Commit graph

74 commits

Author SHA1 Message Date
Jeff Mitchell 03b3914151 Fix fmt 2018-05-11 11:50:10 -04:00
Robbie McKinstry 9765779622 Client side rate limiting (#4421) 2018-05-11 10:42:06 -04:00
Jeff Mitchell af802275bd
Fix response wrapping from K/V version 2 (#4511)
This takes place in two parts, since working on this exposed an issue
with response wrapping when there is a raw body set. The changes are (in
diff order):

* A CurrentWrappingLookupFunc has been added to return the current
value. This is necessary for the lookahead call since we don't want the
lookahead call to be wrapped.

* Support for unwrapping < 0.6.2 tokens via the API/CLI has been
removed, because we now have backends returning 404s with data and can't
rely on the 404 trick. These can still be read manually via
cubbyhole/response.

* KV preflight version request now ensures that its calls is not
wrapped, and restores any given function after.

* When responding with a raw body, instead of always base64-decoding a
string value and erroring on failure, on failure we assume that it
simply wasn't a base64-encoded value and use it as is.

* A test that fails on master and works now that ensures that raw body
responses that are wrapped and then unwrapped return the expected
values.

* A flag for response data that indicates to the wrapping handling that
the data contained therein is already JSON decoded (more later).

* RespondWithStatusCode now defaults to a string so that the value is
HMAC'd during audit. The function always JSON encodes the body, so
before now it was always returning []byte which would skip HMACing. We
don't know what's in the data, so this is a "better safe than sorry"
issue. If different behavior is needed, backends can always manually
populate the data instead of relying on the helper function.

* We now check unwrapped data after unwrapping to see if there were raw
flags. If so, we try to detect whether the value can be unbase64'd. The
reason is that if it can it was probably originally a []byte and
shouldn't be audit HMAC'd; if not, it was probably originally a string
and should be. In either case, we then set the value as the raw body and
hit the flag indicating that it's already been JSON decoded so not to
try again before auditing. Doing it this way ensures the right typing.

* There is now a check to see if the data coming from unwrapping is
already JSON decoded and if so the decoding is skipped before setting
the audit response.
2018-05-10 15:40:03 -04:00
Jeff Mitchell aa80a7e502 Change retry timing to be a little less long 2018-05-09 18:33:51 -04:00
Jeff Mitchell 6d9fce63c6 Adjust MaxRetries for retryablehttp 2018-05-09 18:24:41 -04:00
Jeff Mitchell 2dc9276e4c Update go-retryablehttp and use PassthroughErrorHandler 2018-05-09 18:11:08 -04:00
Jeff Mitchell 7f886b5675 Update go-retryablehttp vendor 2018-05-09 17:44:53 -04:00
Vishal Nayak 28e3eb9e2c
Errwrap everywhere (#4252)
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
2018-04-05 11:49:21 -04:00
Jeff Mitchell bab8db3328
Don't allow non-printable characters in the API client's token (#3841) 2018-01-24 19:57:49 -05:00
Jeff Mitchell 8efa6756c3
Make -client-cert and -client-key work when the server doesn't know (#3568)
about the CA used to sign the cert.

Stop swallowing an error in meta.

Fixes #2946
2017-11-10 18:16:50 -05:00
Jeff Mitchell 0798ccdd7c Populate config error in three node test function 2017-11-10 17:44:25 -05:00
Jeff Mitchell 7e80b4b7ad
Minor client refactoring (#3539) 2017-11-06 12:06:19 -05:00
Jeff Mitchell d229d7d5b0
Redo API locking (#3508)
* Redo the API client quite a bit to make the behavior of NewClient more
predictable and add locking to make it safer to use with Clone() and if
multiple goroutines for some reason decide to change things.

Along the way I discovered that currently, the x/net/http2 package is
broke with the built-in h2 support in released Go. For those using
DefaultConfig (the vast majority of cases) this will be a non-event.
Others can manually call http2.ConfigureTransport as needed. We should
keep an eye on commits on that repo and consider more updates before
release. Alternately we could go back revisions but miss out on bug
fixes; my theory is that this is not a purposeful break and I'll be
following up on this in the Go issue tracker.

In a few tests that don't use NewTestCluster, either for legacy or other
reasons, ensure that http2.ConfigureTransport is called.

