Commit graph

1491 commits

Author SHA1 Message Date
Jeff Mitchell 98bf463a65 Make single-lease revocation behave like expiration (#4883)
This change makes it so that if a lease is revoked through user action,
we set the expiration time to now and update pending, just as we do with
tokens. This allows the normal retry logic to apply in these cases as
well, instead of just erroring out immediately. The idea being that once
you tell Vault to revoke something it should keep doing its darndest to
actually make that happen.
2018-07-11 15:45:35 -04:00
Jeff Mitchell 8a9957fa4c
Add control group request endpoint to default policy (#4904) 2018-07-11 12:46:30 -04:00
Jeff Mitchell 28890ee198 Make proto
It appears the only thing that actually change is that the tag got
`proto3` values added.
2018-07-10 20:49:48 -04:00
Jeff Mitchell 3885365757 Fix race in exp tidy test 2018-07-06 17:01:02 -04:00
Jeff Mitchell 4a3fe87a39
Allow max request size to be user-specified (#4824)
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Jeff Mitchell 8f45bc69ba Fix tuning visibility in CLI (#4827)
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
2018-07-02 12:13:25 -04:00
Brian Kassouf 3a5d5cb872
Use run groups to manage HA go routines (#4671)
* Use rungroups to spinoff standby go routines

* Update comments
2018-06-29 16:23:52 -07:00
Brian Kassouf 4ede13c91f
HA: Bump the max send/recv size for the gRPC server (#4844) 2018-06-29 09:52:23 -07:00
Vishal Nayak ec42bc1514
avoid panic (#4841) 2018-06-27 10:16:12 -04:00
vishalnayak 235b29f1d3 Add back upsertEntityNonLocked 2018-06-24 07:54:00 -04:00
Vishal Nayak 57c7ecfcd4
Identity: Remove unused MemDB indexes and unused functions (#4817)
* refactor delete utility

* refactor delete alias utility

* remove MemDBUpsertAlias

* Remove MemDBAliasByCanonicalID

* remove MemDBAliasesByMetadata

* remove MemDBDeleteAliasByID

* Remove MemDBUpsertEntity and MemDBEntityByNameInTxn

* Remove is.MemDBEntitiesByBucketEntryKeyHash

* Remove MemDBEntitiesByBucketEntryKeyHash and MemDBEntityByMergedEntityID

* Remove MemDBEntities

* Remove validateMemberGroupID

* Remove validateEntityID, validateGroupID, deleteAliasFromEntity

* Remove updateAliasInEntity

* Remove satisfiesMetadataFilters and UpsertGroup

* Remove MemDBUpsertGroup

* Remove deleteGroupByID

* Remove deleleGroupByName

* Remove MemDBDeleteGroupByNameInTxn

* Remove MemDBGroupsByPolicy and MemDBGroupsByPolicyInTxn

* Remove MemDBGroupIterator

* Remove MemDBGroupsByBucketEntryKeyHash

* Remove deleteGroupAlias

* Remove metadata index from entities table

* Remove unneeded indexes from entity alias and group alias schema

* Remove unneeded index from groups table schema

* Fix test

* s/entity/lockEntity

* Don't expose the memdb instance outside identity store

* More txn.Abort() corrections

* switch back to deferring abort calls
2018-06-24 07:45:53 -04:00
Jeff Mitchell c6180c57c8
Check for nil value in BarrierView.Put (#4804)
Fixes #4802
2018-06-20 09:32:06 -04:00
Vishal Nayak b10c2a87fa Refactor and rewrite the test (#4796) 2018-06-19 16:59:03 -04:00
Vishal Nayak 0d8f424ab4
disallow token use if entity is invalid (#4791) 2018-06-19 12:57:19 -04:00
Jeff Mitchell e52b554c0b
Add an idle timeout for the server (#4760)
* Add an idle timeout for the server

Because tidy operations can be long-running, this also changes all tidy
operations to behave the same operationally (kick off the process, get a
warning back, log errors to server log) and makes them all run in a
goroutine.

This could mean a sort of hard stop if Vault gets sealed because the
function won't have the read lock. This should generally be okay
(running tidy again should pick back up where it left off), but future
work could use cleanup funcs to trigger the functions to stop.

* Fix up tidy test

* Add deadline to cluster connections and an idle timeout to the cluster server, plus add readheader/read timeout to api server
2018-06-16 18:21:33 -04:00
Wim 3e1930e7c3 Use %q in error output for better visibility (#4771) 2018-06-14 18:19:22 -04:00
Jeff Mitchell 75eb0f862e
Revert some of commit 050ab805a7565c5b0cadb0176023031ee5f0d17b. (#4768)
If we have a panic defer functions are run but unlocks aren't. Since we
can't really trust plugins and storage, this backs out the changes for
those parts of the request path.
2018-06-14 13:44:13 -04:00
Jeff Mitchell 5d44c54947
Changes the way policies are reported in audit logs (#4747)
* This changes the way policies are reported in audit logs.

Previously, only policies tied to tokens would be reported. This could
make it difficult to perform after-the-fact analysis based on both the
initial response entry and further requests. Now, the full set of
applicable policies from both the token and any derived policies from
Identity are reported.

To keep things consistent, token authentications now also return the
full set of policies in api.Secret.Auth responses, so this both makes it
easier for users to understand their actual full set, and it matches
what the audit logs now report.
2018-06-14 09:49:33 -04:00
Jeff Mitchell 0c2d2226c4
Remove a lot of deferred functions in the request path. (#4733)
* Remove a lot of deferred functions in the request path.

There is an interesting benchmark at https://www.reddit.com/r/golang/comments/3h21nk/simple_micro_benchmark_to_measure_the_overhead_of/

It shows that defer actually adds quite a lot of overhead -- maybe 100ns
per call but we defer a *lot* of functions in the request path. So this
removes some of the ones in request handling, ha, barrier, router, and
physical cache.

One meta-note: nearly every metrics function is in a defer which means
every metrics call we add could add a non-trivial amount of time, e.g.
for every 10 extra metrics statements we add 1ms to a request. I don't
know how to solve this right now without doing what I did in some of
these cases and putting that call into a simple function call that then
goes before each return.

* Simplify barrier defer cleanup
2018-06-14 09:49:10 -04:00
Calvin Leung Huang c4abeb9ea5
Move checkHCLKeys into hclutil (#4749) 2018-06-12 12:38:08 -04:00
Jeff Mitchell 45da5a45ba
Store lease times suitable for export in pending (#4730)
* Store lease times suitable for export in pending

This essentially caches lease information for token lookups, preventing
going to disk over and over.

* Simplify logic
2018-06-11 11:58:56 -04:00
Jeff Mitchell f23ff11abe Fast-path root 2018-06-09 17:41:46 -04:00
Jeff Mitchell d3cbde6ae2 Fix nil pointer 2018-06-09 16:57:57 -04:00
Jeff Mitchell 8916f6b625
Some atomic cleanup (#4732)
Taking inspiration from
https://github.com/golang/go/issues/17604#issuecomment-256384471
suggests that taking the address of a stack variable for use in atomics
works (at least, the race detector doesn't complain) but is doing it
wrong.

