vault

package
v0.0.0-...-a0f6db5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 14, 2022 License: MPL-2.0 Imports: 168 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// for testing purposes (public as needed)
	ActivityLogPrefix = "sys/counters/activity/log/"
	ActivityPrefix    = "sys/counters/activity/"
)
View Source 
const (
	AESGCMVersion1 = 0x1
	AESGCMVersion2 = 0x2
)

Versions of the AESGCM storage methodology

View Source 
const (
	// CoreLockPath is the path used to acquire a coordinating lock
	// for a highly-available deploy.
	CoreLockPath = "core/lock"

	// ForwardSSCTokenToActive is the value that must be set in the
	// forwardToActive to trigger forwarding if a perf standby encounters
	// an SSC Token that it does not have the WAL state for.
	ForwardSSCTokenToActive = "new_token"

	WrapperTypeHsmAutoDeprecated = wrapping.WrapperType("hsm-auto")
)
View Source 
const (
	CORSDisabled uint32 = iota
	CORSEnabled
)
View Source 
const (

	// maximum number of irrevocable leases we return to the irrevocable lease
	// list API **without** the `force` flag set
	MaxIrrevocableLeasesToReturn = 10000

	MaxIrrevocableLeasesWarning = "Command halted because many irrevocable leases were found. To emit the entire list, re-run the command with force set true."
)
View Source 
const (

	// Error constants used in the Authorization Endpoint. See details at
	// https://openid.net/specs/openid-connect-core-1_0.html#AuthError.
	ErrAuthUnsupportedResponseType = "unsupported_response_type"
	ErrAuthInvalidRequest          = "invalid_request"
	ErrAuthAccessDenied            = "access_denied"
	ErrAuthUnauthorizedClient      = "unauthorized_client"
	ErrAuthServerError             = "server_error"
	ErrAuthRequestNotSupported     = "request_not_supported"
	ErrAuthRequestURINotSupported  = "request_uri_not_supported"

	// Error constants used in the Token Endpoint. See details at
	// https://openid.net/specs/openid-connect-core-1_0.html#TokenErrorResponse
	ErrTokenInvalidRequest       = "invalid_request"
	ErrTokenInvalidClient        = "invalid_client"
	ErrTokenInvalidGrant         = "invalid_grant"
	ErrTokenUnsupportedGrantType = "unsupported_grant_type"
	ErrTokenServerError          = "server_error"

	// Error constants used in the UserInfo Endpoint. See details at
	// https://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
	ErrUserInfoServerError    = "server_error"
	ErrUserInfoInvalidRequest = "invalid_request"
	ErrUserInfoInvalidToken   = "invalid_token"
	ErrUserInfoAccessDenied   = "access_denied"

	// The following errors are used by the UI for specific behavior of
	// the OIDC specification. Any changes to their values must come with
	// a corresponding change in the UI code.
	ErrAuthInvalidClientID      = "invalid_client_id"
	ErrAuthInvalidRedirectURI   = "invalid_redirect_uri"
	ErrAuthMaxAgeReAuthenticate = "max_age_violation"
)
View Source 
const (
	DenyCapability   = "deny"
	CreateCapability = "create"
	ReadCapability   = "read"
	UpdateCapability = "update"
	DeleteCapability = "delete"
	ListCapability   = "list"
	SudoCapability   = "sudo"
	RootCapability   = "root"
	PatchCapability  = "patch"

	// Backwards compatibility
	OldDenyPathPolicy  = "deny"
	OldReadPathPolicy  = "read"
	OldWritePathPolicy = "write"
	OldSudoPathPolicy  = "sudo"
)
View Source 
const (
	DenyCapabilityInt uint32 = 1 << iota
	CreateCapabilityInt
	ReadCapabilityInt
	UpdateCapabilityInt
	DeleteCapabilityInt
	ListCapabilityInt
	SudoCapabilityInt
	PatchCapabilityInt
)
View Source 
const (
	RecoveryTypeUnsupported = "unsupported"
	RecoveryTypeShamir      = "shamir"
)
View Source 
const (

	// TokenLength is the size of tokens we are currently generating, without
	// any namespace information
	TokenLength = 24

	// MaxNsIdLength is the maximum namespace ID length (5 characters prepended by a ".")
	MaxNsIdLength = 6

	// TokenPrefixLength is the length of the new token prefixes ("hvs.", "hvb.",
	// and "hvr.")
	TokenPrefixLength = 4

	// OldTokenPrefixLength is the length of the old token prefixes ("s.", "b.". "r.")
	OldTokenPrefixLength = 2

	// GenerationCounterBuffer is a buffer for the generation counter estimation in the
	// case where a counter cannot be retrieved from storage
	GenerationCounterBuffer = 5

	// MaxRetrySSCTokensGenerationCounter is the maximum number of retries the TokenStore
	// will make when attempting to get the SSCTokensGenerationCounter
	MaxRetrySSCTokensGenerationCounter = 3

	// IgnoreForBilling used for HCP Link batch tokens and inserted into the InternalMeta
	// Tokens created for the purpose of HCP Link should bypass counting for billing purposes
	IgnoreForBilling = "ignore_for_billing"
)
View Source 
const (
	// ControlledCapabilityPolicySubsetError is thrown when a control group's controlled capabilities
	// are not a subset of the policy's capabilities.
	ControlledCapabilityPolicySubsetError = "control group factor capabilities must be a subset of the policy's capabilities"
)

Error constants for testing

View Source 
const (
	EnvVaultDisableLocalAuthMountEntities = "VAULT_DISABLE_LOCAL_AUTH_MOUNT_ENTITIES"
)
View Source 
const (

	// Internal so as not to log a trace message
	IntNoForwardingHeaderName = "X-Vault-Internal-No-Request-Forwarding"
)
View Source 
const (

	// StoredBarrierKeysPath is the path used for storing HSM-encrypted unseal keys
	StoredBarrierKeysPath = "core/hsm/barrier-unseal-keys"
)

Variables

View Source 
var (
	// ErrBarrierSealed is returned if an operation is performed on
	// a sealed barrier. No operation is expected to succeed before unsealing
	ErrBarrierSealed = errors.New("Vault is sealed")

	// ErrBarrierAlreadyInit is returned if the barrier is already
	// initialized. This prevents a re-initialization.
	ErrBarrierAlreadyInit = errors.New("Vault is already initialized")

	// ErrBarrierNotInit is returned if a non-initialized barrier
	// is attempted to be unsealed.
	ErrBarrierNotInit = errors.New("Vault is not initialized")

	// ErrBarrierInvalidKey is returned if the Unseal key is invalid
	ErrBarrierInvalidKey = errors.New("Unseal failed, invalid key")

	// ErrPlaintextTooLarge is returned if a plaintext is offered for encryption
	// that is too large to encrypt in memory
	ErrPlaintextTooLarge = errors.New("plaintext value too large")
)
View Source 
var (
	ErrCannotForward          = errors.New("cannot forward request; no connection or address not known")
	ErrCannotForwardLocalOnly = errors.New("cannot forward local-only request")
)
View Source 
var (
	// ErrAlreadyInit is returned if the core is already
	// initialized. This prevents a re-initialization.
	ErrAlreadyInit = errors.New("Vault is already initialized")

	// ErrNotInit is returned if a non-initialized barrier
	// is attempted to be unsealed.
	ErrNotInit = errors.New("Vault is not initialized")

	// ErrInternalError is returned when we don't want to leak
	// any information about an internal error
	ErrInternalError = errors.New("internal error")

	// ErrHANotEnabled is returned if the operation only makes sense
	// in an HA setting
	ErrHANotEnabled = errors.New("Vault is not configured for highly-available mode")

	LastWAL               = lastWALImpl
	LastPerformanceWAL    = lastPerformanceWALImpl
	LastDRWAL             = lastDRWALImpl
	PerformanceMerkleRoot = merkleRootImpl
	DRMerkleRoot          = merkleRootImpl
	LastRemoteWAL         = lastRemoteWALImpl
	LastRemoteUpstreamWAL = lastRemoteUpstreamWALImpl
	WaitUntilWALShipped   = waitUntilWALShippedImpl

	LicenseAutoloaded = func(*Core) bool { return false }
	LicenseInitCheck  = func(*Core) error { return nil }
	LicenseSummary    = func(*Core) (*LicenseState, error) { return nil, nil }
	LicenseReload     = func(*Core) error { return nil }
)
View Source 
var (
	ErrDirectoryNotConfigured   = errors.New("could not set plugin, plugin directory is not configured")
	ErrPluginNotFound           = errors.New("plugin not found in the catalog")
	ErrPluginConnectionNotFound = errors.New("plugin connection not found for client")
	ErrPluginBadType            = errors.New("unable to determine plugin type")
)
View Source 
var (

	// TestingUpdateClusterAddr is used in tests to override the cluster address
	TestingUpdateClusterAddr uint32

	ErrJoinWithoutAutoloading = errors.New("attempt to join a cluster using autoloaded licenses while not using autoloading ourself")
)
View Source 
var (
	// DefaultMaxRequestDuration is the amount of time we'll wait for a request
	// to complete, unless overridden on a per-handler basis
	DefaultMaxRequestDuration = 90 * time.Second
)
View Source 
var DefaultNumCores = 3
View Source 
var ErrInRestoreMode = errors.New("expiration manager in restore mode")
View Source 
var (
	ErrInitWithoutAutoloading = errors.New("cannot initialize storage without an autoloaded license")
)
View Source 
var File_vault_request_forwarding_service_proto protoreflect.FileDescriptor
View Source 
var NamespaceByID func(context.Context, string, *Core) (*namespace.Namespace, error) = namespaceByID
View Source 
var RequestForwarding_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "vault.RequestForwarding",
	HandlerType: (*RequestForwardingServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ForwardRequest",
			Handler:    _RequestForwarding_ForwardRequest_Handler,
		},
		{
			MethodName: "Echo",
			Handler:    _RequestForwarding_Echo_Handler,
		},
	},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "PerformanceStandbyElectionRequest",
			Handler:       _RequestForwarding_PerformanceStandbyElectionRequest_Handler,
			ServerStreams: true,
		},
	},
	Metadata: "vault/request_forwarding_service.proto",
}

RequestForwarding_ServiceDesc is the grpc.ServiceDesc for RequestForwarding service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var StdAllowedHeaders = []string{
	"Content-Type",
	"X-Requested-With",
	"X-Vault-AWS-IAM-Server-ID",
	"X-Vault-MFA",
	"X-Vault-No-Request-Forwarding",
	"X-Vault-Wrap-Format",
	"X-Vault-Wrap-TTL",
	"X-Vault-Policy-Override",
	"Authorization",
	consts.AuthHeaderName,
}

Functions

func ActiveEntitiesEqual 

func ActiveEntitiesEqual(active map[string]*activity.EntityRecord, test []*activity.EntityRecord) bool

ActiveEntitiesEqual checks that only the set of `test` exists in `active`

func AddNoopAudit 

func AddNoopAudit(conf *CoreConfig, records **[][]byte)

func AddTestCredentialBackend 

func AddTestCredentialBackend(name string, factory logical.Factory) error

This adds a credential backend for the test core. This needs to be invoked before the test core is created.

func AddTestLogicalBackend 

func AddTestLogicalBackend(name string, factory logical.Factory) error

This adds a logical backend for the test core. This needs to be invoked before the test core is created.

func CubbyholeBackendFactory 

func CubbyholeBackendFactory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

CubbyholeBackendFactory constructs a new cubbyhole backend

func DiagnoseCheckLicense 

func DiagnoseCheckLicense(ctx context.Context, vaultCore *Core, coreConfig CoreConfig, generate bool) (bool, []string)

func GenerateRandBytes 

func GenerateRandBytes(length int) ([]byte, error)

func GenerateTestLicenseKeys 

func GenerateTestLicenseKeys() (ed25519.PublicKey, ed25519.PrivateKey, error)

func IsBatchToken 

func IsBatchToken(token string) bool

func IsFatalError 

func IsFatalError(err error) bool

IsFatalError returns true if the given error is a fatal error.

func IsJWT 

func IsJWT(token string) bool

func IsSSCToken 

func IsSSCToken(token string) bool

func IsServiceToken 

func IsServiceToken(token string) bool

func IsWrappingToken 

func IsWrappingToken(te *logical.TokenEntry) bool

func LeaseSwitchedPassthroughBackend 

func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendConfig, leases bool) (logical.Backend, error)

LeaseSwitchedPassthroughBackend returns a PassthroughBackend with leases switched on or off

func LeasedPassthroughBackendFactory 

func LeasedPassthroughBackendFactory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

LeasedPassthroughBackendFactory returns a PassthroughBackend with leases switched on

func MakeTestPluginDir 

func MakeTestPluginDir(t testing.T) (string, func(t testing.T))

MakeTestPluginDir creates a temporary directory suitable for holding plugins. This helper also resolves symlinks to make tests happy on OS X.

func NewAutoSeal 

func NewAutoSeal(lowLevel *seal.Access) (*autoSeal, error)

func NewMockBuiltinRegistry 

func NewMockBuiltinRegistry() *mockBuiltinRegistry

func NewRequestForwardingHandler 

func NewRequestForwardingHandler(c *Core, fws *http2.Server, perfStandbySlots chan struct{}, perfStandbyRepCluster *replication.Cluster) (*requestForwardingHandler, error)

NewRequestForwardingHandler creates a cluster handler for use with request forwarding.

func NewSealUnwrapper 

func NewSealUnwrapper(underlying physical.Backend, logger log.Logger) physical.Backend

NewSealUnwrapper creates a new seal unwrapper

func NoopBackendFactory 

func NoopBackendFactory(_ context.Context, _ *logical.BackendConfig) (logical.Backend, error)

func PassthroughBackendFactory 

func PassthroughBackendFactory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

PassthroughBackendFactory returns a PassthroughBackend with leases switched off

func RandStringBytes 

func RandStringBytes(n int) string

func RegisterRequestForwardingServer 

func RegisterRequestForwardingServer(s grpc.ServiceRegistrar, srv RequestForwardingServer)

func RetryUntil 

func RetryUntil(t testing.T, timeout time.Duration, f func() error)

RetryUntil runs f until it returns a nil result or the timeout is reached. If a nil result hasn't been obtained by timeout, calls t.Fatal.

func SetReplicationFailureMode 

func SetReplicationFailureMode(core *TestClusterCore, mode uint32)

func SetupMFAMemDB 

func SetupMFAMemDB(schemaFuncs []func() *memdb.TableSchema) (*memdb.MemDB, error)

func SetupMetrics 

func SetupMetrics(conf *CoreConfig) *metrics.InmemSink

func TestAddTestPlugin 

func TestAddTestPlugin(t testing.T, c *Core, name string, pluginType consts.PluginType, version string, testFunc string, env []string, tempDir string)

TestAddTestPlugin registers the testFunc as part of the plugin command to the plugin catalog. If provided, uses tmpDir as the plugin directory.

func TestCoreInit 

func TestCoreInit(t testing.T, core *Core) ([][]byte, string)

TestCoreInit initializes the core with a single key, and returns the key that must be used to unseal the core and a root token.

func TestCoreInitClusterWrapperSetup 

func TestCoreInitClusterWrapperSetup(t testing.T, core *Core, handler http.Handler) ([][]byte, [][]byte, string)

func TestCoreSeal 

func TestCoreSeal(core *Core) error

func TestCoreUnseal 

func TestCoreUnseal(core *Core, key []byte) (bool, error)

func TestDynamicSystemView 

func TestDynamicSystemView(c *Core, ns *namespace.Namespace) *dynamicSystemView

func TestInitUnsealCore 

func TestInitUnsealCore(t testing.T, core *Core) (string, [][]byte)

func TestKeyCopy 

func TestKeyCopy(key []byte) []byte

TestKeyCopy is a silly little function to just copy the key so that it can be used with Unseal easily.

func TestPluginClientConfig 

func TestPluginClientConfig(c *Core, pluginType consts.PluginType, pluginName string) pluginutil.PluginClientConfig

func TestRunTestPlugin 

func TestRunTestPlugin(t testing.T, c *Core, pluginType consts.PluginType, pluginName string) *pluginClient

TestRunTestPlugin runs the testFunc which has already been registered to the plugin catalog and returns a pluginClient. This can be called after calling TestAddTestPlugin.

func TestWaitActive 

func TestWaitActive(t testing.T, core *Core)

func TestWaitActiveForwardingReady 

func TestWaitActiveForwardingReady(t testing.T, core *Core)

func TestWaitActiveWithError 

func TestWaitActiveWithError(core *Core) error

func WriteToStorage 

func WriteToStorage(t *testing.T, c *Core, path string, data []byte)

WriteToStorage is used to put entity data in storage `path` should be the complete path (not relative to the view)

Types

type ACL 

type ACL struct {
	// contains filtered or unexported fields
}

ACL is used to wrap a set of policies to provide an efficient interface for access control.

func NewACL 

func NewACL(ctx context.Context, policies []*Policy) (*ACL, error)

NewACL is used to construct a policy based ACL from a set of policies.

func (*ACL) AllowOperation 

func (a *ACL) AllowOperation(ctx context.Context, req *logical.Request, capCheckOnly bool) (ret *ACLResults)

AllowOperation is used to check if the given operation is permitted.

func (*ACL) Capabilities 

func (a *ACL) Capabilities(ctx context.Context, path string) (pathCapabilities []string)

func (*ACL) CheckAllowedFromNonExactPaths 

func (a *ACL) CheckAllowedFromNonExactPaths(path string, bareMount bool) *ACLPermissions

CheckAllowedFromNonExactPaths returns permissions corresponding to a matching path with wildcards/globs. If bareMount is true, the path should correspond to a mount prefix, and what is returned is either a non-nil set of permissions from some allowed path underneath the mount (for use in mount access checks), or nil indicating no non-deny permissions were found.

type ACLPermissions 

type ACLPermissions struct {
	CapabilitiesBitmap  uint32
	MinWrappingTTL      time.Duration
	MaxWrappingTTL      time.Duration
	AllowedParameters   map[string][]interface{}
	DeniedParameters    map[string][]interface{}
	RequiredParameters  []string
	MFAMethods          []string
	ControlGroup        *ControlGroup
	GrantingPoliciesMap map[uint32][]logical.PolicyInfo
}

func (*ACLPermissions) Clone 

func (p *ACLPermissions) Clone() (*ACLPermissions, error)

type ACLResults 

type ACLResults struct {
	Allowed            bool
	RootPrivs          bool
	IsRoot             bool
	MFAMethods         []string
	ControlGroup       *ControlGroup
	CapabilitiesBitmap uint32
	GrantingPolicies   []logical.PolicyInfo
}

type AESGCMBarrier 

type AESGCMBarrier struct {
	UnaccountedEncryptions *atomic.Int64
	// Used only for testing
	RemoteEncryptions *atomic.Int64
	// contains filtered or unexported fields
}

AESGCMBarrier is a SecurityBarrier implementation that uses the AES cipher core and the Galois Counter Mode block mode. It defaults to the golang NONCE default value of 12 and a key size of 256 bit. AES-GCM is high performance, and provides both confidentiality and integrity.

func NewAESGCMBarrier 

func NewAESGCMBarrier(physical physical.Backend) (*AESGCMBarrier, error)

NewAESGCMBarrier is used to construct a new barrier that uses the provided physical backend for storage.

func (*AESGCMBarrier) ActiveKeyInfo 

func (b *AESGCMBarrier) ActiveKeyInfo() (*KeyInfo, error)

ActiveKeyInfo is used to inform details about the active key

func (*AESGCMBarrier) AddRemoteEncryptions 

func (b *AESGCMBarrier) AddRemoteEncryptions(encryptions int64)

func (*AESGCMBarrier) CheckBarrierAutoRotate 

func (b *AESGCMBarrier) CheckBarrierAutoRotate(ctx context.Context) (string, error)

func (*AESGCMBarrier) CheckUpgrade 

func (b *AESGCMBarrier) CheckUpgrade(ctx context.Context) (bool, uint32, error)

CheckUpgrade looks for an upgrade to the current term and installs it

func (*AESGCMBarrier) ConsumeEncryptionCount 

func (b *AESGCMBarrier) ConsumeEncryptionCount(consumer func(int64) error) error

func (*AESGCMBarrier) CreateUpgrade 

func (b *AESGCMBarrier) CreateUpgrade(ctx context.Context, term uint32) error

CreateUpgrade creates an upgrade path key to the given term from the previous term

func (*AESGCMBarrier) Decrypt 

func (b *AESGCMBarrier) Decrypt(_ context.Context, key string, ciphertext []byte) ([]byte, error)

Decrypt is used to decrypt in-memory for the BarrierEncryptor interface

func (*AESGCMBarrier) Delete 

func (b *AESGCMBarrier) Delete(ctx context.Context, key string) error

Delete is used to permanently delete an entry

func (*AESGCMBarrier) DestroyUpgrade 

func (b *AESGCMBarrier) DestroyUpgrade(ctx context.Context, term uint32) error

DestroyUpgrade destroys the upgrade path key to the given term

func (*AESGCMBarrier) Encrypt 

func (b *AESGCMBarrier) Encrypt(ctx context.Context, key string, plaintext []byte) ([]byte, error)

Encrypt is used to encrypt in-memory for the BarrierEncryptor interface

func (*AESGCMBarrier) GenerateKey 

func (b *AESGCMBarrier) GenerateKey(reader io.Reader) ([]byte, error)

GenerateKey is used to generate a new key

func (*AESGCMBarrier) Get 

func (b *AESGCMBarrier) Get(ctx context.Context, key string) (*logical.StorageEntry, error)

Get is used to fetch an entry

func (*AESGCMBarrier) Initialize 

func (b *AESGCMBarrier) Initialize(ctx context.Context, key, sealKey []byte, reader io.Reader) error

Initialize works only if the barrier has not been initialized and makes use of the given root key.

func (*AESGCMBarrier) Initialized 

func (b *AESGCMBarrier) Initialized(ctx context.Context) (bool, error)

Initialized checks if the barrier has been initialized and has a root key set.

func (*AESGCMBarrier) KeyLength 

func (b *AESGCMBarrier) KeyLength() (int, int)

KeyLength is used to sanity check a key

func (*AESGCMBarrier) Keyring 

func (b *AESGCMBarrier) Keyring() (*Keyring, error)

func (*AESGCMBarrier) List 

func (b *AESGCMBarrier) List(ctx context.Context, prefix string) ([]string, error)

List is used ot list all the keys under a given prefix, up to the next prefix.

func (*AESGCMBarrier) Put 

func (b *AESGCMBarrier) Put(ctx context.Context, entry *logical.StorageEntry) error

Put is used to insert or update an entry

func (*AESGCMBarrier) Rekey 

func (b *AESGCMBarrier) Rekey(ctx context.Context, key []byte) error

Rekey is used to change the root key used to protect the keyring

func (*AESGCMBarrier) ReloadKeyring 

func (b *AESGCMBarrier) ReloadKeyring(ctx context.Context) error

ReloadKeyring is used to re-read the underlying keyring. This is used for HA deployments to ensure the latest keyring is present in the leader.

func (*AESGCMBarrier) ReloadRootKey 

func (b *AESGCMBarrier) ReloadRootKey(ctx context.Context) error

ReloadRootKey is used to re-read the underlying root key. This is used for HA deployments to ensure the latest root key is available for keyring reloading.

func (*AESGCMBarrier) Rotate 

func (b *AESGCMBarrier) Rotate(ctx context.Context, randomSource io.Reader) (uint32, error)

Rotate is used to create a new encryption key. All future writes should use the new key, while old values should still be decryptable.

func (*AESGCMBarrier) RotationConfig 

func (b *AESGCMBarrier) RotationConfig() (kc KeyRotationConfig, err error)

func (*AESGCMBarrier) Seal 

func (b *AESGCMBarrier) Seal() error

Seal is used to re-seal the barrier. This requires the barrier to be unsealed again to perform any further operations.

func (*AESGCMBarrier) Sealed 

func (b *AESGCMBarrier) Sealed() (bool, error)

Sealed checks if the barrier has been unlocked yet. The Barrier is not expected to be able to perform any CRUD until it is unsealed.

func (*AESGCMBarrier) SetRootKey 

func (b *AESGCMBarrier) SetRootKey(key []byte) error

SetRootKey updates the keyring's in-memory root key but does not persist anything to storage

func (*AESGCMBarrier) SetRotationConfig 

func (b *AESGCMBarrier) SetRotationConfig(ctx context.Context, rotConfig KeyRotationConfig) error

func (*AESGCMBarrier) TotalLocalEncryptions 

func (b *AESGCMBarrier) TotalLocalEncryptions() int64

UnaccountedEncryptions returns the number of encryptions made on the local instance only for the current key term

func (*AESGCMBarrier) Unseal 

func (b *AESGCMBarrier) Unseal(ctx context.Context, key []byte) error

Unseal is used to provide the root key which permits the barrier to be unsealed. If the key is not correct, the barrier remains sealed.

func (*AESGCMBarrier) VerifyRoot 

func (b *AESGCMBarrier) VerifyRoot(key []byte) error

VerifyRoot is used to check if the given key matches the root key

type APIMountConfig 

type APIMountConfig struct {
	DefaultLeaseTTL           string                `json:"default_lease_ttl" structs:"default_lease_ttl" mapstructure:"default_lease_ttl"`
	MaxLeaseTTL               string                `json:"max_lease_ttl" structs:"max_lease_ttl" mapstructure:"max_lease_ttl"`
	ForceNoCache              bool                  `json:"force_no_cache" structs:"force_no_cache" mapstructure:"force_no_cache"`
	AuditNonHMACRequestKeys   []string              `json:"audit_non_hmac_request_keys,omitempty" structs:"audit_non_hmac_request_keys" mapstructure:"audit_non_hmac_request_keys"`
	AuditNonHMACResponseKeys  []string              `` /* 128-byte string literal not displayed */
	ListingVisibility         ListingVisibilityType `json:"listing_visibility,omitempty" structs:"listing_visibility" mapstructure:"listing_visibility"`
	PassthroughRequestHeaders []string              `json:"passthrough_request_headers,omitempty" structs:"passthrough_request_headers" mapstructure:"passthrough_request_headers"`
	AllowedResponseHeaders    []string              `json:"allowed_response_headers,omitempty" structs:"allowed_response_headers" mapstructure:"allowed_response_headers"`
	TokenType                 string                `json:"token_type" structs:"token_type" mapstructure:"token_type"`
	AllowedManagedKeys        []string              `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"`

	// PluginName is the name of the plugin registered in the catalog.
	//
	// Deprecated: MountEntry.Type should be used instead for Vault 1.0.0 and beyond.
	PluginName string `json:"plugin_name,omitempty" structs:"plugin_name,omitempty" mapstructure:"plugin_name"`
}

APIMountConfig is an embedded struct of api.MountConfigInput

type ActiveEntities 

type ActiveEntities struct {
	// Entities contains information about the number of active entities.
	Entities EntityCounter `json:"entities"`
}

ActiveEntities contains the number of active entities.

type ActiveTokens 

type ActiveTokens struct {
	// ServiceTokens contains information about the number of active service
	// tokens.
	ServiceTokens TokenCounter `json:"service_tokens"`
}

ActiveTokens contains the number of active tokens.

type ActivityIntentLog 

type ActivityIntentLog struct {
	PreviousMonth int64 `json:"previous_month"`
	NextMonth     int64 `json:"next_month"`
}

type ActivityLog 

type ActivityLog struct {
	// contains filtered or unexported fields
}

ActivityLog tracks unique entity counts and non-entity token counts. It handles assembling log fragments (and sending them to the active node), writing log segments, and precomputing queries.

func NewActivityLog 

func NewActivityLog(core *Core, logger log.Logger, view *BarrierView, metrics metricsutil.Metrics) (*ActivityLog, error)

NewActivityLog creates an activity log.

func (*ActivityLog) AddClientToFragment 

func (a *ActivityLog) AddClientToFragment(clientID string, namespaceID string, timestamp int64, isTWE bool, mountAccessor string)

AddClientToFragment checks a client ID for uniqueness and if not already present, adds it to the current fragment. The timestamp is a Unix timestamp *without* nanoseconds, as that is what token.CreationTime uses.

func (*ActivityLog) AddEntityToFragment 

func (a *ActivityLog) AddEntityToFragment(entityID string, namespaceID string, timestamp int64)

func (*ActivityLog) AddTokenToFragment 

func (a *ActivityLog) AddTokenToFragment(namespaceID string)

NOTE: AddTokenToFragment is deprecated and can no longer be used, except for testing backward compatibility. Please use AddClientToFragment instead.

func (*ActivityLog) CreateOrFetchHyperlogLog 

func (a *ActivityLog) CreateOrFetchHyperlogLog(ctx context.Context, startTime time.Time) (*hyperloglog.Sketch, error)

CreateOrFetchHyperlogLog creates a new hyperlogLog for each startTime (month) if it does not exist in storage. hyperlogLog is used here to solve count-distinct problem i.e, to count the number of distinct clients In activity log, hyperloglog is a sketch containing clientID's in a given month

func (*ActivityLog) DefaultStartTime 

func (a *ActivityLog) DefaultStartTime(endTime time.Time) time.Time

func (*ActivityLog) ExpectCurrentSegmentRefreshed 

func (a *ActivityLog) ExpectCurrentSegmentRefreshed(t *testing.T, expectedStart int64, verifyTimeNotZero bool)

ExpectCurrentSegmentRefreshed verifies that the current segment has been refreshed non-nil empty components and updated with the `expectedStart` timestamp Note: if `verifyTimeNotZero` is true, ignore `expectedStart` and just make sure the timestamp isn't 0

func (*ActivityLog) GetCurrentEntities 

func (a *ActivityLog) GetCurrentEntities() *activity.EntityActivityLog

GetCurrentEntities returns the current entity activity log

func (*ActivityLog) GetEnabled 

func (a *ActivityLog) GetEnabled() bool

GetEnabled returns the enabled flag on an activity log

func (*ActivityLog) GetEntitySequenceNumber 

func (a *ActivityLog) GetEntitySequenceNumber() uint64

GetEntitySequenceNumber returns the current entity sequence number

func (*ActivityLog) GetStartTimestamp 

func (a *ActivityLog) GetStartTimestamp() int64

GetStartTimestamp returns the start timestamp on an activity log

func (*ActivityLog) GetStoredTokenCountByNamespaceID 

func (a *ActivityLog) GetStoredTokenCountByNamespaceID() map[string]uint64

GetStoredTokenCountByNamespaceID returns the count of tokens by namespace ID

func (*ActivityLog) HandleEndOfMonth 

func (a *ActivityLog) HandleEndOfMonth(ctx context.Context, currentTime time.Time) error

Handle rotation to end-of-month currentTime is an argument for unit-testing purposes

func (*ActivityLog) HandleTokenUsage 

func (a *ActivityLog) HandleTokenUsage(ctx context.Context, entry *logical.TokenEntry, clientID string, isTWE bool)

HandleTokenUsage adds the TokenEntry to the current fragment of the activity log This currently occurs on token usage only.

func (*ActivityLog) PartialMonthMetrics 

func (a *ActivityLog) PartialMonthMetrics(ctx context.Context) ([]metricsutil.GaugeLabelValues, error)

Periodic report of number of active entities, with the current month. We don't break this down by namespace because that would require going to storage (that information is not currently stored in memory.)

func (*ActivityLog) SetConfig 

func (a *ActivityLog) SetConfig(ctx context.Context, config activityConfig)

This version reacts to user changes

func (*ActivityLog) SetConfigInit 

func (a *ActivityLog) SetConfigInit(config activityConfig)

This version is used during construction

func (*ActivityLog) SetConfigStandby 

func (a *ActivityLog) SetConfigStandby(ctx context.Context, config activityConfig)

update the enable flag and reset the current log

func (*ActivityLog) SetEnable 

func (a *ActivityLog) SetEnable(enabled bool)

SetEnable sets the enabled flag on the activity log

func (*ActivityLog) SetStandbyEnable 

func (a *ActivityLog) SetStandbyEnable(ctx context.Context, enabled bool)

SetStandbyEnable sets enabled on a performance standby (using config)

func (*ActivityLog) SetStartTimestamp 

func (a *ActivityLog) SetStartTimestamp(timestamp int64)

SetStartTimestamp sets the start timestamp on an activity log

func (*ActivityLog) StartOfNextMonth 

func (a *ActivityLog) StartOfNextMonth() time.Time

func (*ActivityLog) StoreHyperlogLog 

func (a *ActivityLog) StoreHyperlogLog(ctx context.Context, startTime time.Time, newHll *hyperloglog.Sketch) error

StoreHyperlogLog stores the hyperloglog (a sketch containing client IDs) for startTime (month) in storage

func (*ActivityLog) WaitForDeletion 

func (a *ActivityLog) WaitForDeletion()

func (*ActivityLog) WalkEntitySegments 

func (a *ActivityLog) WalkEntitySegments(ctx context.Context, startTime time.Time, hll *hyperloglog.Sketch, walkFn func(*activity.EntityActivityLog, time.Time, *hyperloglog.Sketch) error) error

WalkEntitySegments loads each of the entity segments for a particular start time

func (*ActivityLog) WalkTokenSegments 

func (a *ActivityLog) WalkTokenSegments(ctx context.Context,
	startTime time.Time,
	walkFn func(*activity.TokenCount),
) error

WalkTokenSegments loads each of the token segments (expected 1) for a particular start time

type ActivityLogCoreConfig 

type ActivityLogCoreConfig struct {
	// Enable activity log even if the feature flag not set
	ForceEnable bool

	// Do not start timers to send or persist fragments.
	DisableTimers bool
}

These non-persistent configuration options allow us to disable parts of the implementation for integration testing. The default values should turn everything on.

type AuditBroker 

type AuditBroker struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

AuditBroker is used to provide a single ingest interface to auditable events given that multiple backends may be configured.

func NewAuditBroker 

func NewAuditBroker(log log.Logger) *AuditBroker

NewAuditBroker creates a new audit broker

func (*AuditBroker) Deregister 

func (a *AuditBroker) Deregister(name string)

Deregister is used to remove an audit backend from the broker

func (*AuditBroker) GetHash 

func (a *AuditBroker) GetHash(ctx context.Context, name string, input string) (string, error)

GetHash returns a hash using the salt of the given backend

func (*AuditBroker) Invalidate 

func (a *AuditBroker) Invalidate(ctx context.Context, key string)

func (*AuditBroker) IsLocal 

func (a *AuditBroker) IsLocal(name string) (bool, error)

IsLocal is used to check if a given audit backend is registered

func (*AuditBroker) IsRegistered 

func (a *AuditBroker) IsRegistered(name string) bool

IsRegistered is used to check if a given audit backend is registered

func (*AuditBroker) LogRequest 

func (a *AuditBroker) LogRequest(ctx context.Context, in *logical.LogInput, headersConfig *AuditedHeadersConfig) (ret error)

LogRequest is used to ensure all the audit backends have an opportunity to log the given request and that *at least one* succeeds.

func (*AuditBroker) LogResponse 

func (a *AuditBroker) LogResponse(ctx context.Context, in *logical.LogInput, headersConfig *AuditedHeadersConfig) (ret error)

LogResponse is used to ensure all the audit backends have an opportunity to log the given response and that *at least one* succeeds.

func (*AuditBroker) Register 

func (a *AuditBroker) Register(name string, b audit.Backend, v *BarrierView, local bool)

Register is used to add new audit backend to the broker

type AuditLogger 

type AuditLogger interface {
	AuditRequest(ctx context.Context, input *logical.LogInput) error
	AuditResponse(ctx context.Context, input *logical.LogInput) error
}

type AuditedHeadersConfig 

type AuditedHeadersConfig struct {
	Headers map[string]*auditedHeaderSettings

	sync.RWMutex
	// contains filtered or unexported fields
}

AuditedHeadersConfig is used by the Audit Broker to write only approved headers to the audit logs. It uses a BarrierView to persist the settings.

func (*AuditedHeadersConfig) ApplyConfig 

func (a *AuditedHeadersConfig) ApplyConfig(ctx context.Context, headers map[string][]string, hashFunc func(context.Context, string) (string, error)) (result map[string][]string, retErr error)

ApplyConfig returns a map of approved headers and their values, either hmac'ed or plaintext

type AuthResults 

type AuthResults struct {
	ACLResults      *ACLResults
	SentinelResults *SentinelResults
	Allowed         bool
	RootPrivs       bool
	DeniedError     bool
	Error           *multierror.Error
}

type BarrierEncryptor 

type BarrierEncryptor interface {
	Encrypt(ctx context.Context, key string, plaintext []byte) ([]byte, error)
	Decrypt(ctx context.Context, key string, ciphertext []byte) ([]byte, error)
}

BarrierEncryptor is the in memory only interface that does not actually use the underlying barrier. It is used for lower level modules like the Write-Ahead-Log and Merkle index to allow them to use the barrier.

type BarrierEncryptorAccess 

type BarrierEncryptorAccess struct {
	// contains filtered or unexported fields
}

BarrierEncryptorAccess is a wrapper around BarrierEncryptor that allows Core to expose its barrier encrypt/decrypt operations through BarrierEncryptorAccess() while restricting the ability to modify Core.barrier itself.

func NewBarrierEncryptorAccess 

func NewBarrierEncryptorAccess(barrierEncryptor BarrierEncryptor) *BarrierEncryptorAccess

func (*BarrierEncryptorAccess) Decrypt 

func (b *BarrierEncryptorAccess) Decrypt(ctx context.Context, key string, ciphertext []byte) ([]byte, error)

func (*BarrierEncryptorAccess) Encrypt 

func (b *BarrierEncryptorAccess) Encrypt(ctx context.Context, key string, plaintext []byte) ([]byte, error)

type BarrierStorage 

type BarrierStorage interface {
	// Put is used to insert or update an entry
	Put(ctx context.Context, entry *logical.StorageEntry) error

	// Get is used to fetch an entry
	Get(ctx context.Context, key string) (*logical.StorageEntry, error)

	// Delete is used to permanently delete an entry
	Delete(ctx context.Context, key string) error

	// List is used ot list all the keys under a given
	// prefix, up to the next prefix.
	List(ctx context.Context, prefix string) ([]string, error)
}

BarrierStorage is the storage only interface required for a Barrier.

type BarrierView 

type BarrierView struct {
	// contains filtered or unexported fields
}

BarrierView wraps a SecurityBarrier and ensures all access is automatically prefixed. This is used to prevent anyone with access to the view to access any data in the durable storage outside of their prefix. Conceptually this is like a "chroot" into the barrier.

BarrierView implements logical.Storage so it can be passed in as the durable storage mechanism for logical views.

func NewBarrierView 

func NewBarrierView(barrier logical.Storage, prefix string) *BarrierView

NewBarrierView takes an underlying security barrier and returns a view of it that can only operate with the given prefix.

func (*BarrierView) Delete 

func (v *BarrierView) Delete(ctx context.Context, key string) error

logical.Storage impl.

func (*BarrierView) Get 

func (v *BarrierView) Get(ctx context.Context, key string) (*logical.StorageEntry, error)

func (*BarrierView) List 

func (v *BarrierView) List(ctx context.Context, prefix string) ([]string, error)

func (*BarrierView) Prefix 

func (v *BarrierView) Prefix() string

func (*BarrierView) Put 

func (v *BarrierView) Put(ctx context.Context, entry *logical.StorageEntry) error

Put differs from List/Get because it checks read-only errors

func (*BarrierView) SubView 

func (v *BarrierView) SubView(prefix string) *BarrierView

SubView constructs a nested sub-view using the given prefix

type BuiltinRegistry 

type BuiltinRegistry interface {
	Contains(name string, pluginType consts.PluginType) bool
	Get(name string, pluginType consts.PluginType) (func() (interface{}, error), bool)
	Keys(pluginType consts.PluginType) []string
	DeprecationStatus(name string, pluginType consts.PluginType) (consts.DeprecationStatus, bool)
}

BuiltinRegistry is an interface that allows the "vault" package to use the registry of builtin plugins without getting an import cycle. It also allows for mocking the registry easily.

type CORSConfig 

type CORSConfig struct {
	sync.RWMutex `json:"-"`

	Enabled        *uint32  `json:"enabled"`
	AllowedOrigins []string `json:"allowed_origins,omitempty"`
	AllowedHeaders []string `json:"allowed_headers,omitempty"`
	// contains filtered or unexported fields
}

CORSConfig stores the state of the CORS configuration.

func (*CORSConfig) Disable 

func (c *CORSConfig) Disable(ctx context.Context) error

Disable sets CORS to disabled and clears the allowed origins & headers.

func (*CORSConfig) Enable 

func (c *CORSConfig) Enable(ctx context.Context, urls []string, headers []string) error

Enable takes either a '*' or a comma-separated list of URLs that can make cross-origin requests to Vault.

func (*CORSConfig) IsEnabled 

func (c *CORSConfig) IsEnabled() bool

IsEnabled returns the value of CORSConfig.isEnabled

func (*CORSConfig) IsValidOrigin 

func (c *CORSConfig) IsValidOrigin(origin string) bool

IsValidOrigin determines if the origin of the request is allowed to make cross-origin requests based on the CORSConfig.

type ClientKey 

type ClientKey struct {
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	X    []byte `protobuf:"bytes,2,opt,name=x,proto3" json:"x,omitempty"`
	Y    []byte `protobuf:"bytes,3,opt,name=y,proto3" json:"y,omitempty"`
	D    []byte `protobuf:"bytes,4,opt,name=d,proto3" json:"d,omitempty"`
	// contains filtered or unexported fields
}

func (*ClientKey) Descriptor deprecated 

func (*ClientKey) Descriptor() ([]byte, []int)

Deprecated: Use ClientKey.ProtoReflect.Descriptor instead.

func (*ClientKey) GetD 

func (x *ClientKey) GetD() []byte

func (*ClientKey) GetType 

func (x *ClientKey) GetType() string

func (*ClientKey) GetX 

func (x *ClientKey) GetX() []byte

func (*ClientKey) GetY 

func (x *ClientKey) GetY() []byte

func (*ClientKey) ProtoMessage 

func (*ClientKey) ProtoMessage()

func (*ClientKey) ProtoReflect 

func (x *ClientKey) ProtoReflect() protoreflect.Message

func (*ClientKey) Reset 

func (x *ClientKey) Reset()

func (*ClientKey) String 

func (x *ClientKey) String() string

type Cluster 

type Cluster struct {
	// Name of the cluster
	Name string `json:"name" structs:"name" mapstructure:"name"`

	// Identifier of the cluster
	ID string `json:"id" structs:"id" mapstructure:"id"`
}

Structure representing the storage entry that holds cluster information

type ClusterLeaderParams 

type ClusterLeaderParams struct {
	LeaderUUID         string
	LeaderRedirectAddr string
	LeaderClusterAddr  string
}

type ControlGroup 

type ControlGroup struct {
	TTL     time.Duration
	Factors []*ControlGroupFactor
}

type ControlGroupFactor 

type ControlGroupFactor struct {
	Name                   string
	Identity               *IdentityFactor `hcl:"identity"`
	ControlledCapabilities []string        `hcl:"controlled_capabilities"`
}

type ControlGroupHCL 

type ControlGroupHCL struct {
	TTL     interface{}                    `hcl:"ttl"`
	Factors map[string]*ControlGroupFactor `hcl:"factor"`
}

type Core 

type Core struct {

	// PR1103disabled is used to test upgrade workflows: when set to true,
	// the correct behaviour for namespaced cubbyholes is disabled, so we
	// can test an upgrade to a version that includes the fixes from
	// https://github.com/hashicorp/vault-enterprise/pull/1103
	PR1103disabled bool

	IndexHeaderHMACKey uberAtomic.Value
	// contains filtered or unexported fields
}

Core is used as the central manager of Vault activity. It is the primary point of interface for API handlers and is responsible for managing the logical and physical backends, router, security barrier, and audit trails.

func CreateCore 

func CreateCore(conf *CoreConfig) (*Core, error)

CreateCore conducts static validations on the Core Config and returns an uninitialized core.

func NewCore 

func NewCore(conf *CoreConfig) (*Core, error)

NewCore is used to construct a new core

func TestCore 

func TestCore(t testing.T) *Core

TestCore returns a pure in-memory, uninitialized core for testing.

func TestCoreNewSeal 

func TestCoreNewSeal(t testing.T) *Core

TestCoreNewSeal returns a pure in-memory, uninitialized core with the new seal configuration.

func TestCoreRaw 

func TestCoreRaw(t testing.T) *Core

TestCoreRaw returns a pure in-memory, uninitialized core for testing. The raw storage endpoints are enabled with this core.

func TestCoreUI 

func TestCoreUI(t testing.T, enableUI bool) *Core

func TestCoreUnsealed 

func TestCoreUnsealed(t testing.T) (*Core, [][]byte, string)

TestCoreUnsealed returns a pure in-memory core that is already initialized and unsealed.

func TestCoreUnsealedBackend 

func TestCoreUnsealedBackend(t testing.T, backend physical.Backend) (*Core, [][]byte, string)

func TestCoreUnsealedRaw 

func TestCoreUnsealedRaw(t testing.T) (*Core, [][]byte, string)

TestCoreUnsealedRaw returns a pure in-memory core that is already initialized, unsealed, and with raw endpoints enabled.

func TestCoreUnsealedWithConfig 

func TestCoreUnsealedWithConfig(t testing.T, conf *CoreConfig) (*Core, [][]byte, string)

TestCoreUnsealedWithConfig returns a pure in-memory core that is already initialized, unsealed, with the any provided core config values overridden.

func TestCoreUnsealedWithConfigSealOpts 

func TestCoreUnsealedWithConfigSealOpts(t testing.T, barrierConf, recoveryConf *SealConfig, sealOpts *seal.TestSealOpts) (*Core, [][]byte, [][]byte, string)

func TestCoreUnsealedWithConfigs 

func TestCoreUnsealedWithConfigs(t testing.T, barrierConf, recoveryConf *SealConfig) (*Core, [][]byte, [][]byte, string)

func TestCoreUnsealedWithMetrics 

func TestCoreUnsealedWithMetrics(t testing.T) (*Core, [][]byte, string, *metrics.InmemSink)

func TestCoreWithConfig 

func TestCoreWithConfig(t testing.T, conf *CoreConfig) *Core

TestCoreWithConfig returns a pure in-memory, uninitialized core with the specified core configurations overridden for testing.

func TestCoreWithCustomResponseHeaderAndUI 

func TestCoreWithCustomResponseHeaderAndUI(t testing.T, CustomResponseHeaders map[string]map[string]string, enableUI bool) (*Core, [][]byte, string)

func TestCoreWithSeal 

func TestCoreWithSeal(t testing.T, testSeal Seal, enableRaw bool) *Core

TestCoreWithSeal returns a pure in-memory, uninitialized core with the specified seal for testing.

func TestCoreWithSealAndUI 

func TestCoreWithSealAndUI(t testing.T, opts *CoreConfig) *Core

func TestCoreWithSealAndUINoCleanup 

func TestCoreWithSealAndUINoCleanup(t testing.T, opts *CoreConfig) *Core

func (*Core) ActiveNodeReplicationState 

func (c *Core) ActiveNodeReplicationState() consts.ReplicationState

func (*Core) ActiveTime 

func (c *Core) ActiveTime() time.Time

func (*Core) ActivityLogInjectResponse 

func (c *Core) ActivityLogInjectResponse(ctx context.Context, pq *activity.PrecomputedQuery) error

ActivityLogInjectResponse injects a precomputed query into storage for testing.

func (*Core) AddIrrevocableLease 

func (c *Core) AddIrrevocableLease(ctx context.Context, pathPrefix string) (*basicLeaseTestInfo, error)

add an irrevocable lease for test purposes returns the lease ID and expire time

func (*Core) AddLogger 

func (c *Core) AddLogger(logger log.Logger)

func (*Core) AllowForwardingViaHeader 

func (c *Core) AllowForwardingViaHeader() bool

func (*Core) ApplyRateLimitQuota 

func (c *Core) ApplyRateLimitQuota(ctx context.Context, req *quotas.Request) (quotas.Response, error)

ApplyRateLimitQuota checks the request against all the applicable quota rules. If the given request's path is exempt, no rate limiting will be applied.

func (*Core) AuditLogger 

func (c *Core) AuditLogger() AuditLogger

func (*Core) AuditedHeadersConfig 

func (c *Core) AuditedHeadersConfig() *AuditedHeadersConfig

func (*Core) BarrierEncryptorAccess 

func (c *Core) BarrierEncryptorAccess() *BarrierEncryptorAccess

func (*Core) BarrierKeyLength 

func (c *Core) BarrierKeyLength() (min, max int)

func (*Core) BarrierRekeyInit 

func (c *Core) BarrierRekeyInit(config *SealConfig) logical.HTTPCodedError

BarrierRekeyInit is used to initialize the rekey settings for the barrier key

func (*Core) BarrierRekeyUpdate 

func (c *Core) BarrierRekeyUpdate(ctx context.Context, key []byte, nonce string) (*RekeyResult, logical.HTTPCodedError)

BarrierRekeyUpdate is used to provide a new key part. Barrier rekey can be done with unseal keys, or recovery keys if that's supported and we are storing the barrier key.

N.B.: If recovery keys are used to rekey, the new barrier key shares are not returned.

func (*Core) CORSConfig 

func (c *Core) CORSConfig() *CORSConfig

CORSConfig returns the current CORS configuration

func (*Core) Capabilities 

func (c *Core) Capabilities(ctx context.Context, token, path string) ([]string, error)

Capabilities is used to fetch the capabilities of the given token on the given path

func (*Core) CheckPluginPerms 

func (c *Core) CheckPluginPerms(pluginName string) (err error)

func (*Core) CheckSSCToken 

func (c *Core) CheckSSCToken(ctx context.Context, token string, unauth bool, isPerfStandby bool) (string, error)

func (*Core) Cluster 

func (c *Core) Cluster(ctx context.Context) (*Cluster, error)

Cluster fetches the details of the local cluster. This method errors out when Vault is sealed.

func (*Core) ClusterAddr 

func (c *Core) ClusterAddr() string

func (*Core) CreateEntity 

func (c *Core) CreateEntity(ctx context.Context) (*identity.Entity, error)

func (*Core) CreateToken 

func (c *Core) CreateToken(ctx context.Context, entry *logical.TokenEntry) error

CreateToken creates the given token in the core's token store.

func (*Core) DecodeSSCToken 

func (c *Core) DecodeSSCToken(token string) (string, error)

DecodeSSCToken returns the random part of an SSCToken without performing any signature or WAL checks.

func (*Core) DecodeSSCTokenInternal 

func (c *Core) DecodeSSCTokenInternal(token string) (*tokens.Token, error)

DecodeSSCTokenInternal is a helper used to get the inner part of a SSC token without checking the token signature or the WAL index.

func (*Core) DetermineRoleFromLoginRequest 

func (c *Core) DetermineRoleFromLoginRequest(mountPoint string, data map[string]interface{}, ctx context.Context) string

DetermineRoleFromLoginRequest will determine the role that should be applied to a quota for a given login request

func (*Core) DetermineRoleFromLoginRequestFromBytes 

func (c *Core) DetermineRoleFromLoginRequestFromBytes(mountPoint string, payload []byte, ctx context.Context) string

DetermineRoleFromLoginRequestFromBytes will determine the role that should be applied to a quota for a given login request, accepting a byte payload

func (*Core) DisableSSCTokens 

func (c *Core) DisableSSCTokens() bool

DisableSSCTokens determines whether to use server side consistent tokens or not.

func (*Core) ExistCustomResponseHeader 

func (c *Core) ExistCustomResponseHeader(header string) bool

ExistCustomResponseHeader checks if a custom header is configured in any listener's stanza

func (*Core) Features 

func (c *Core) Features() license.Features

func (*Core) FetchLeaseCountToRevoke 

func (c *Core) FetchLeaseCountToRevoke() int

func (*Core) FinalizeInFlightReqData 

func (c *Core) FinalizeInFlightReqData(reqID string, statusCode int)

FinalizeInFlightReqData is going log the completed request if the corresponding server config option is enabled. It also removes the request from the inFlightReqMap and decrement the number of in-flight requests by one.

func (*Core) FindNewestVersionTimestamp 

func (c *Core) FindNewestVersionTimestamp() (string, time.Time, error)

func (*Core) FindOldestVersionTimestamp 

func (c *Core) FindOldestVersionTimestamp() (string, time.Time, error)

FindOldestVersionTimestamp searches for the vault version with the oldest upgrade timestamp from storage. The earliest version this can be is 1.9.0.

func (*Core) ForwardRequest 

func (c *Core) ForwardRequest(req *http.Request) (int, http.Header, []byte, error)

ForwardRequest forwards a given request to the active node and returns the response.

func (*Core) ForwardToActive 

func (c *Core) ForwardToActive() string

func (*Core) GenerateRootCancel 

func (c *Core) GenerateRootCancel() error

GenerateRootCancel is used to cancel an in-progress root generation

func (*Core) GenerateRootConfiguration 

func (c *Core) GenerateRootConfiguration() (*GenerateRootConfig, error)

GenerateRootConfiguration is used to read the root generation configuration It stubbornly refuses to return the OTP if one is there.

func (*Core) GenerateRootInit 

func (c *Core) GenerateRootInit(otp, pgpKey string, strategy GenerateRootStrategy) error

GenerateRootInit is used to initialize the root generation settings

func (*Core) GenerateRootProgress 

func (c *Core) GenerateRootProgress() (int, error)

GenerateRootProgress is used to return the root generation progress (num shares)

func (*Core) GenerateRootUpdate 

func (c *Core) GenerateRootUpdate(ctx context.Context, key []byte, nonce string, strategy GenerateRootStrategy) (*GenerateRootResult, error)

GenerateRootUpdate is used to provide a new key part

func (*Core) GetActiveClients 

func (c *Core) GetActiveClients() map[string]*activity.EntityRecord

GetActiveClients returns the in-memory partialMonthClientTracker from an activity log.

func (*Core) GetActivityLog 

func (c *Core) GetActivityLog() *ActivityLog

GetActivityLog returns a pointer to the (private) activity log on a core Note: you must do the usual locking scheme when modifying the ActivityLog

func (*Core) GetContext 

func (c *Core) GetContext() (context.Context, context.CancelFunc)

func (*Core) GetCoreConfigInternal 

func (c *Core) GetCoreConfigInternal() *server.Config

GetCoreConfigInternal returns the server configuration in struct format.

func (*Core) GetHAPeerNodesCached 

func (c *Core) GetHAPeerNodesCached() []PeerNode

GetHAPeerNodesCached returns the nodes that've sent us Echo requests recently.

func (*Core) GetHCPLinkStatus 

func (c *Core) GetHCPLinkStatus() (string, string)

func (*Core) GetLeaderStatus 

func (core *Core) GetLeaderStatus() (*LeaderResponse, error)

func (*Core) GetListenerCustomResponseHeaders 

func (c *Core) GetListenerCustomResponseHeaders(listenerAdd string) *ListenerCustomHeaders

func (*Core) GetRaftIndexes 

func (c *Core) GetRaftIndexes() (committed uint64, applied uint64)

func (*Core) GetRaftNodeID 

func (c *Core) GetRaftNodeID() string

GetRaftNodeID returns the raft node ID if there is one, or an empty string if there's not

func (*Core) GetSealStatus 

func (core *Core) GetSealStatus(ctx context.Context) (*SealStatusResponse, error)

func (*Core) HAState 

func (c *Core) HAState() consts.HAState

func (*Core) HandleRequest 

func (c *Core) HandleRequest(httpCtx context.Context, req *logical.Request) (resp *logical.Response, err error)

HandleRequest is used to handle a new incoming request

func (*Core) HasFeature 

func (c *Core) HasFeature(license.Features) bool

func (*Core) HasWALState 

func (c *Core) HasWALState(required *logical.WALState, perfStandby bool) bool

func (*Core) HostnameHeaderEnabled 

func (c *Core) HostnameHeaderEnabled() bool

HostnameHeaderEnabled determines whether to add the X-Vault-Hostname header to HTTP responses.

func (*Core) IdentityStore 

func (c *Core) IdentityStore() *IdentityStore

func (*Core) Initialize 

func (c *Core) Initialize(ctx context.Context, initParams *InitParams) (*InitResult, error)

Initialize is used to initialize the Vault with the given configurations.

func (*Core) InitializeRecovery 

func (c *Core) InitializeRecovery(ctx context.Context) error

func (*Core) Initialized 

func (c *Core) Initialized(ctx context.Context) (bool, error)

Initialized checks if the Vault is already initialized. This means one of two things: either the barrier has been created (with keyring and master key) and the seal config written to storage, or Raft is forming a cluster and a join/bootstrap is in progress.

func (*Core) InitializedLocally 

func (c *Core) InitializedLocally(ctx context.Context) (bool, error)

InitializedLocally checks if the Vault is already initialized from the local node's perspective. This is the same thing as Initialized, unless using Raft, in which case Initialized may return true (because a peer we're joining to has been initialized) while InitializedLocally returns false (because we're not done bootstrapping raft on the local node).

func (*Core) InitiateRetryJoin 

func (c *Core) InitiateRetryJoin(ctx context.Context) error

func (*Core) InjectActivityLogDataThisMonth 

func (c *Core) InjectActivityLogDataThisMonth(t *testing.T) map[string]*activity.EntityRecord

InjectActivityLogDataThisMonth populates the in-memory client store with some entities and tokens, overriding what was already there It is currently used for API integration tests

func (*Core) InjectIrrevocableLeases 

func (c *Core) InjectIrrevocableLeases(ctx context.Context, count int) (map[string]int, error)

InjectIrrevocableLeases injects `count` irrevocable leases (currently to a single mount). It returns a map of the mount accessor to the number of leases stored there

func (*Core) IsBatchTokenCreationRequest 

func (c *Core) IsBatchTokenCreationRequest(ctx context.Context, path string) (bool, error)

func (*Core) IsDRSecondary 

func (c *Core) IsDRSecondary() bool

IsDRSecondary returns if the current cluster state is a DR secondary.

func (*Core) IsInSealMigrationMode 

func (c *Core) IsInSealMigrationMode() bool

IsInSealMigrationMode returns true if we're configured to perform a seal migration, meaning either that we have a disabled seal in HCL configuration or the seal configuration in storage is Shamir but the seal in HCL is not. In this mode we should not auto-unseal (even if the migration is done) and we will accept unseal requests with and without the `migrate` option, though the migrate option is required if we haven't yet performed the seal migration.

func (*Core) IsPerfSecondary 

func (c *Core) IsPerfSecondary() bool

func (*Core) IsSealMigrated 

func (c *Core) IsSealMigrated() bool

IsSealMigrated returns true if we're in seal migration mode but migration has already been performed (possibly by another node, or prior to this node's current invocation.)

func (*Core) JoinRaftCluster 

func (c *Core) JoinRaftCluster(ctx context.Context, leaderInfos []*raft.LeaderJoinInfo, nonVoter bool) (bool, error)

func (*Core) KeyRotateGracePeriod 

func (c *Core) KeyRotateGracePeriod() time.Duration

func (*Core) Leader 

func (c *Core) Leader() (isLeader bool, leaderAddr, clusterAddr string, err error)

Leader is used to get the current active leader

func (*Core) ListAuths 

func (c *Core) ListAuths() ([]*MountEntry, error)

ListAuths will provide a slice containing a deep copy each auth entry

func (*Core) ListMounts 

func (c *Core) ListMounts() ([]*MountEntry, error)

ListMounts will provide a slice containing a deep copy each mount entry

func (*Core) ListNamespaces 

func (c *Core) ListNamespaces(includePath bool) []*namespace.Namespace

func (*Core) LoadInFlightReqData 

func (c *Core) LoadInFlightReqData() map[string]InFlightReqData

LoadInFlightReqData creates a snapshot map of the current in-flight requests

func (*Core) LoadNodeID 

func (c *Core) LoadNodeID() (string, error)

func (*Core) LogCompletedRequests 

func (c *Core) LogCompletedRequests(reqID string, statusCode int)

LogCompletedRequests Logs the completed request to the server logs

func (*Core) LogFormat 

func (c *Core) LogFormat() string

LogFormat returns the log format current in use.

func (*Core) Logger 

func (c *Core) Logger() log.Logger

func (*Core) LoginCreateToken 

func (c *Core) LoginCreateToken(ctx context.Context, ns *namespace.Namespace, reqPath, mountPoint string, resp *logical.Response, loginRequestData map[string]interface{}) (bool, *logical.Response, error)

LoginCreateToken creates a token as a result of a login request. If MFA is enforced, mfa/validate endpoint calls this functions after successful MFA validation to generate the token.

func (*Core) LoginMFACreateToken 

func (c *Core) LoginMFACreateToken(ctx context.Context, reqPath string, cachedAuth *logical.Auth, loginRequestData map[string]interface{}) (*logical.Response, error)

LoginMFACreateToken creates a token after the login MFA is validated. It also applies the lease quotas on the original login request path.

func (*Core) LookupToken 

func (c *Core) LookupToken(ctx context.Context, token string) (*logical.TokenEntry, error)

LookupToken returns the properties of the token from the token store. This is particularly useful to fetch the accessor of the client token and get it populated in the logical request along with the client token. The accessor of the client token can get audit logged.

Should be called with read stateLock held.

func (*Core) MatchingMount 

func (c *Core) MatchingMount(ctx context.Context, reqPath string) string

MatchingMount returns the path of the mount that will be responsible for handling the given request path.

func (*Core) MetricSink 

func (c *Core) MetricSink() *metricsutil.ClusterMetricSink

MetricSink returns the metrics wrapper with which Core has been configured.

func (*Core) MetricsHelper 

func (c *Core) MetricsHelper() *metricsutil.MetricsHelper

MetricsHelper returns the global metrics helper which allows external packages to access Vault's internal metrics.

func (*Core) MissingRequiredState 

func (c *Core) MissingRequiredState(raw []string, perfStandby bool) bool

func (*Core) NamespaceByID 

func (c *Core) NamespaceByID(ctx context.Context, nsID string) (*namespace.Namespace, error)

func (*Core) PerfStandby 

func (c *Core) PerfStandby() bool

PerfStandby checks if the vault is a performance standby This function cannot be used during request handling because this causes a deadlock with the statelock.

func (*Core) PersistTOTPKey 

func (c *Core) PersistTOTPKey(ctx context.Context, methodID, entityID, key string) error

func (*Core) PhysicalAccess 

func (c *Core) PhysicalAccess() *physical.PhysicalAccess

func (*Core) PhysicalSealConfigs 

func (c *Core) PhysicalSealConfigs(ctx context.Context) (*SealConfig, *SealConfig, error)

func (*Core) PopMFAResponseAuthByID 

func (c *Core) PopMFAResponseAuthByID(reqID string) (*MFACachedAuthResponse, error)

PopMFAResponseAuthByID pops an item from the mfaResponseAuthQueue by ID it returns the cached auth response or an error

func (*Core) PopulateTokenEntry 

func (c *Core) PopulateTokenEntry(ctx context.Context, req *logical.Request) error

PopulateTokenEntry looks up req.ClientToken in the token store and uses it to set other fields in req. Does nothing if ClientToken is empty or a JWT token, or for service tokens that don't exist in the token store. Should be called with read stateLock held.

func (*Core) RaftBootstrap 

func (c *Core) RaftBootstrap(ctx context.Context, onInit bool) error

RaftBootstrap performs bootstrapping of a raft cluster if core contains a raft backend. If raft is not part for the storage or HA storage backend, this call results in an error.

func (*Core) RaftNodeIDHeaderEnabled 

func (c *Core) RaftNodeIDHeaderEnabled() bool

RaftNodeIDHeaderEnabled determines whether to add the X-Vault-Raft-Node-ID header to HTTP responses.

func (*Core) RateLimitAuditLoggingEnabled 

func (c *Core) RateLimitAuditLoggingEnabled() bool

RateLimitAuditLoggingEnabled returns if the quota configuration allows audit logging of request rejections due to rate limiting quota rule violations.

func (*Core) RateLimitResponseHeadersEnabled 

func (c *Core) RateLimitResponseHeadersEnabled() bool

RateLimitResponseHeadersEnabled returns if the quota configuration allows for rate limit quota HTTP headers to be added to responses.

func (*Core) RecoveryRekeyInit 

func (c *Core) RecoveryRekeyInit(config *SealConfig) logical.HTTPCodedError

RecoveryRekeyInit is used to initialize the rekey settings for the recovery key

func (*Core) RecoveryRekeyUpdate 

func (c *Core) RecoveryRekeyUpdate(ctx context.Context, key []byte, nonce string) (*RekeyResult, logical.HTTPCodedError)

RecoveryRekeyUpdate is used to provide a new key part

func (*Core) RegisterAuth 

func (c *Core) RegisterAuth(ctx context.Context, tokenTTL time.Duration, path string, auth *logical.Auth, role string) error

RegisterAuth uses a logical.Auth object to create a token entry in the token store, and registers a corresponding token lease to the expiration manager. role is the login role used as part of the creation of the token entry. If not relevant, can be omitted (by being provided as "").

func (*Core) RekeyCancel 

func (c *Core) RekeyCancel(recovery bool) logical.HTTPCodedError

RekeyCancel is used to cancel an in-progress rekey

func (*Core) RekeyConfig 

func (c *Core) RekeyConfig(recovery bool) (*SealConfig, logical.HTTPCodedError)

RekeyConfig is used to read the rekey configuration

func (*Core) RekeyDeleteBackup 

func (c *Core) RekeyDeleteBackup(ctx context.Context, recovery bool) logical.HTTPCodedError

RekeyDeleteBackup is used to delete any backed-up PGP-encrypted unseal keys

func (*Core) RekeyInit 

func (c *Core) RekeyInit(config *SealConfig, recovery bool) logical.HTTPCodedError

RekeyInit will either initialize the rekey of barrier or recovery key. recovery determines whether this is a rekey on the barrier or recovery key.

func (*Core) RekeyProgress 

func (c *Core) RekeyProgress(recovery, verification bool) (bool, int, logical.HTTPCodedError)

RekeyProgress is used to return the rekey progress (num shares).

func (*Core) RekeyRetrieveBackup 

func (c *Core) RekeyRetrieveBackup(ctx context.Context, recovery bool) (*RekeyBackup, logical.HTTPCodedError)

RekeyRetrieveBackup is used to retrieve any backed-up PGP-encrypted unseal keys

func (*Core) RekeyThreshold 

func (c *Core) RekeyThreshold(ctx context.Context, recovery bool) (int, logical.HTTPCodedError)

RekeyThreshold returns the secret threshold for the current seal config. This threshold can either be the barrier key threshold or the recovery key threshold, depending on whether rekey is being performed on the recovery key, or whether the seal supports recovery keys.

func (*Core) RekeyUpdate 

func (c *Core) RekeyUpdate(ctx context.Context, key []byte, nonce string, recovery bool) (*RekeyResult, logical.HTTPCodedError)

RekeyUpdate is used to provide a new key part for the barrier or recovery key.

func (*Core) RekeyVerify 

func (c *Core) RekeyVerify(ctx context.Context, key []byte, nonce string, recovery bool) (ret *RekeyVerifyResult, retErr logical.HTTPCodedError)

func (*Core) RekeyVerifyRestart 

func (c *Core) RekeyVerifyRestart(recovery bool) logical.HTTPCodedError

RekeyVerifyRestart is used to start the verification process over

func (*Core) ReloadCustomResponseHeaders 

func (c *Core) ReloadCustomResponseHeaders() error

func (*Core) ReloadLogRequestsLevel 

func (c *Core) ReloadLogRequestsLevel()

func (*Core) ReloadManagedKeyRegistryConfig 

func (c *Core) ReloadManagedKeyRegistryConfig()

func (*Core) ReplicationState 

func (c *Core) ReplicationState() consts.ReplicationState

func (*Core) ResetActivityLog 

func (c *Core) ResetActivityLog() []*activity.LogFragment

ResetActivityLog is used to extract the current fragment(s) during integration testing, so that it can be checked in a race-free way.

func (*Core) ResetUnsealProcess 

func (c *Core) ResetUnsealProcess()

ResetUnsealProcess removes the current unlock parts from memory, to reset the unsealing process

func (*Core) RouterAccess 

func (c *Core) RouterAccess() *RouterAccess

func (*Core) SanitizedConfig 

func (c *Core) SanitizedConfig() map[string]interface{}

SanitizedConfig returns a sanitized version of the current config. See server.Config.Sanitized for specific values omitted.

func (*Core) SaveMFAResponseAuth 

func (c *Core) SaveMFAResponseAuth(respAuth *MFACachedAuthResponse) error

SaveMFAResponseAuth pushes an MFACachedAuthResponse to the mfaResponseAuthQueue. it returns an error in case of failure

func (*Core) Seal 

func (c *Core) Seal(token string) error

Seal takes in a token and creates a logical.Request, acquires the lock, and passes through to sealInternal

func (*Core) SealAccess 

func (c *Core) SealAccess() *SealAccess

func (*Core) SealWithRequest 

func (c *Core) SealWithRequest(httpCtx context.Context, req *logical.Request) error

SealWithRequest takes in a logical.Request, acquires the lock, and passes through to sealInternal

func (*Core) Sealed 

func (c *Core) Sealed() bool

Sealed checks if the Vault is current sealed

func (*Core) SecretProgress 

func (c *Core) SecretProgress() (int, string)

SecretProgress returns the number of keys provided so far

func (*Core) SendGroupUpdate 

func (c *Core) SendGroupUpdate(context.Context, *identity.Group) (bool, error)

func (*Core) SetClusterHandler 

func (c *Core) SetClusterHandler(handler http.Handler)

func (*Core) SetClusterListenerAddrs 

func (c *Core) SetClusterListenerAddrs(addrs []*net.TCPAddr)

func (*Core) SetConfig 

func (c *Core) SetConfig(conf *server.Config)

SetConfig sets core's config object to the newly provided config.

func (*Core) SetHCPLinkStatus 

func (c *Core) SetHCPLinkStatus(status, resourceID string)

func (*Core) SetKeyRotateGracePeriod 

func (c *Core) SetKeyRotateGracePeriod(t time.Duration)

func (*Core) SetLoadCaseSensitiveIdentityStore 

func (c *Core) SetLoadCaseSensitiveIdentityStore(caseSensitive bool)

func (*Core) SetLogLevel 

func (c *Core) SetLogLevel(level log.Level)

func (*Core) SetLogLevelByName 

func (c *Core) SetLogLevelByName(name string, level log.Level) error

func (*Core) SetNeverBecomeActive 

func (c *Core) SetNeverBecomeActive(on bool)

func (*Core) Shutdown 

func (c *Core) Shutdown() error

Shutdown is invoked when the Vault instance is about to be terminated. It should not be accessible as part of an API call as it will cause an availability problem. It is only used to gracefully quit in the case of HA so that failover happens as quickly as possible.

func (*Core) ShutdownDone 

func (c *Core) ShutdownDone() <-chan struct{}

ShutdownDone returns a channel that will be closed after Shutdown completes

func (*Core) ShutdownWait 

func (c *Core) ShutdownWait() error

func (*Core) Standby 

func (c *Core) Standby() (bool, error)

Standby checks if the Vault is in standby mode

func (*Core) StandbyStates 

func (c *Core) StandbyStates() (standby, perfStandby bool)

StandbyStates is meant as a way to avoid some extra locking on the very common sys/health check.

func (*Core) StepDown 

func (c *Core) StepDown(httpCtx context.Context, req *logical.Request) (retErr error)

StepDown is used to step down from leadership

func (*Core) StorageType 

func (c *Core) StorageType() string

StorageType returns a string equal to the storage configuration's type.

func (*Core) StoreInFlightReqData 

func (c *Core) StoreInFlightReqData(reqID string, data InFlightReqData)

func (*Core) UIEnabled 

func (c *Core) UIEnabled() bool

UIEnabled returns if the UI is enabled

func (*Core) UIHeaders 

func (c *Core) UIHeaders() (http.Header, error)

UIHeaders returns configured UI headers

func (*Core) Unseal 

func (c *Core) Unseal(key []byte) (bool, error)

Unseal is used to provide one of the key parts to unseal the Vault.

func (*Core) UnsealMigrate 

func (c *Core) UnsealMigrate(key []byte) (bool, error)

func (*Core) UnsealWithStoredKeys 

func (c *Core) UnsealWithStoredKeys(ctx context.Context) error

UnsealWithStoredKeys performs auto-unseal using stored keys. An error return value of "nil" implies the Vault instance is unsealed.

Callers should attempt to retry any NonFatalErrors. Callers should not re-attempt fatal errors.

func (*Core) UpdateInFlightReqData 

func (c *Core) UpdateInFlightReqData(reqID, clientID string)

UpdateInFlightReqData updates the data for a specific reqID with the clientID

type CoreConfig 

type CoreConfig struct {
	DevToken string

	BuiltinRegistry BuiltinRegistry

	LogicalBackends map[string]logical.Factory

	CredentialBackends map[string]logical.Factory

	AuditBackends map[string]audit.Factory

	Physical physical.Backend

	StorageType string

	// May be nil, which disables HA operations
	HAPhysical physical.HABackend

	ServiceRegistration sr.ServiceRegistration

	// Seal is the configured seal, or if none is configured explicitly, a
	// shamir seal.  In migration scenarios this is the new seal.
	Seal Seal

	// Unwrap seal is the optional seal marked "disabled"; this is the old
	// seal in migration scenarios.
	UnwrapSeal Seal

	SecureRandomReader io.Reader

	LogLevel string

	Logger log.Logger

	// Disables the trace display for Sentinel checks
	DisableSentinelTrace bool

	// Disables the LRU cache on the physical backend
	DisableCache bool

	// Disables mlock syscall
	DisableMlock bool

	// Custom cache size for the LRU cache on the physical backend, or zero for default
	CacheSize int

	// Set as the leader address for HA
	RedirectAddr string

	// Set as the cluster address for HA
	ClusterAddr string

	DefaultLeaseTTL time.Duration

	MaxLeaseTTL time.Duration

	ClusterName string

	ClusterCipherSuites string

	EnableUI bool

	// Enable the raw endpoint
	EnableRaw bool

	PluginDirectory string

	PluginFileUid int

	PluginFilePermissions int

	DisableSealWrap bool

	RawConfig *server.Config

	ReloadFuncs     *map[string][]reloadutil.ReloadFunc
	ReloadFuncsLock *sync.RWMutex

	// Licensing
	License         string
	LicensePath     string
	LicensingConfig *LicensingConfig

	DisablePerformanceStandby bool
	DisableIndexing           bool
	DisableKeyEncodingChecks  bool

	AllLoggers []log.Logger

	// Telemetry objects
	MetricsHelper *metricsutil.MetricsHelper
	MetricSink    *metricsutil.ClusterMetricSink

	RecoveryMode bool

	ClusterNetworkLayer cluster.NetworkLayer

	ClusterHeartbeatInterval time.Duration

	// Activity log controls
	ActivityLogConfig ActivityLogCoreConfig

	// number of workers to use for lease revocation in the expiration manager
	NumExpirationWorkers int

	// DisableAutopilot is used to disable autopilot subsystem in raft storage
	DisableAutopilot bool

	// Whether to send headers in the HTTP response showing hostname or raft node ID
	EnableResponseHeaderHostname   bool
	EnableResponseHeaderRaftNodeID bool

	// DisableSSCTokens is used to disable the use of server side consistent tokens
	DisableSSCTokens bool
	// contains filtered or unexported fields
}

CoreConfig is used to parameterize a core

func (CoreConfig) Clone 

func (e CoreConfig) Clone() entCoreConfig

func (*CoreConfig) GetServiceRegistration 

func (c *CoreConfig) GetServiceRegistration() sr.ServiceRegistration

GetServiceRegistration returns the config's ServiceRegistration, or nil if it does not exist.

type CubbyholeBackend 

type CubbyholeBackend struct {
	*framework.Backend
	// contains filtered or unexported fields
}

CubbyholeBackend is used for storing secrets directly into the physical backend. The secrets are encrypted in the durable storage. This differs from kv in that every token has its own private storage view. The view is removed when the token expires.

type DeadlockMutex 

type DeadlockMutex struct {
	sync.Mutex
}

DeadlockMutex is just a sync.Mutex when the build tag `deadlock` is absent. See its other definition in the corresponding deadlock-build-tag-constrained file for more details.

type DeadlockRWMutex 

type DeadlockRWMutex struct {
	sync.RWMutex
}

DeadlockRWMutex is the RW version of DeadlockMutex.

type EchoReply 

type EchoReply struct {
	Message          string           `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
	ClusterAddrs     []string         `protobuf:"bytes,2,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"`
	ReplicationState uint32           `protobuf:"varint,3,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"`
	RaftAppliedIndex uint64           `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"`
	RaftNodeID       string           `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"`
	NodeInfo         *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"`
	// contains filtered or unexported fields
}

func (*EchoReply) Descriptor deprecated 

func (*EchoReply) Descriptor() ([]byte, []int)

Deprecated: Use EchoReply.ProtoReflect.Descriptor instead.

func (*EchoReply) GetClusterAddrs 

func (x *EchoReply) GetClusterAddrs() []string

func (*EchoReply) GetMessage 

func (x *EchoReply) GetMessage() string

func (*EchoReply) GetNodeInfo 

func (x *EchoReply) GetNodeInfo() *NodeInformation

func (*EchoReply) GetRaftAppliedIndex 

func (x *EchoReply) GetRaftAppliedIndex() uint64

func (*EchoReply) GetRaftNodeID 

func (x *EchoReply) GetRaftNodeID() string

func (*EchoReply) GetReplicationState 

func (x *EchoReply) GetReplicationState() uint32

func (*EchoReply) ProtoMessage 

func (*EchoReply) ProtoMessage()

func (*EchoReply) ProtoReflect 

func (x *EchoReply) ProtoReflect() protoreflect.Message

func (*EchoReply) Reset 

func (x *EchoReply) Reset()

func (*EchoReply) String 

func (x *EchoReply) String() string

type EchoRequest 

type EchoRequest struct {
	Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
	// ClusterAddr is used to send up a standby node's address to the active
	// node upon heartbeat
	ClusterAddr string `protobuf:"bytes,2,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"`
	// ClusterAddrs is used to send up a list of cluster addresses to a dr
	// primary from a dr secondary
	ClusterAddrs        []string         `protobuf:"bytes,3,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"`
	RaftAppliedIndex    uint64           `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"`
	RaftNodeID          string           `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"`
	NodeInfo            *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"`
	RaftTerm            uint64           `protobuf:"varint,7,opt,name=raft_term,json=raftTerm,proto3" json:"raft_term,omitempty"`
	RaftDesiredSuffrage string           `protobuf:"bytes,8,opt,name=raft_desired_suffrage,json=raftDesiredSuffrage,proto3" json:"raft_desired_suffrage,omitempty"`
	RaftUpgradeVersion  string           `protobuf:"bytes,9,opt,name=raft_upgrade_version,json=raftUpgradeVersion,proto3" json:"raft_upgrade_version,omitempty"`
	RaftRedundancyZone  string           `protobuf:"bytes,10,opt,name=raft_redundancy_zone,json=raftRedundancyZone,proto3" json:"raft_redundancy_zone,omitempty"`
	SdkVersion          string           `protobuf:"bytes,11,opt,name=sdk_version,json=sdkVersion,proto3" json:"sdk_version,omitempty"`
	// contains filtered or unexported fields
}

func (*EchoRequest) Descriptor deprecated 

func (*EchoRequest) Descriptor() ([]byte, []int)

Deprecated: Use EchoRequest.ProtoReflect.Descriptor instead.

func (*EchoRequest) GetClusterAddr 

func (x *EchoRequest) GetClusterAddr() string

func (*EchoRequest) GetClusterAddrs 

func (x *EchoRequest) GetClusterAddrs() []string

func (*EchoRequest) GetMessage 

func (x *EchoRequest) GetMessage() string

func (*EchoRequest) GetNodeInfo 

func (x *EchoRequest) GetNodeInfo() *NodeInformation

func (*EchoRequest) GetRaftAppliedIndex 

func (x *EchoRequest) GetRaftAppliedIndex() uint64

func (*EchoRequest) GetRaftDesiredSuffrage 

func (x *EchoRequest) GetRaftDesiredSuffrage() string

func (*EchoRequest) GetRaftNodeID 

func (x *EchoRequest) GetRaftNodeID() string

func (*EchoRequest) GetRaftRedundancyZone 

func (x *EchoRequest) GetRaftRedundancyZone() string

func (*EchoRequest) GetRaftTerm 

func (x *EchoRequest) GetRaftTerm() uint64

func (*EchoRequest) GetRaftUpgradeVersion 

func (x *EchoRequest) GetRaftUpgradeVersion() string

func (*EchoRequest) GetSdkVersion 

func (x *EchoRequest) GetSdkVersion() string

func (*EchoRequest) ProtoMessage 

func (*EchoRequest) ProtoMessage()

func (*EchoRequest) ProtoReflect 

func (x *EchoRequest) ProtoReflect() protoreflect.Message

func (*EchoRequest) Reset 

func (x *EchoRequest) Reset()

func (*EchoRequest) String 

func (x *EchoRequest) String() string

type EncodedKeyring 

type EncodedKeyring struct {
	MasterKey      []byte
	Keys           []*Key
	RotationConfig KeyRotationConfig
}

EncodedKeyring is used for serialization of the keyring

type EntityCounter 

type EntityCounter struct {
	// Total is the total number of entities
	Total int `json:"total"`
}

EntityCounter counts the number of entities

type EntityCreator 

type EntityCreator interface {
	CreateEntity(ctx context.Context) (*identity.Entity, error)
}

type ErrDecrypt 

type ErrDecrypt struct {
	Err error
}

func (*ErrDecrypt) Error 

func (e *ErrDecrypt) Error() string

func (*ErrDecrypt) Is 

func (e *ErrDecrypt) Is(target error) bool

type ErrEncrypt 

type ErrEncrypt struct {
	Err error
}

func (*ErrEncrypt) Error 

func (e *ErrEncrypt) Error() string

func (*ErrEncrypt) Is 

func (e *ErrEncrypt) Is(target error) bool

type ErrInvalidKey 

type ErrInvalidKey struct {
	Reason string
}

ErrInvalidKey is returned if there is a user-based error with a provided unseal key. This will be shown to the user, so should not contain information that is sensitive.

func (*ErrInvalidKey) Error 

func (e *ErrInvalidKey) Error() string

type ExpirationManager 

type ExpirationManager struct {
	// contains filtered or unexported fields
}

ExpirationManager is used by the Core to manage leases. Secrets can provide a lease, meaning that they can be renewed or revoked. If a secret is not renewed in timely manner, it may be expired, and the ExpirationManager will handle doing automatic revocation.

func NewExpirationManager 

func NewExpirationManager(c *Core, view *BarrierView, e ExpireLeaseStrategy, logger log.Logger) *ExpirationManager

NewExpirationManager creates a new ExpirationManager that is backed using a given view, and uses the provided router for revocation.

func (*ExpirationManager) CreateOrFetchRevocationLeaseByToken 

func (m *ExpirationManager) CreateOrFetchRevocationLeaseByToken(ctx context.Context, te *logical.TokenEntry) (string, error)

CreateOrFetchRevocationLeaseByToken is used to create or fetch the matching leaseID for a particular token. The lease is set to expire immediately after it's created.

func (*ExpirationManager) FetchLeaseTimes 

func (m *ExpirationManager) FetchLeaseTimes(ctx context.Context, leaseID string) (*leaseEntry, error)

FetchLeaseTimes is used to fetch the issue time, expiration time, and last renewed time of a lease entry. It returns a leaseEntry itself, but with only those values copied over.

func (*ExpirationManager) FetchLeaseTimesByToken 

func (m *ExpirationManager) FetchLeaseTimesByToken(ctx context.Context, te *logical.TokenEntry) (*leaseEntry, error)

FetchLeaseTimesByToken is a helper function to use token values to compute the leaseID, rather than pushing that logic back into the token store. As a special case, for a batch token it simply returns the information encoded on it.

func (*ExpirationManager) LazyRevoke 

func (m *ExpirationManager) LazyRevoke(ctx context.Context, leaseID string) error

LazyRevoke is used to queue revocation for a secret named by the given LeaseID. If the lease was not found it returns nil; if the lease was found it triggers a return of a 202.

func (*ExpirationManager) Register 

func (m *ExpirationManager) Register(ctx context.Context, req *logical.Request, resp *logical.Response, loginRole string) (id string, retErr error)

Register is used to take a request and response with an associated lease. The secret gets assigned a LeaseID and the management of the lease is assumed by the expiration manager.

func (*ExpirationManager) RegisterAuth 

func (m *ExpirationManager) RegisterAuth(ctx context.Context, te *logical.TokenEntry, auth *logical.Auth, loginRole string) error

RegisterAuth is used to take an Auth response with an associated lease. The token does not get a LeaseID, but the lease management is handled by the expiration manager.

func (*ExpirationManager) Renew 

func (m *ExpirationManager) Renew(ctx context.Context, leaseID string, increment time.Duration) (*logical.Response, error)

Renew is used to renew a secret using the given leaseID and a renew interval. The increment may be ignored.

func (*ExpirationManager) RenewToken 

func (m *ExpirationManager) RenewToken(ctx context.Context, req *logical.Request, te *logical.TokenEntry,
	increment time.Duration,
) (*logical.Response, error)

RenewToken is used to renew a token which does not need to invoke a logical backend.

func (*ExpirationManager) Restore 

func (m *ExpirationManager) Restore(errorFunc func()) (retErr error)

Restore is used to recover the lease states when starting. This is used after starting the vault.

func (*ExpirationManager) Revoke 

func (m *ExpirationManager) Revoke(ctx context.Context, leaseID string) error

Revoke is used to revoke a secret named by the given LeaseID

func (*ExpirationManager) RevokeByToken 

func (m *ExpirationManager) RevokeByToken(ctx context.Context, te *logical.TokenEntry) error

RevokeByToken is used to revoke all the secrets issued with a given token. This is done by using the secondary index. It also removes the lease entry for the token itself. As a result it should *ONLY* ever be called from the token store's revokeInternal function. (NB: it's called by token tidy as well.)

func (*ExpirationManager) RevokeForce 

func (m *ExpirationManager) RevokeForce(ctx context.Context, prefix string) error

RevokeForce works similarly to RevokePrefix but continues in the case of a revocation error; this is mostly meant for recovery operations

func (*ExpirationManager) RevokePrefix 

func (m *ExpirationManager) RevokePrefix(ctx context.Context, prefix string, sync bool) error

RevokePrefix is used to revoke all secrets with a given prefix. The prefix maps to that of the mount table to make this simpler to reason about.

func (*ExpirationManager) Stop 

func (m *ExpirationManager) Stop() error

Stop is used to prevent further automatic revocations. This must be called before sealing the view.

func (*ExpirationManager) Tidy 

func (m *ExpirationManager) Tidy(ctx context.Context) error

Tidy cleans up the dangling storage entries for leases. It scans the storage view to find all the available leases, checks if the token embedded in it is either empty or invalid and in both the cases, it revokes them. It also uses a token cache to avoid multiple lookups of the same token ID. It is normally not required to use the API that invokes this. This is only intended to clean up the corrupt storage due to bugs.

func (*ExpirationManager) WalkTokens 

func (m *ExpirationManager) WalkTokens(walkFn ExpirationWalkFunction) error

WalkTokens extracts the Auth structure from leases corresponding to tokens. Returning false from the walk function terminates the iteration.

type ExpirationWalkFunction 

type ExpirationWalkFunction = func(leaseID string, auth *logical.Auth, path string) bool

Callback function type to walk tokens referenced in the expiration manager. Don't want to use leaseEntry here because it's an unexported type (though most likely we would only call this from within the "vault" core package.)

type ExpireLeaseStrategy 

type ExpireLeaseStrategy func(context.Context, *ExpirationManager, string, *namespace.Namespace)

type FeatureFlags 

type FeatureFlags struct {
	NamespacesCubbyholesLocal bool `json:"namespace_cubbyholes_local"`
}

type GenerateRootConfig 

type GenerateRootConfig struct {
	Nonce          string
	PGPKey         string
	PGPFingerprint string
	OTP            string
	Strategy       GenerateRootStrategy
}

GenerateRootConfig holds the configuration for a root generation command.