* Use tls config cloning

* Don't http2.ConfigureServer anymore as current Go seems to work properly without requiring the http2 package

* Address feedback
2017-11-02 09:30:04 -05:00
Jeff Mitchell 08d9353c60 Only call ConfigureTransport if "h2" is not already in NextProtos.
Fixes #3435
2017-10-27 14:08:30 -04:00
Jeff Mitchell 8e271dcbdc More syncing 2017-10-23 16:52:56 -04:00
Billie Cleek 3033a7beb6 do not panic when Client.Transport is not *http.Transport (#3440) 2017-10-10 08:46:54 -04:00
Jeff Mitchell 3cf4e3e142 Fix panic when setting a client http client with no transport (#3437)
Fixes #3436
2017-10-09 08:49:20 -04:00
Marcus Söderberg 3d00731fda Add http headers to the api client (#3394) 2017-10-06 14:27:58 -04:00
Jeff Mitchell d2410e3399 gofmt 2017-08-02 19:38:35 -04:00
nrhall-deshaw 888e1e3859 Add SRV record functionality for client side host/port discovery of Vault (#3035)
* added SRV record functionality for client side port discovery of Vault

* Add a check on returned address length
2017-08-02 19:19:06 -04:00
Gobin Sougrakpam 2ddbc4a939 Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 09:48:31 -04:00
Seth Vargo 084064389e Add a convenience function for copying a client (#2887) 2017-06-20 04:08:15 +01:00
emily aa40d2cff6 add gofmt checks to Vault and format existing code (#2745) 2017-05-19 08:34:17 -04:00
Lee Avital bf34484d9d Respect the configured address's path in the client (#2588) 2017-04-13 14:06:38 -04:00
pkrolikowski 0fb75d9e89 Pass user/pass for HTTP Basic Authentication in URL parameters (#2469) 2017-03-10 07:19:23 -05:00
Jeff Mitchell 5ef2b0145b Add ability to set max retries to API 2017-03-01 12:24:08 -05:00
Jordan Abderrachid fa77e7cfa2 api: add EnvVaultToken constant. (#2413) 2017-02-27 18:36:21 -05:00
Jeff Mitchell 2cc0906b33 Fix breakage for HTTP2 support due to changes in wrapping introduced in 1.8 (#2412) 2017-02-27 12:49:35 -05:00
Jason Felice ec10a9171d ConfigureTLS() sets default HttpClient if nil (#2329) 2017-02-06 17:47:56 -05:00
Vishal Nayak ad09acb479 Use Vault client's scheme for auto discovery (#2146) 2016-12-02 11:24:57 -05:00
Jeff Mitchell 97ca3292a4 Set number of pester retries to zero by default and make seal command… (#2093)
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500

* Fix build

* Use 403 instead and update test

* Change another 500 to 403
2016-11-16 14:08:09 -05:00
Jeff Mitchell b45a481365 Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell 9c33224928 Don't retry on redirections. 2016-08-12 15:13:42 -04:00
vishalnayak ff22640015 Use default config and read environment by default while creating client object 2016-08-12 11:37:13 -04:00
Alex Dadgar 92ede0db17 Address comments 2016-08-02 13:17:45 -07:00
Alex Dadgar f5d56ad8f8 Refactor the TLS configuration between meta.Client and the api.Config 2016-07-27 17:26:26 -07:00
Jeff Mitchell a6682405a3 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Jeff Mitchell 7023eafc67 Make the API client retry on 5xx errors.
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.

Fix tests.
2016-07-06 16:50:23 -04:00
Jeff Mitchell 05b2d4534c Add unwrap test function and some robustness around paths for the wrap lookup function 2016-05-19 11:49:46 -04:00
Jeff Mitchell c4431a7e30 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell 99a5b4402d Merge branch 'master-oss' into cubbyhole-the-world 2016-05-04 14:42:14 -04:00
Jeff Mitchell 45a120f491 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell 1ffd5653c6 Add wrap support to API/CLI 2016-05-02 02:03:23 -04:00
Robert M. Thomson 024407518b Add VAULT_TLS_SERVER_NAME environment variable
If specified, verify a specific server name during TLS negotiation
rather than the server name in the URL.
2016-02-25 17:28:49 +01:00
Jeff Mitchell 32e23bea71 Move environment variable reading logic to API.
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell 22c65c0c07 Use cleanhttp instead of bare http.Client 2015-10-22 14:37:12 -04:00
Jeff Mitchell cba4e82682 Don't use http.DefaultClient
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
2015-10-15 17:54:00 -04:00
Jeff Mitchell b5d674d94e Add 301 redirect checking to the API client.
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
2015-10-09 17:11:31 -04:00
Dejan Golja 87c84db51b Increase default timeout to 30s which should allow for any operation
to complete.
2015-10-09 00:53:35 +11:00