consul/agent
Matt Keeler 90040f8bff Fixes for CVE-2019-8336
Fix error in detecting raft replication errors.

Detect redacted token secrets and prevent attempting to insert.

Add a Redacted field to the TokenBatchRead and TokenRead RPC endpoints

This will indicate whether token secrets have been redacted.

Ensure any token with a redacted secret in secondary datacenters is removed.

Test that redacted tokens cannot be replicated.
2019-03-04 19:13:24 +00:00
..
ae Add -sidecar-for and new /agent/service/:service_id endpoint (#4691) 2018-10-10 16:55:34 +01:00
cache connect: tame thundering herd of CSRs on CA rotation (#5228) 2019-01-22 17:19:36 +00:00
cache-types Allow DNS interface to use agent cache (#5300) 2019-02-25 14:06:01 -05:00
checks Add -sidecar-for and new /agent/service/:service_id endpoint (#4691) 2018-10-10 16:55:34 +01:00
config default to tls 1.2 as promised. (#5340) 2019-03-04 09:42:04 -05:00
connect test: fix concurrent map access when setting up test vault 2019-03-01 14:30:19 -06:00
consul Fixes for CVE-2019-8336 2019-03-04 19:13:24 +00:00
debug fix comment typos (#4890) 2018-11-02 12:00:39 -05:00
exec fix go vet issue 2017-10-25 19:30:35 +02:00
local Register and deregisters services and their checks atomically in the local state (#5012) 2019-03-04 09:34:05 -05:00
metadata New ACLs (#4791) 2018-10-19 12:04:07 -04:00
mock agent: replace docker check 2017-07-18 20:24:38 +02:00
pool Makes RPC handling more robust when rolling servers. (#3561) 2017-10-10 15:19:50 -07:00
proxycfg Implement prepared query upstreams watching for envoy (#5224) 2019-01-18 12:44:04 -05:00
proxyprocess Add -sidecar-for and new /agent/service/:service_id endpoint (#4691) 2018-10-10 16:55:34 +01:00
router Call RemoveServer for reap events (#5317) 2019-03-04 09:19:35 -05:00
structs Fixes for CVE-2019-8336 2019-03-04 19:13:24 +00:00
systemd agent: notify systemd after JoinLAN (#2121) 2017-06-21 06:43:55 +02:00
token ACL Token Persistence and Reloading (#5328) 2019-02-27 14:28:31 -05:00
xds Envoy config cluster (#5308) 2019-02-19 13:45:33 +00:00
acl.go New ACLs (#4791) 2018-10-19 12:04:07 -04:00
acl_endpoint.go clarify the ACL.PolicyDelete endpoint (#5337) 2019-02-13 09:16:30 -06:00
acl_endpoint_legacy.go New ACLs (#4791) 2018-10-19 12:04:07 -04:00
acl_endpoint_legacy_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
acl_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
acl_test.go ACL Token Persistence and Reloading (#5328) 2019-02-27 14:28:31 -05:00
agent.go Register and deregisters services and their checks atomically in the local state (#5012) 2019-03-04 09:34:05 -05:00
agent_endpoint.go ACL Token Persistence and Reloading (#5328) 2019-02-27 14:28:31 -05:00
agent_endpoint_test.go ACL Token Persistence and Reloading (#5328) 2019-02-27 14:28:31 -05:00
agent_test.go Register and deregisters services and their checks atomically in the local state (#5012) 2019-03-04 09:34:05 -05:00
bindata_assetfs.go Release v1.4.2 2019-01-28 21:46:00 +00:00
blacklist.go Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
blacklist_test.go Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
catalog_endpoint.go Support multiple tags for health and catalog http api endpoints (#4717) 2018-10-11 12:50:05 +01:00
catalog_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
check.go Decouple the code that executes checks from the agent 2017-10-25 11:18:07 +02:00
config.go Fixes API client for ScriptArgs and updates documentation. (#3589) 2017-10-18 11:28:39 -07:00
connect_auth.go connect: remove additional trust-domain validation (#4934) 2018-11-12 20:20:12 +00:00
connect_ca_endpoint.go Fix CA pruning when CA config uses string durations. (#4669) 2018-09-13 15:43:00 +01:00
connect_ca_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
coordinate_endpoint.go Merge pull request #3885 from eddsteel/support-options-requests 2018-03-16 09:20:16 -05:00
coordinate_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
dns.go Fix race condition in DNS when using cache (#5398) 2019-03-04 09:22:01 -05:00
dns_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
enterprise_delegate_oss.go Allow for easy enterprise/oss coexistence 2018-05-24 10:36:42 -04:00
event_endpoint.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
event_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
health_endpoint.go Support multiple tags for health and catalog http api endpoints (#4717) 2018-10-11 12:50:05 +01:00
health_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
http.go Re-add ReadableDuration types to health check definition 2019-01-25 14:47:35 -08:00
http_oss.go Implement /v1/agent/health/service/<service name> endpoint (#3551) 2019-01-07 09:39:23 -05:00
http_oss_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
http_test.go ACL Token Persistence and Reloading (#5328) 2019-02-27 14:28:31 -05:00
intentions_endpoint.go Deferred updating response meta with consul headers (#5355) 2019-02-19 11:45:36 +00:00
intentions_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
keyring.go agent: move agent/consul/structs to agent/structs 2017-08-09 14:32:12 +02:00
keyring_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
kvs_endpoint.go Support OPTIONS requests 2018-02-12 10:15:31 -08:00
kvs_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
notify.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
notify_test.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
operator_endpoint.go Support OPTIONS requests 2018-02-12 10:15:31 -08:00
operator_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
prepared_query_endpoint.go Support Agent Caching for Service Discovery Results (#4541) 2018-10-10 16:55:34 +01:00
prepared_query_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
remote_exec.go Decouple the code that executes checks from the agent 2017-10-25 11:18:07 +02:00
remote_exec_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
retry_join.go agent: configure k8s go-discover 2018-09-05 13:38:13 -07:00
retry_join_test.go Vendoring update for go-discover. (#4412) 2018-07-25 16:21:04 -07:00
session_endpoint.go Support OPTIONS requests 2018-02-12 10:15:31 -08:00
session_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
sidecar_service.go Improve Connect with Prepared Queries (#5291) 2019-02-04 09:36:51 -05:00
sidecar_service_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
signal_unix.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
signal_windows.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
snapshot_endpoint.go agent: consolidate handling of 405 Method Not Allowed (#3405) 2017-09-25 23:11:19 -07:00
snapshot_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
status_endpoint.go Support OPTIONS requests 2018-02-12 10:15:31 -08:00
status_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
testagent.go Centralise tls configuration part 1 (#5366) 2019-02-26 16:52:07 +01:00
testagent_test.go New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
translate_addr.go New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
txn_endpoint.go Re-add ReadableDuration types to health check definition 2019-01-25 14:47:35 -08:00
txn_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
ui_endpoint.go agent: ExternalSources instead of Meta 2018-09-07 10:06:55 -07:00
ui_endpoint_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
user_event.go Spelling (#3958) 2018-03-19 16:56:00 +00:00
user_event_test.go Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
util.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
util_test.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
watch_handler.go Support legacy watch.HandlerFunc type for backward compat reduces impact of change 2018-06-14 09:42:05 -07:00
watch_handler_test.go Support legacy watch.HandlerFunc type for backward compat reduces impact of change 2018-06-14 09:42:05 -07:00