From 5c65bc7df24d4daf28fbae48e8fb7c5f45498125 Mon Sep 17 00:00:00 2001 From: Ryan Uber Date: Tue, 7 Jul 2015 10:36:51 -0600 Subject: [PATCH] agent: write-level keyring ACLs work --- command/agent/keyring.go | 9 ++++++--- command/agent/rpc.go | 6 +++--- command/agent/rpc_client.go | 9 ++++++--- command/keyring.go | 6 +++--- 4 files changed, 18 insertions(+), 12 deletions(-) diff --git a/command/agent/keyring.go b/command/agent/keyring.go index 4d44991967..f51b04c0c3 100644 --- a/command/agent/keyring.go +++ b/command/agent/keyring.go @@ -128,19 +128,22 @@ func (a *Agent) ListKeys(token string) (*structs.KeyringResponses, error) { } // InstallKey installs a new gossip encryption key -func (a *Agent) InstallKey(key string) (*structs.KeyringResponses, error) { +func (a *Agent) InstallKey(key, token string) (*structs.KeyringResponses, error) { args := structs.KeyringRequest{Key: key, Operation: structs.KeyringInstall} + args.Token = token return a.keyringProcess(&args) } // UseKey changes the primary encryption key used to encrypt messages -func (a *Agent) UseKey(key string) (*structs.KeyringResponses, error) { +func (a *Agent) UseKey(key, token string) (*structs.KeyringResponses, error) { args := structs.KeyringRequest{Key: key, Operation: structs.KeyringUse} + args.Token = token return a.keyringProcess(&args) } // RemoveKey will remove a gossip encryption key from the keyring -func (a *Agent) RemoveKey(key string) (*structs.KeyringResponses, error) { +func (a *Agent) RemoveKey(key, token string) (*structs.KeyringResponses, error) { args := structs.KeyringRequest{Key: key, Operation: structs.KeyringRemove} + args.Token = token return a.keyringProcess(&args) } diff --git a/command/agent/rpc.go b/command/agent/rpc.go index 0e64549a39..dd2d376c60 100644 --- a/command/agent/rpc.go +++ b/command/agent/rpc.go @@ -636,11 +636,11 @@ func (i *AgentRPC) handleKeyring(client *rpcClient, seq uint64, cmd, token strin case listKeysCommand: queryResp, err = i.agent.ListKeys(token) case installKeyCommand: - queryResp, err = i.agent.InstallKey(req.Key) + queryResp, err = i.agent.InstallKey(req.Key, token) case useKeyCommand: - queryResp, err = i.agent.UseKey(req.Key) + queryResp, err = i.agent.UseKey(req.Key, token) case removeKeyCommand: - queryResp, err = i.agent.RemoveKey(req.Key) + queryResp, err = i.agent.RemoveKey(req.Key, token) default: respHeader := responseHeader{Seq: seq, Error: unsupportedCommand} client.Send(&respHeader, nil) diff --git a/command/agent/rpc_client.go b/command/agent/rpc_client.go index 4bcf4a4b89..3ce90b1634 100644 --- a/command/agent/rpc_client.go +++ b/command/agent/rpc_client.go @@ -199,10 +199,11 @@ func (c *RPCClient) ListKeys(token string) (keyringResponse, error) { return resp, err } -func (c *RPCClient) InstallKey(key string) (keyringResponse, error) { +func (c *RPCClient) InstallKey(key, token string) (keyringResponse, error) { header := requestHeader{ Command: installKeyCommand, Seq: c.getSeq(), + Token: token, } req := keyringRequest{key} var resp keyringResponse @@ -210,10 +211,11 @@ func (c *RPCClient) InstallKey(key string) (keyringResponse, error) { return resp, err } -func (c *RPCClient) UseKey(key string) (keyringResponse, error) { +func (c *RPCClient) UseKey(key, token string) (keyringResponse, error) { header := requestHeader{ Command: useKeyCommand, Seq: c.getSeq(), + Token: token, } req := keyringRequest{key} var resp keyringResponse @@ -221,10 +223,11 @@ func (c *RPCClient) UseKey(key string) (keyringResponse, error) { return resp, err } -func (c *RPCClient) RemoveKey(key string) (keyringResponse, error) { +func (c *RPCClient) RemoveKey(key, token string) (keyringResponse, error) { header := requestHeader{ Command: removeKeyCommand, Seq: c.getSeq(), + Token: token, } req := keyringRequest{key} var resp keyringResponse diff --git a/command/keyring.go b/command/keyring.go index 50645230f4..3a47cb9358 100644 --- a/command/keyring.go +++ b/command/keyring.go @@ -80,7 +80,7 @@ func (c *KeyringCommand) Run(args []string) int { if installKey != "" { c.Ui.Info("Installing new gossip encryption key...") - r, err := client.InstallKey(installKey) + r, err := client.InstallKey(installKey, token) if err != nil { c.Ui.Error(fmt.Sprintf("error: %s", err)) return 1 @@ -90,7 +90,7 @@ func (c *KeyringCommand) Run(args []string) int { if useKey != "" { c.Ui.Info("Changing primary gossip encryption key...") - r, err := client.UseKey(useKey) + r, err := client.UseKey(useKey, token) if err != nil { c.Ui.Error(fmt.Sprintf("error: %s", err)) return 1 @@ -100,7 +100,7 @@ func (c *KeyringCommand) Run(args []string) int { if removeKey != "" { c.Ui.Info("Removing gossip encryption key...") - r, err := client.RemoveKey(removeKey) + r, err := client.RemoveKey(removeKey, token) if err != nil { c.Ui.Error(fmt.Sprintf("error: %s", err)) return 1