type GenerateRootResult 

type GenerateRootResult struct {
	Progress       int
	Required       int
	EncodedToken   string
	PGPFingerprint string
}

GenerateRootResult holds the result of a root generation update command

type GenerateRootStrategy 

type GenerateRootStrategy interface {
	// contains filtered or unexported methods
}

GenerateRootStrategy allows us to swap out the strategy we want to use to create a token upon completion of the generate root process. 

var (
	// GenerateStandardRootTokenStrategy is the strategy used to generate a
	// typical root token
	GenerateStandardRootTokenStrategy GenerateRootStrategy = generateStandardRootToken{}

	// GenerateDROperationTokenStrategy is the strategy used to generate a
	// DR operational token
	GenerateDROperationTokenStrategy GenerateRootStrategy = generateStandardRootToken{}
)

func GenerateRecoveryTokenStrategy 

func GenerateRecoveryTokenStrategy(token *atomic.String) GenerateRootStrategy

GenerateRecoveryTokenStrategy is the strategy used to generate a recovery token

type GroupUpdater 

type GroupUpdater interface {
	SendGroupUpdate(ctx context.Context, group *identity.Group) (bool, error)
}

type HAStatusNode 

type HAStatusNode struct {
	Hostname       string     `json:"hostname"`
	APIAddress     string     `json:"api_address"`
	ClusterAddress string     `json:"cluster_address"`
	ActiveNode     bool       `json:"active_node"`
	LastEcho       *time.Time `json:"last_echo"`
	Version        string     `json:"version"`
	UpgradeVersion string     `json:"upgrade_version,omitempty"`
	RedundancyZone string     `json:"redundancy_zone,omitempty"`
}

type HCPLinkStatus 

type HCPLinkStatus struct {
	ConnectionStatus string `json:"hcp_link_status,omitempty"`
	ResourceIDOnHCP  string `json:"resource_ID_on_hcp,omitempty"`
	// contains filtered or unexported fields
}

type HLLGetter 

type HLLGetter func(ctx context.Context, startTime time.Time) (*hyperloglog.Sketch, error)

type HandlerProperties 

type HandlerProperties struct {
	Core                  *Core
	ListenerConfig        *configutil.Listener
	DisablePrintableCheck bool
	RecoveryMode          bool
	RecoveryToken         *uberAtomic.String
}

HandlerProperties is used to seed configuration into a vaulthttp.Handler. It's in this package to avoid a circular dependency

type IdentityFactor 

type IdentityFactor struct {
	GroupIDs          []string `hcl:"group_ids"`
	GroupNames        []string `hcl:"group_names"`
	ApprovalsRequired int      `hcl:"approvals"`
}

type IdentityStore 

type IdentityStore struct {
	// IdentityStore is a secret backend in Vault
	*framework.Backend
	// contains filtered or unexported fields
}

IdentityStore is composed of its own storage view and a MemDB which maintains active in-memory replicas of the storage contents indexed by multiple fields.

func NewIdentityStore 

func NewIdentityStore(ctx context.Context, core *Core, config *logical.BackendConfig, logger log.Logger) (*IdentityStore, error)

func (*IdentityStore) CreateEntity 

func (i *IdentityStore) CreateEntity(ctx context.Context) (*identity.Entity, error)

CreateEntity creates a new entity.

func (*IdentityStore) CreateOrFetchEntity 

func (i *IdentityStore) CreateOrFetchEntity(ctx context.Context, alias *logical.Alias) (*identity.Entity, bool, error)

CreateOrFetchEntity creates a new entity. This is used by core to associate each login attempt by an alias to a unified entity in Vault.

func (*IdentityStore) Invalidate 

func (i *IdentityStore) Invalidate(ctx context.Context, key string)

Invalidate is a callback wherein the backend is informed that the value at the given key is updated. In identity store's case, it would be the entity storage entries that get updated. The value needs to be read and MemDB needs to be updated accordingly.

func (*IdentityStore) MemDBAliasByFactors 

func (i *IdentityStore) MemDBAliasByFactors(mountAccessor, aliasName string, clone bool, groupAlias bool) (*identity.Alias, error)

func (*IdentityStore) MemDBAliasByFactorsInTxn 

func (i *IdentityStore) MemDBAliasByFactorsInTxn(txn *memdb.Txn, mountAccessor, aliasName string, clone bool, groupAlias bool) (*identity.Alias, error)

func (*IdentityStore) MemDBAliasByID 

func (i *IdentityStore) MemDBAliasByID(aliasID string, clone bool, groupAlias bool) (*identity.Alias, error)

func (*IdentityStore) MemDBAliasByIDInTxn 

func (i *IdentityStore) MemDBAliasByIDInTxn(txn *memdb.Txn, aliasID string, clone bool, groupAlias bool) (*identity.Alias, error)

func (*IdentityStore) MemDBAliases 

func (i *IdentityStore) MemDBAliases(ws memdb.WatchSet, groupAlias bool) (memdb.ResultIterator, error)

func (*IdentityStore) MemDBDeleteAliasByIDInTxn 

func (i *IdentityStore) MemDBDeleteAliasByIDInTxn(txn *memdb.Txn, aliasID string, groupAlias bool) error

func (*IdentityStore) MemDBDeleteEntityByID 

func (i *IdentityStore) MemDBDeleteEntityByID(entityID string) error

func (*IdentityStore) MemDBDeleteEntityByIDInTxn 

func (i *IdentityStore) MemDBDeleteEntityByIDInTxn(txn *memdb.Txn, entityID string) error

func (*IdentityStore) MemDBDeleteGroupByIDInTxn 

func (i *IdentityStore) MemDBDeleteGroupByIDInTxn(txn *memdb.Txn, groupID string) error

func (*IdentityStore) MemDBEntitiesByBucketKeyInTxn 

func (i *IdentityStore) MemDBEntitiesByBucketKeyInTxn(txn *memdb.Txn, bucketKey string) ([]*identity.Entity, error)

func (*IdentityStore) MemDBEntityByAliasID 

func (i *IdentityStore) MemDBEntityByAliasID(aliasID string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByAliasIDInTxn 

func (i *IdentityStore) MemDBEntityByAliasIDInTxn(txn *memdb.Txn, aliasID string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByID 

func (i *IdentityStore) MemDBEntityByID(entityID string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByIDInTxn 

func (i *IdentityStore) MemDBEntityByIDInTxn(txn *memdb.Txn, entityID string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByMergedEntityID 

func (i *IdentityStore) MemDBEntityByMergedEntityID(mergedEntityID string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByName 

func (i *IdentityStore) MemDBEntityByName(ctx context.Context, entityName string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBEntityByNameInTxn 

func (i *IdentityStore) MemDBEntityByNameInTxn(ctx context.Context, txn *memdb.Txn, entityName string, clone bool) (*identity.Entity, error)

func (*IdentityStore) MemDBGroupByAliasID 

func (i *IdentityStore) MemDBGroupByAliasID(aliasID string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupByAliasIDInTxn 

func (i *IdentityStore) MemDBGroupByAliasIDInTxn(txn *memdb.Txn, aliasID string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupByID 

func (i *IdentityStore) MemDBGroupByID(groupID string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupByIDInTxn 

func (i *IdentityStore) MemDBGroupByIDInTxn(txn *memdb.Txn, groupID string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupByName 

func (i *IdentityStore) MemDBGroupByName(ctx context.Context, groupName string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupByNameInTxn 

func (i *IdentityStore) MemDBGroupByNameInTxn(ctx context.Context, txn *memdb.Txn, groupName string, clone bool) (*identity.Group, error)

func (*IdentityStore) MemDBGroupsByBucketKeyInTxn 

func (i *IdentityStore) MemDBGroupsByBucketKeyInTxn(txn *memdb.Txn, bucketKey string) ([]*identity.Group, error)

func (*IdentityStore) MemDBGroupsByMemberEntityID 

func (i *IdentityStore) MemDBGroupsByMemberEntityID(entityID string, clone bool, externalOnly bool) ([]*identity.Group, error)

func (*IdentityStore) MemDBGroupsByMemberEntityIDInTxn 

func (i *IdentityStore) MemDBGroupsByMemberEntityIDInTxn(txn *memdb.Txn, entityID string, clone bool, externalOnly bool) ([]*identity.Group, error)

func (*IdentityStore) MemDBGroupsByParentGroupID 

func (i *IdentityStore) MemDBGroupsByParentGroupID(memberGroupID string, clone bool) ([]*identity.Group, error)

func (*IdentityStore) MemDBGroupsByParentGroupIDInTxn 

func (i *IdentityStore) MemDBGroupsByParentGroupIDInTxn(txn *memdb.Txn, memberGroupID string, clone bool) ([]*identity.Group, error)

func (*IdentityStore) MemDBLocalAliasesByBucketKeyInTxn 

func (i *IdentityStore) MemDBLocalAliasesByBucketKeyInTxn(txn *memdb.Txn, bucketKey string) ([]*identity.Alias, error)

func (*IdentityStore) MemDBUpsertAliasInTxn 

func (i *IdentityStore) MemDBUpsertAliasInTxn(txn *memdb.Txn, alias *identity.Alias, groupAlias bool) error

func (*IdentityStore) MemDBUpsertEntityInTxn 

func (i *IdentityStore) MemDBUpsertEntityInTxn(txn *memdb.Txn, entity *identity.Entity) error

func (*IdentityStore) MemDBUpsertGroupInTxn 

func (i *IdentityStore) MemDBUpsertGroupInTxn(txn *memdb.Txn, group *identity.Group) error

func (*IdentityStore) UpsertGroup 

func (i *IdentityStore) UpsertGroup(ctx context.Context, group *identity.Group, persist bool) error

func (*IdentityStore) UpsertGroupInTxn 

func (i *IdentityStore) UpsertGroupInTxn(ctx context.Context, txn *memdb.Txn, group *identity.Group, persist bool) error

type InFlightReqData 

type InFlightReqData struct {
	StartTime        time.Time `json:"start_time"`
	ClientRemoteAddr string    `json:"client_remote_address"`
	ReqPath          string    `json:"request_path"`
	Method           string    `json:"request_method"`
	ClientID         string    `json:"client_id"`
}

type InFlightRequests 

type InFlightRequests struct {
	InFlightReqMap   *sync.Map
	InFlightReqCount *uberAtomic.Uint64
}

type InitParams 

type InitParams struct {
	BarrierConfig   *SealConfig
	RecoveryConfig  *SealConfig
	RootTokenPGPKey string
	// LegacyShamirSeal should only be used in test code, we don't want to
	// give the user a way to create legacy shamir seals.
	LegacyShamirSeal bool
}

InitParams keeps the init function from being littered with too many params, that's it!

type InitResult 

type InitResult struct {
	SecretShares   [][]byte
	RecoveryShares [][]byte
	RootToken      string
}

InitResult is used to provide the key parts back after they are generated as part of the initialization.

type InitializableBackend 

type InitializableBackend struct {
	*NoopBackend
	// contains filtered or unexported fields
}

InitializableBackend is a backend that knows whether it has been initialized properly.

func (*InitializableBackend) Initialize 

func (b *InitializableBackend) Initialize(ctx context.Context, req *logical.InitializationRequest) error

type Key 

type Key struct {
	Term        uint32
	Version     int
	Value       []byte
	InstallTime time.Time
	Encryptions uint64 `json:"encryptions,omitempty"`
}

Key represents a single term, along with the key used.

func DeserializeKey 

func DeserializeKey(buf []byte) (*Key, error)

DeserializeKey is used to deserialize and return a new key

func (*Key) Serialize 

func (k *Key) Serialize() ([]byte, error)

Serialize is used to create a byte encoded key

type KeyInfo 

type KeyInfo struct {
	Term        int
	InstallTime time.Time
	Encryptions int64
}

KeyInfo is used to convey information about the encryption key

type KeyRotationConfig 

type KeyRotationConfig struct {
	Disabled      bool
	MaxOperations int64
	Interval      time.Duration
}

func (KeyRotationConfig) Clone 

func (c KeyRotationConfig) Clone() KeyRotationConfig

func (*KeyRotationConfig) Equals 

func (c *KeyRotationConfig) Equals(config KeyRotationConfig) bool

func (*KeyRotationConfig) Sanitize 

func (c *KeyRotationConfig) Sanitize()

type Keyring 

type Keyring struct {
	// contains filtered or unexported fields
}

Keyring is used to manage multiple encryption keys used by the barrier. New keys can be installed and each has a sequential term. The term used to encrypt a key is prefixed to the key written out. All data is encrypted with the latest key, but storing the old keys allows for decryption of keys written previously. Along with the encryption keys, the keyring also tracks the root key. This is necessary so that when a new key is added to the keyring, we can encrypt with the root key and write out the new keyring.

func DeserializeKeyring 

func DeserializeKeyring(buf []byte) (*Keyring, error)

DeserializeKeyring is used to deserialize and return a new keyring

func NewKeyring 

func NewKeyring() *Keyring

NewKeyring creates a new keyring

func (*Keyring) ActiveKey 

func (k *Keyring) ActiveKey() *Key

ActiveKey returns the active encryption key, or nil

func (*Keyring) ActiveTerm 

func (k *Keyring) ActiveTerm() uint32

ActiveTerm returns the currently active term

func (*Keyring) AddKey 

func (k *Keyring) AddKey(key *Key) (*Keyring, error)

AddKey adds a new key to the keyring

func (*Keyring) Clone 

func (k *Keyring) Clone() *Keyring

Clone returns a new copy of the keyring

func (*Keyring) RemoveKey 

func (k *Keyring) RemoveKey(term uint32) (*Keyring, error)

RemoveKey removes a key from the keyring

func (*Keyring) RootKey 

func (k *Keyring) RootKey() []byte

RootKey returns the root key

func (*Keyring) Serialize 

func (k *Keyring) Serialize() ([]byte, error)

Serialize is used to create a byte encoded keyring

func (*Keyring) SetRootKey 

func (k *Keyring) SetRootKey(val []byte) *Keyring

SetRootKey is used to update the root key

func (*Keyring) TermKey 

func (k *Keyring) TermKey(term uint32) *Key

TermKey returns the key for the given term, or nil

func (*Keyring) Zeroize 

func (k *Keyring) Zeroize(keysToo bool)

N.B.: Since Go 1.5 these are not reliable; see the documentation around the memzero function. These are best-effort.

type LeaderResponse 

type LeaderResponse struct {
	HAEnabled                bool      `json:"ha_enabled"`
	IsSelf                   bool      `json:"is_self"`
	ActiveTime               time.Time `json:"active_time,omitempty"`
	LeaderAddress            string    `json:"leader_address"`
	LeaderClusterAddress     string    `json:"leader_cluster_address"`
	PerfStandby              bool      `json:"performance_standby"`
	PerfStandbyLastRemoteWAL uint64    `json:"performance_standby_last_remote_wal"`
	LastWAL                  uint64    `json:"last_wal,omitempty"`

