GO-2024-3335: Boundary Community Edition Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service in github.com/hashicorp/boundary

store

package

v0.3.0 Latest Latest Go to latest Published: Jun 8, 2021 License: MPL-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/boundary

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var File_controller_storage_authtoken_store_v1_authtoken_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type AuthToken ¶

type AuthToken struct {

	// public_id is used to access the auth token via an API
	// @inject_tag: gorm:"primary_key"
	PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
	// create_time from the RDBMS
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// update_time from the RDBMS
	// @inject_tag: `gorm:"default:current_timestamp"`
	UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
	// last_access_time indicates the last time the auth token was used on the boundary API.
	// @inject_tag: `gorm:"default:current_timestamp"`
	ApproximateLastAccessTime *timestamp.Timestamp `` /* 173-byte string literal not displayed */
	// expiration_time indicates when this session will expire.
	// If null a default duration and create_time is used to calculate expiration.
	// @inject_tag: `gorm:"default:null"`
	ExpirationTime *timestamp.Timestamp `protobuf:"bytes,5,opt,name=expiration_time,json=expirationTime,proto3" json:"expiration_time,omitempty" gorm:"default:null"`
	// ciphertext token value stored in the database
	// @inject_tag: gorm:"column:token;not_null" wrapping:"ct,authtoken_token"
	CtToken []byte `` /* 141-byte string literal not displayed */
	// plain text version of the decrypted authtoken value
	// we are NOT storing this plain-text entry data in the db
	// token is the field stored and used by the client
	// @inject_tag: gorm:"-" wrapping:"pt,authtoken_token"
	Token string `protobuf:"bytes,7,opt,name=token,proto3" json:"token,omitempty" gorm:"-" wrapping:"pt,authtoken_token"`
	// auth_account_id is the public id for the auth account this auth token
	// was generated for.
	// @inject_tag: `gorm:"default:not_null"`
	AuthAccountId string `` /* 127-byte string literal not displayed */
	// scope_id is not stored in the backing DB but it derived from the linked to auth account.
	// @inject_tag: gorm:"-"
	ScopeId string `protobuf:"bytes,11,opt,name=scope_id,json=scopeId,proto3" json:"scope_id,omitempty" gorm:"-"`
	// auth_method_id is not stored in the backing DB but it derived from the linked to auth account.
	// @inject_tag: gorm:"-"
	AuthMethodId string `protobuf:"bytes,12,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"-"`
	// iam_user_id is not stored in the backing DB but it derived from the linked to auth account.
	// @inject_tag: gorm:"-"
	IamUserId string `protobuf:"bytes,13,opt,name=iam_user_id,json=iamUserId,proto3" json:"iam_user_id,omitempty" gorm:"-"`
	// key_id is the key ID that was used for the encryption operation. It can be
	// used to identify a specific version of the key needed to decrypt the value,
	// which is useful for caching purposes.
	// @inject_tag: `gorm:"not_null"`
	KeyId string `protobuf:"bytes,14,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"`
	// status is the auth token's status. It will default of "token issued" in the
	// database.
	// @inject_tag: `gorm:"default:null"`
	Status string `protobuf:"bytes,15,opt,name=status,proto3" json:"status,omitempty" gorm:"default:null"`
	// contains filtered or unexported fields
}

func (*AuthToken) Descriptor deprecated

func (*AuthToken) Descriptor() ([]byte, []int)

Deprecated: Use AuthToken.ProtoReflect.Descriptor instead.

func (*AuthToken) GetApproximateLastAccessTime ¶

func (x *AuthToken) GetApproximateLastAccessTime() *timestamp.Timestamp

func (*AuthToken) GetAuthAccountId ¶

func (x *AuthToken) GetAuthAccountId() string

func (*AuthToken) GetAuthMethodId ¶

func (x *AuthToken) GetAuthMethodId() string

func (*AuthToken) GetCreateTime ¶

func (x *AuthToken) GetCreateTime() *timestamp.Timestamp

func (*AuthToken) GetCtToken ¶

func (x *AuthToken) GetCtToken() []byte

func (*AuthToken) GetExpirationTime ¶

func (x *AuthToken) GetExpirationTime() *timestamp.Timestamp

func (*AuthToken) GetIamUserId ¶

func (x *AuthToken) GetIamUserId() string

func (*AuthToken) GetKeyId ¶

func (x *AuthToken) GetKeyId() string

func (*AuthToken) GetPublicId ¶

func (x *AuthToken) GetPublicId() string

func (*AuthToken) GetScopeId ¶

func (x *AuthToken) GetScopeId() string

func (*AuthToken) GetStatus ¶ added in v0.2.0

func (x *AuthToken) GetStatus() string

func (*AuthToken) GetToken ¶

func (x *AuthToken) GetToken() string

func (*AuthToken) GetUpdateTime ¶

func (x *AuthToken) GetUpdateTime() *timestamp.Timestamp

func (*AuthToken) ProtoMessage ¶

func (*AuthToken) ProtoMessage()

func (*AuthToken) ProtoReflect ¶

func (x *AuthToken) ProtoReflect() protoreflect.Message

func (*AuthToken) Reset ¶

func (x *AuthToken) Reset()

func (*AuthToken) String ¶

func (x *AuthToken) String() string

Source Files ¶

View all Source files

authtoken.pb.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL