c
Add token type to sentinel docs, fix up some names, and better codify what Sentinel reports for various token types (#5630) 2018-10-27 11:07:27 -07:00
Matthew Irish 8073ebcd1e Merge branch 'oss-master' into 1.0-beta-oss 2018-10-19 20:40:36 -05:00
Brian Kassouf e943a60041
Plugin version negotiation (#5434)
* Plugin version updates

* Update datatbase plugins

* Revert netRPC deletions

* Revert netRPC deletions

* Update plugins to serve both versions

* Update database plugins

* Add Initialize back in

* revert pointer changes

* Add deprecation warning

* Update tests

* Update go-plugin

* Review Feedback
2018-10-19 15:56:17 -07:00
Jeff Mitchell 224fbd4a88 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-16 10:08:03 -04:00
Calvin Leung Huang 799e5d6bde
Update field data behavior (#5489)
* Update Get and getPrimitive to correctly handle nil and error values

* Return empty slice on zero length decode result
2018-10-15 10:36:13 -07:00
Jeff Mitchell a64fc7d7cb
Batch tokens (#755) 2018-10-15 12:56:24 -04:00
Joel Thompson 73112c49fb logical/aws: Harden WAL entry creation (#5202)
* logical/aws: Harden WAL entry creation

If AWS IAM user creation failed in any way, the WAL corresponding to the
IAM user would get left around and Vault would try to roll it back.
However, because the user never existed, the rollback failed. Thus, the
WAL would essentially get "stuck" and Vault would continually attempt to
roll it back, failing every time. A similar situation could arise if the
IAM user that Vault created got deleted out of band, or if Vault deleted
it but was unable to write the lease revocation back to storage (e.g., a
storage failure).

This attempts to harden it in two ways. One is by deleting the WAL log
entry if the IAM user creation fails. However, the WAL deletion could
still fail, and this wouldn't help where the user is deleted out of
band, so second, consider the user rolled back if the user just doesn't
exist, under certain circumstances.

Fixes #5190

* Fix segfault in expiration unit tests

TestExpiration_Tidy was passing in a leaseEntry that had a nil Secret,
which then caused a segfault as the changes to revokeEntry didn't check
whether Secret was nil; this is probably unlikely to occur in real life,
but good to be extra cautious.

* Fix potential segfault

Missed the else...

* Respond to PR feedback
2018-09-27 09:54:59 -05:00
Jeff Mitchell 33065a60db Fix compilation/protobuf 2018-09-22 17:58:39 -04:00
andrejvanderzee dc6ea9ecbb Fix for using ExplicitMaxTTL in auth method plugins. (#5379)
* Fix for using ExplicitMaxTTL in auth method plugins.

* Reverted pb.go files for readability of PR.

* Fixed indenting of comment.

* Reverted unintended change by go test.
2018-09-21 14:31:29 -07:00
Jeff Mitchell 9a24242cd1 BoundCidrs -> BoundCIDRs 2018-09-20 12:45:49 -04:00
Clint 5882156f53
Translate AWS Rate limiting errors to 502 errors (#5270)
* Initial implemntation of returning 529 for rate limits

- bump aws iam and sts packages to v1.14.31 to get mocking interface
- promote the iam and sts clients to the aws backend struct, for mocking in tests
- this also promotes some functions to methods on the Backend struct, so
  that we can use the injected client

Generating creds requires reading config/root for credentials to contact
IAM. Here we make pathConfigRoot a method on aws/backend so we can clear
the clients on successful update of config/root path. Adds a mutex to
safely clear the clients

* refactor locking and unlocking into methods on *backend

* refactor/simply the locking

* check client after grabbing lock
2018-09-18 15:26:06 -05:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Clint Shryock 80b4ae26a4
Add error logical.ErrUpstreamRateLimited and return 502 from RespondCommonError 2018-09-05 11:07:50 -05:00
Jeff Mitchell 7191bca71a
Re-add injecting into top routes (#5244) 2018-09-05 11:45:17 -04:00
Jeff Mitchell 05a896703c Move sort from listresponse to file backend to solve 5141 2018-08-24 13:37:15 -04:00
Jeff Mitchell 0d0d9b029c
Order list responses (#5178)
We do this already in the CLI, but because we do it there the UI doesn't
have ordered responses.

We could put it in the UI, but it seems like we might as well just make
it nice for all API users.

Fixes #5141
2018-08-24 13:31:28 -04:00
Jeff Mitchell f1d72abb39 Remove injection into top routes (#5101) 2018-08-14 15:29:22 -04:00
Becca Petrin 4e7237178f
Add a header type field (#4993) 2018-08-13 11:02:44 -07:00
Jeff Mitchell 24cb96a9c6 Port over ns identity proto info 2018-08-10 12:45:34 -04:00
Jim Kalafut 4bdbc820ed
Add PluginEnv to SystemView (#5028) 2018-08-03 09:32:17 -07:00
Jeff Mitchell 4261618d10 Add request timeouts in normal request path and to expirations (#4971)
* Add request timeouts in normal request path and to expirations

* Add ability to adjust default max request duration

* Some test fixes

* Ensure tests have defaults set for max request duration

* Add context cancel checking to inmem/file

* Fix tests

* Fix tests

* Set default max request duration to basically infinity for this release for BC

* Address feedback
2018-07-24 14:50:49 -07:00
Jeff Mitchell caa5661031
Pass identity metadata through to plugins (#4967)
It's not obvious why this should be secret, and if it were considered
secret, when and what anything would ever be allowed to access it.
Likely the right way to tie secret values to particular
entities/aliases/groups would be to use the upcoming templated ACL
feature.
2018-07-23 12:45:06 -04:00
Brian Kassouf a2fecd6c49 plugins: Allow the server to receive large messages (#4958) 2018-07-20 14:11:00 -04:00
Becca Petrin 0918c8246a Disallow negative TypeDurationSecond (#4910)
* add mount ttl helper

* disallow negative TypeDurationSecond values
2018-07-17 17:46:03 -07:00
Jeff Mitchell cd51a769ca Fix tests 2018-07-12 10:18:50 -04:00
Jeff Mitchell 98bf463a65 Make single-lease revocation behave like expiration (#4883)
This change makes it so that if a lease is revoked through user action,
we set the expiration time to now and update pending, just as we do with
tokens. This allows the normal retry logic to apply in these cases as
well, instead of just erroring out immediately. The idea being that once
you tell Vault to revoke something it should keep doing its darndest to
actually make that happen.
2018-07-11 15:45:35 -04:00
Jeff Mitchell 28890ee198 Make proto
It appears the only thing that actually change is that the tag got
`proto3` values added.
2018-07-10 20:49:48 -04:00
Seth Vargo bda3d3e92a Handle multierr when altering response codes (#4881) 2018-07-09 13:08:44 -07:00
Becca Petrin 73cbbe2a9f Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00