mirror of
https://github.com/hashicorp/vault.git
synced 2026-02-20 00:13:53 -05:00
Fix some merge/update bugs
This commit is contained in:
Jeff Mitchell
parent
98168dc791
commit
9cedc9aecc
8 changed files with 37 additions and 54 deletions
|
|
@ -16,11 +16,11 @@ const (
|
|||
|
||||
// TypeSlice represents a slice of any type
|
||||
TypeSlice
|
||||
|
||||
|
||||
// TypeStringSlice is a helper for TypeSlice that returns a sanitized
|
||||
// slice of strings
|
||||
TypeStringSlice
|
||||
|
||||
|
||||
// TypeCommaStringSlice is a helper for TypeSlice that returns a sanitized
|
||||
// slice of strings and also supports parsing a comma-separated list in
|
||||
// a string field
|
||||
|
|
|
|||
|
|
@ -108,9 +108,9 @@ type Lock interface {
|
|||
|
||||
// Entry is used to represent data stored by the physical backend
|
||||
type Entry struct {
|
||||
Key string
|
||||
Value []byte
|
||||
SealWrap bool `json:"seal_wrap,omitempty"`
|
||||
Key string
|
||||
Value []byte
|
||||
SealWrap bool `json:"seal_wrap,omitempty"`
|
||||
}
|
||||
|
||||
// Factory is the factory function to create a physical backend.
|
||||
|
|
|
|||
|
|
@ -52,9 +52,9 @@ TxnWalk:
|
|||
rollbackEntry := &TxnEntry{
|
||||
Operation: PutOperation,
|
||||
Entry: &Entry{
|
||||
Key: entry.Key,
|
||||
Value: entry.Value,
|
||||
SealWrap: entry.SealWrap,
|
||||
Key: entry.Key,
|
||||
Value: entry.Value,
|
||||
SealWrap: entry.SealWrap,
|
||||
},
|
||||
}
|
||||
err = t.DeleteInternal(txn.Entry.Key)
|
||||
|
|
@ -85,9 +85,9 @@ TxnWalk:
|
|||
rollbackEntry = &TxnEntry{
|
||||
Operation: PutOperation,
|
||||
Entry: &Entry{
|
||||
Key: entry.Key,
|
||||
Value: entry.Value,
|
||||
SealWrap: entry.SealWrap,
|
||||
Key: entry.Key,
|
||||
Value: entry.Value,
|
||||
SealWrap: entry.SealWrap,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -441,7 +441,7 @@ func (c *Core) setupCredentials() error {
|
|||
// Create a barrier view using the UUID
|
||||
viewPath := credentialBarrierPrefix + entry.UUID + "/"
|
||||
view = NewBarrierView(c.barrier, viewPath)
|
||||
// Initialize the backend
|
||||
// Initialize the backend
|
||||
sysView := c.mountEntrySysView(entry)
|
||||
conf := make(map[string]string)
|
||||
if entry.Config.PluginName != "" {
|
||||
|
|
@ -464,9 +464,9 @@ func (c *Core) setupCredentials() error {
|
|||
}
|
||||
|
||||
// Check for the correct backend type
|
||||
backendType := backend.Type()
|
||||
if entry.Type == "plugin" && backendType != logical.TypeCredential {
|
||||
return fmt.Errorf("cannot mount '%s' of type '%s' as an auth backend", entry.Config.PluginName, backendType)
|
||||
backendType := backend.Type()
|
||||
if entry.Type == "plugin" && backendType != logical.TypeCredential {
|
||||
return fmt.Errorf("cannot mount '%s' of type '%s' as an auth backend", entry.Config.PluginName, backendType)
|
||||
}
|
||||
|
||||
if err := backend.Initialize(); err != nil {
|
||||
|
|
|
|||
|
|
@ -298,6 +298,6 @@ func (c *Core) UnsealWithStoredKeys() error {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import (
|
|||
"github.com/hashicorp/vault/helper/wrapping"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
log "github.com/mgutz/logxi/v1"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
|
|
@ -53,8 +54,8 @@ var (
|
|||
|
||||
func NewSystemBackend(core *Core) *SystemBackend {
|
||||
b := &SystemBackend{
|
||||
Core: core,
|
||||
logger: core.logger,
|
||||
Core: core,
|
||||
logger: core.logger,
|
||||
}
|
||||
|
||||
b.Backend = &framework.Backend{
|
||||
|
|
@ -609,12 +610,6 @@ func NewSystemBackend(core *Core) *SystemBackend {
|
|||
HelpDescription: strings.TrimSpace(sysHelp["policy"][1]),
|
||||
},
|
||||
|
||||
},
|
||||
|
||||
HelpSynopsis: strings.TrimSpace(sysHelp["policy"][0]),
|