The only other change is a change in Leader() detecting if HA is enabled
to fast-path out. This value never changes after NewCore, so we don't
need to grab the read lock to check it.
2018-06-09 15:35:22 -04:00
Jeff Mitchell e461b945a5 Add a test for nil-ing out request tokenentry 2018-06-08 19:55:39 -04:00
Jeff Mitchell 743e31202d Don't pass te to backends 2018-06-08 17:53:28 -04:00
Jeff Mitchell be64c859e1
Make sure updating pending and storage are done as a group (#4727) 2018-06-08 17:24:44 -04:00
Jeff Mitchell 575a606db7
Move TokenEntry into logical. (#4729)
This allows the HTTP logicalAuth handler to cache the value in the
logical.Request, avoiding a lookup later when performing acl
checks/counting a use.
2018-06-08 17:24:27 -04:00
Jeff Mitchell 5207099042 Offline token revocation fix 2018-06-05 18:53:27 -04:00
Jeff Mitchell e294e8666b
Fix panic if passing "rules" via sys/policies/acl (#4705) 2018-06-05 13:01:55 -04:00
Chris Hoffman 5344b7c5ae
adding option go_package to protos (#4687)
* adding option go_package to protos

* switching proto output dir to relative paths
2018-06-04 10:19:26 -04:00
Chris Hoffman 09f3a62be9
Add entity information request to system view (#4681)
* Add entity information request to system view

* fixing a few comments

* sharing types between plugin and logical

* sharing types between plugin and logical

* fixing output directory for proto

* removing extra replacement

* adding mount type lookup

* empty entities return nil instead of error

* adding some comments
2018-06-03 20:48:12 -04:00
Calvin Leung Huang 36db9818ab
Use same handlers for sys policy and policies endpoints (#4677)
* Use same handlers for sys policy and policies endpoints

* Remove fmt.Println
2018-06-01 12:11:33 -04:00
Vishal Nayak 9aca33487e
Passthrough EntityID to backends (#4663)
* passthrough entity id

* address review feedback
2018-05-31 10:18:34 -04:00
Brian Kassouf 05b46def62
Cleanup core.go and break out HA functionality (#4661) 2018-05-30 17:30:50 -07:00
Jeff Mitchell 52ab8f50ea Give the token store revoke-self test more breathing room as Travis timings are too tight 2018-05-30 08:41:55 -04:00
Jeff Mitchell d9150969af Re-add removed check between shares/threshold 2018-05-29 18:38:14 -04:00
Brian Kassouf 893d874291 Update proto files (#4651) 2018-05-29 18:23:51 -04:00
Jeff Mitchell 4b1eb2805a Fix rekey tests 2018-05-29 18:02:13 -04:00
Jeff Mitchell bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification
Rekey verification, allowing new key shares to be confirmed before committing the new key.
2018-05-29 15:00:07 -04:00
Jeff Mitchell 3274d44012
Add num_member_entities and num_parent_groups to key_info in group listing (#4648) 2018-05-29 14:58:23 -04:00
Jeff Mitchell c53717ba1c Fix panic and update some text 2018-05-29 13:13:47 -04:00
Jeff Mitchell 2d05e072b9 Fix a null pointer and update status threshold 2018-05-29 12:04:30 -04:00
Jeff Mitchell bd0ac25eb9
Merge branch 'master' into rekey-verification 2018-05-29 10:19:57 -04:00
Jeff Mitchell 14b65ff4db
Builds on top of #4600 to provide CLI support (#4605) 2018-05-28 00:39:53 -04:00
Jeff Mitchell 8231825cd1 Give more time for the self revocation test to run 2018-05-25 15:24:06 -04:00
Jeff Mitchell 835b355489
Add key information to list endpoints in identity. (#4634)
* Add key information to list endpoints in identity.

Also fixes some bugs from before where we were persisting data that we
should not have been (mount type/path).

* Add cached lookups of real time mount info
2018-05-25 14:34:24 -04:00
Martin a259c16c8b Typo in Visibility + Add accepted values in Description (#4638) 2018-05-25 13:39:35 -04:00
Brian Kassouf 248b988586
Add debug comment when singleton reload is skipped (#4625) 2018-05-23 17:52:11 -07:00
Brian Kassouf 210df327d1
ui/mounts: Add a better error message when permission is denied (#4624)
* ui/mounts: Add a better error message when permission is denied

* Update logical_system.go
2018-05-23 17:47:54 -07:00