||||
HelpDescription: strings.TrimSpace(sysHelp["policy"][1]),
|
||||
},
|
||||
|
||||
&framework.Path{
|
||||
Pattern: "seal-status$",
|
||||
HelpSynopsis: strings.TrimSpace(sysHelp["seal-status"][0]),
|
||||
|
|
@ -724,20 +719,6 @@ func NewSystemBackend(core *Core) *SystemBackend {
|
|||
HelpDescription: strings.TrimSpace(sysHelp["rotate"][1]),
|
||||
},
|
||||
|
||||
/*
|
||||
// Disabled for the moment as we don't support this externally
|
||||
&framework.Path{
|
||||
Pattern: "wrapping/pubkey$",
|
||||
|
||||
Callbacks: map[logical.Operation]framework.OperationFunc{
|
||||
logical.ReadOperation: b.handleWrappingPubkey,
|
||||
},
|
||||
|
||||
HelpSynopsis: strings.TrimSpace(sysHelp["wrappubkey"][0]),
|
||||
HelpDescription: strings.TrimSpace(sysHelp["wrappubkey"][1]),
|
||||
},
|
||||
*/
|
||||
|
||||
&framework.Path{
|
||||
Pattern: "wrapping/wrap$",
|
||||
|
||||
|
|
@ -911,13 +892,13 @@ func NewSystemBackend(core *Core) *SystemBackend {
|
|||
Type: framework.TypeString,
|
||||
Default: "sha2-256",
|
||||
Description: `Algorithm to use (POST body parameter). Valid values are:
|
||||
|
||||
* sha2-224
|
||||
* sha2-256
|
||||
* sha2-384
|
||||
* sha2-512
|
||||
|
||||
Defaults to "sha2-256".`,
|
||||
|
||||
* sha2-224
|
||||
* sha2-256
|
||||
* sha2-384
|
||||
* sha2-512
|
||||
|
||||
Defaults to "sha2-256".`,
|
||||
},
|
||||
|
||||
"urlalgorithm": &framework.FieldSchema{
|
||||
|
|
@ -939,6 +920,7 @@ func NewSystemBackend(core *Core) *SystemBackend {
|
|||
HelpSynopsis: strings.TrimSpace(sysHelp["hash"][0]),
|
||||
HelpDescription: strings.TrimSpace(sysHelp["hash"][1]),
|
||||
},
|
||||
|
||||
&framework.Path{
|
||||
Pattern: "tools/random" + framework.OptionalParamRegex("urlbytes"),
|
||||
Fields: map[string]*framework.FieldSchema{
|
||||
|
|
@ -1004,8 +986,8 @@ func NewSystemBackend(core *Core) *SystemBackend {
|
|||
// prefix. Conceptually it is similar to procfs on Linux.
|
||||
type SystemBackend struct {
|
||||
*framework.Backend
|
||||
Core *Core
|
||||
logger log.Logger
|
||||
Core *Core
|
||||
logger log.Logger
|
||||
}
|
||||
|
||||
// handleCORSRead returns the current CORS configuration
|
||||
|
|
@ -2087,6 +2069,9 @@ func (b *SystemBackend) handlePoliciesRead(policyType PolicyType) func(*logical.
|
|||
"policy": policy.Raw,
|
||||
},
|
||||
}
|
||||
|
||||
return resp, nil
|
||||
}
|
||||
}
|
||||
|
||||
// handlePolicyRead handles the "policy/<name>" endpoint to read a policy
|
||||
|
|
@ -2142,7 +2127,6 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) func(*logical.R
|
|||
}
|
||||
policy.Paths = p.Paths
|
||||
|
||||
|
||||
default:
|
||||
return logical.ErrorResponse("unknown policy type"), nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -80,13 +80,12 @@ var (
|
|||
// Policy is used to represent the policy specified by
|
||||
// an ACL configuration.
|
||||
type Policy struct {
|
||||
Name string `hcl:"name"`
|
||||
Paths []*PathRules `hcl:"-"`
|
||||
Raw string
|
||||
Type PolicyType
|
||||
Name string `hcl:"name"`
|
||||
Paths []*PathRules `hcl:"-"`
|
||||
Raw string
|
||||
Type PolicyType
|
||||
}
|
||||
|
||||
|
||||
// PathRules represents a policy for a path in the namespace.
|
||||
type PathRules struct {
|
||||
Prefix string
|
||||
|
|
|
|||
|
|
@ -331,7 +331,7 @@ func (c *Core) handleLoginRequest(req *logical.Request) (retResp *logical.Respon
|
|||
defer metrics.MeasureSince([]string{"core", "handle_login_request"}, time.Now())
|
||||
|
||||
req.Unauthenticated = true
|
||||
|
||||
|
||||
var auth *logical.Auth
|
||||
// Create an audit trail of the request, auth is not available on login requests
|
||||
// Create an audit trail of the request. Attach auth if it was returned,
|
||||
|
|
|
|||
Loading…
Reference in a new issue