	// Raft Indexes for this node
	RaftCommittedIndex uint64 `json:"raft_committed_index,omitempty"`
	RaftAppliedIndex   uint64 `json:"raft_applied_index,omitempty"`
}

type LicenseState 

type LicenseState struct {
	State      string
	ExpiryTime time.Time
	Terminated bool
}

type LicensingConfig 

type LicensingConfig struct {
	AdditionalPublicKeys []interface{}
}

type ListenerCustomHeaders 

type ListenerCustomHeaders struct {
	Address             string
	StatusCodeHeaderMap map[string][]*logical.CustomHeader
	// contains filtered or unexported fields
}

func NewListenerCustomHeader 

func NewListenerCustomHeader(ln []*configutil.Listener, logger log.Logger, uiHeaders http.Header) []*ListenerCustomHeaders

func (*ListenerCustomHeaders) ExistCustomResponseHeader 

func (l *ListenerCustomHeaders) ExistCustomResponseHeader(header string) bool

type ListingVisibilityType 

type ListingVisibilityType string

ListingVisibilityType represents the types for listing visibility 

const (
	// ListingVisibilityDefault is the default value for listing visibility
	ListingVisibilityDefault ListingVisibilityType = ""
	// ListingVisibilityHidden is the hidden type for listing visibility
	ListingVisibilityHidden ListingVisibilityType = "hidden"
	// ListingVisibilityUnauth is the unauth type for listing visibility
	ListingVisibilityUnauth ListingVisibilityType = "unauth"

	MountTableUpdateStorage   = true
	MountTableNoUpdateStorage = false
)

type LocalNode 

type LocalNode interface {
	ReplicationState() consts.ReplicationState
	HAState() consts.HAState
}

type LoginMFABackend 

type LoginMFABackend struct {
	*MFABackend
}

func NewLoginMFABackend 

func NewLoginMFABackend(core *Core, logger hclog.Logger) *LoginMFABackend

func (*LoginMFABackend) MemDBDeleteMFAConfigByID 

func (b *LoginMFABackend) MemDBDeleteMFAConfigByID(methodId, tableName string) error

func (*LoginMFABackend) MemDBDeleteMFAConfigByIDInTxn 

func (b *LoginMFABackend) MemDBDeleteMFAConfigByIDInTxn(txn *memdb.Txn, configID string) error

func (*LoginMFABackend) MemDBDeleteMFALoginEnforcementConfigByNameAndNamespace 

func (b *LoginMFABackend) MemDBDeleteMFALoginEnforcementConfigByNameAndNamespace(name, namespaceId, tableName string) error

func (*LoginMFABackend) MemDBMFAConfigByID 

func (b *LoginMFABackend) MemDBMFAConfigByID(mConfigID string) (*mfa.Config, error)

func (*LoginMFABackend) MemDBMFAConfigByIDInTxn 

func (b *LoginMFABackend) MemDBMFAConfigByIDInTxn(txn *memdb.Txn, mConfigID string) (*mfa.Config, error)

func (*LoginMFABackend) MemDBMFALoginEnforcementConfigByNameAndNamespace 

func (b *LoginMFABackend) MemDBMFALoginEnforcementConfigByNameAndNamespace(name, namespaceId string) (*mfa.MFAEnforcementConfig, error)

func (*LoginMFABackend) MemDBMFALoginEnforcementConfigIterator 

func (b *LoginMFABackend) MemDBMFALoginEnforcementConfigIterator() (memdb.ResultIterator, error)

func (*LoginMFABackend) MemDBUpsertMFALoginEnforcementConfig 

func (b *LoginMFABackend) MemDBUpsertMFALoginEnforcementConfig(ctx context.Context, eConfig *mfa.MFAEnforcementConfig) error

func (*LoginMFABackend) ResetLoginMFAMemDB 

func (b *LoginMFABackend) ResetLoginMFAMemDB() error

type LoginMFAPriorityQueue 

type LoginMFAPriorityQueue struct {
	// contains filtered or unexported fields
}

func NewLoginMFAPriorityQueue 

func NewLoginMFAPriorityQueue() *LoginMFAPriorityQueue

NewLoginMFAPriorityQueue initializes the internal data structures and returns a new PriorityQueue

func (*LoginMFAPriorityQueue) Len 

func (pq *LoginMFAPriorityQueue) Len() int

Len returns the count of items in the Priority Queue

func (*LoginMFAPriorityQueue) PopByKey 

func (pq *LoginMFAPriorityQueue) PopByKey(reqID string) (*MFACachedAuthResponse, error)

PopByKey searches the queue for an item with the given key and removes it from the queue if found. Returns nil if not found.

func (*LoginMFAPriorityQueue) Push 

func (pq *LoginMFAPriorityQueue) Push(resp *MFACachedAuthResponse) error

Push pushes an item on to the queue. This is a wrapper/convenience method that calls heap.Push, so consumers do not need to invoke heap functions directly. Items must have unique Keys, and Items in the queue cannot be updated. To modify an Item, users must first remove it and re-push it after modifications

func (*LoginMFAPriorityQueue) RemoveExpiredMfaAuthResponse 

func (pq *LoginMFAPriorityQueue) RemoveExpiredMfaAuthResponse(expiryTime time.Duration, cutoffTime time.Time) error

RemoveExpiredMfaAuthResponse pops elements of the queue and check if the entry has expired or not. If the entry has not expired, it pushes back the entry to the queue. It returns false if there is no expired element left to be removed, true otherwise. cutoffTime should normally be time.Now() except for tests.

type MFABackend 

type MFABackend struct {
	Core *Core
	// contains filtered or unexported fields
}

func NewMFABackend 

func NewMFABackend(core *Core, logger hclog.Logger, prefix string, schemaFuncs []func() *memdb.TableSchema) *MFABackend

func (*MFABackend) MemDBUpsertMFAConfig 

func (b *MFABackend) MemDBUpsertMFAConfig(ctx context.Context, mConfig *mfa.Config) error

func (*MFABackend) MemDBUpsertMFAConfigInTxn 

func (b *MFABackend) MemDBUpsertMFAConfigInTxn(txn *memdb.Txn, mConfig *mfa.Config) error

type MFACachedAuthResponse 

type MFACachedAuthResponse struct {
	CachedAuth            *logical.Auth
	RequestPath           string
	RequestNSID           string
	RequestNSPath         string
	RequestConnRemoteAddr string
	TimeOfStorage         time.Time
	RequestID             string
}

type MountConfig 

type MountConfig struct {
	DefaultLeaseTTL           time.Duration         `json:"default_lease_ttl,omitempty" structs:"default_lease_ttl" mapstructure:"default_lease_ttl"` // Override for global default
	MaxLeaseTTL               time.Duration         `json:"max_lease_ttl,omitempty" structs:"max_lease_ttl" mapstructure:"max_lease_ttl"`             // Override for global default
	ForceNoCache              bool                  `json:"force_no_cache,omitempty" structs:"force_no_cache" mapstructure:"force_no_cache"`          // Override for global default
	AuditNonHMACRequestKeys   []string              `json:"audit_non_hmac_request_keys,omitempty" structs:"audit_non_hmac_request_keys" mapstructure:"audit_non_hmac_request_keys"`
	AuditNonHMACResponseKeys  []string              `` /* 128-byte string literal not displayed */
	ListingVisibility         ListingVisibilityType `json:"listing_visibility,omitempty" structs:"listing_visibility" mapstructure:"listing_visibility"`
	PassthroughRequestHeaders []string              `json:"passthrough_request_headers,omitempty" structs:"passthrough_request_headers" mapstructure:"passthrough_request_headers"`
	AllowedResponseHeaders    []string              `json:"allowed_response_headers,omitempty" structs:"allowed_response_headers" mapstructure:"allowed_response_headers"`
	TokenType                 logical.TokenType     `json:"token_type,omitempty" structs:"token_type" mapstructure:"token_type"`
	AllowedManagedKeys        []string              `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"`

	// PluginName is the name of the plugin registered in the catalog.
	//
	// Deprecated: MountEntry.Type should be used instead for Vault 1.0.0 and beyond.
	PluginName string `json:"plugin_name,omitempty" structs:"plugin_name,omitempty" mapstructure:"plugin_name"`
}

MountConfig is used to hold settable options

type MountEntry 

type MountEntry struct {
	Table                 string            `json:"table"`                             // The table it belongs to
	Path                  string            `json:"path"`                              // Mount Path
	Type                  string            `json:"type"`                              // Logical backend Type. NB: This is the plugin name, e.g. my-vault-plugin, NOT plugin type (e.g. auth).
	Description           string            `json:"description"`                       // User-provided description
	UUID                  string            `json:"uuid"`                              // Barrier view UUID
	BackendAwareUUID      string            `json:"backend_aware_uuid"`                // UUID that can be used by the backend as a helper when a consistent value is needed outside of storage.
	Accessor              string            `json:"accessor"`                          // Unique but more human-friendly ID. Does not change, not used for any sensitive things (like as a salt, which the UUID sometimes is).
	Config                MountConfig       `json:"config"`                            // Configuration related to this mount (but not backend-derived)
	Options               map[string]string `json:"options"`                           // Backend options
	Local                 bool              `json:"local"`                             // Local mounts are not replicated or affected by replication
	SealWrap              bool              `json:"seal_wrap"`                         // Whether to wrap CSPs
	ExternalEntropyAccess bool              `json:"external_entropy_access,omitempty"` // Whether to allow external entropy source access
	Tainted               bool              `json:"tainted,omitempty"`                 // Set as a Write-Ahead flag for unmount/remount
	MountState            string            `json:"mount_state,omitempty"`             // The current mount state.  The only non-empty mount state right now is "unmounting"
	NamespaceID           string            `json:"namespace_id"`

	// version info
	Version        string `json:"version,omitempty"`         // The semantic version of the mounted plugin, e.g. v1.2.3.
	Sha            string `json:"sha,omitempty"`             // The SHA256 sum of the plugin binary.
	RunningVersion string `json:"running_version,omitempty"` // The semantic version of the mounted plugin as reported by the plugin.
	RunningSha     string `json:"running_sha,omitempty"`
	// contains filtered or unexported fields
}

MountEntry is used to represent a mount table entry

func (*MountEntry) APIPath 

func (e *MountEntry) APIPath() string

APIPath returns the full API Path for the given mount entry

func (*MountEntry) APIPathNoNamespace 

func (e *MountEntry) APIPathNoNamespace() string

APIPathNoNamespace returns the API Path without the namespace for the given mount entry

func (*MountEntry) Clone 

func (e *MountEntry) Clone() (*MountEntry, error)

Clone returns a deep copy of the mount entry

func (*MountEntry) Namespace 

func (e *MountEntry) Namespace() *namespace.Namespace

Namespace returns the namespace for the mount entry

func (*MountEntry) SyncCache 

func (e *MountEntry) SyncCache()

SyncCache syncs tunable configuration values to the cache. In the case of cached values, they should be retrieved via synthesizedConfigCache.Load() instead of accessing them directly through MountConfig.

func (*MountEntry) ViewPath 

func (e *MountEntry) ViewPath() string

ViewPath returns storage prefix for the view

type MountMigrationInfo 

type MountMigrationInfo struct {
	SourceMount     string `json:"source_mount"`
	TargetMount     string `json:"target_mount"`
	MigrationStatus string `json:"status"`
}

type MountMigrationStatus 

type MountMigrationStatus int
const (
	MigrationInProgressStatus MountMigrationStatus = iota
	MigrationSuccessStatus
	MigrationFailureStatus
)

func (MountMigrationStatus) String 

func (m MountMigrationStatus) String() string

type MountTable 

type MountTable struct {
	Type    string        `json:"type"`
	Entries []*MountEntry `json:"entries"`
}

MountTable is used to represent the internal mount table

type Namespacer 

type Namespacer interface {
	NamespaceByID(context.Context, string) (*namespace.Namespace, error)
	ListNamespaces(includePath bool) []*namespace.Namespace
}

type NodeInformation 

type NodeInformation struct {
	ClusterAddr      string `protobuf:"bytes,1,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"`
	ApiAddr          string `protobuf:"bytes,2,opt,name=api_addr,json=apiAddr,proto3" json:"api_addr,omitempty"`
	Mode             string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"`
	NodeID           string `protobuf:"bytes,4,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
	ReplicationState uint32 `protobuf:"varint,5,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"`
	Hostname         string `protobuf:"bytes,6,opt,name=hostname,proto3" json:"hostname,omitempty"`
	// contains filtered or unexported fields
}

func (*NodeInformation) Descriptor deprecated 

func (*NodeInformation) Descriptor() ([]byte, []int)

Deprecated: Use NodeInformation.ProtoReflect.Descriptor instead.

func (*NodeInformation) GetApiAddr 

func (x *NodeInformation) GetApiAddr() string

func (*NodeInformation) GetClusterAddr 

func (x *NodeInformation) GetClusterAddr() string

func (*NodeInformation) GetHostname 

func (x *NodeInformation) GetHostname() string

func (*NodeInformation) GetMode 

func (x *NodeInformation) GetMode() string

func (*NodeInformation) GetNodeID 

func (x *NodeInformation) GetNodeID() string

func (*NodeInformation) GetReplicationState 

func (x *NodeInformation) GetReplicationState() uint32

func (*NodeInformation) ProtoMessage 

func (*NodeInformation) ProtoMessage()

func (*NodeInformation) ProtoReflect 

func (x *NodeInformation) ProtoReflect() protoreflect.Message

func (*NodeInformation) Reset 

func (x *NodeInformation) Reset()

func (*NodeInformation) String 

func (x *NodeInformation) String() string

type NonFatalError 

type NonFatalError struct {
	Err error
}

NonFatalError is an error that can be returned during NewCore that should be displayed but not cause a program exit

func NewNonFatalError 

func NewNonFatalError(err error) *NonFatalError

NewNonFatalError returns a new non-fatal error.

func (*NonFatalError) Error 

func (e *NonFatalError) Error() string

func (*NonFatalError) WrappedErrors 

func (e *NonFatalError) WrappedErrors() []error

type NoopAudit 

type NoopAudit struct {
	Config         *audit.BackendConfig
	ReqErr         error
	ReqAuth        []*logical.Auth
	Req            []*logical.Request
	ReqHeaders     []map[string][]string
	ReqNonHMACKeys []string
	ReqErrs        []error

	RespErr            error
	RespAuth           []*logical.Auth
	RespReq            []*logical.Request
	Resp               []*logical.Response
	RespNonHMACKeys    []string
	RespReqNonHMACKeys []string
	RespErrs           []error
	// contains filtered or unexported fields
}

func (*NoopAudit) GetHash 

func (n *NoopAudit) GetHash(ctx context.Context, data string) (string, error)

func (*NoopAudit) Invalidate 

func (n *NoopAudit) Invalidate(ctx context.Context)

func (*NoopAudit) LogRequest 

func (n *NoopAudit) LogRequest(ctx context.Context, in *logical.LogInput) error

func (*NoopAudit) LogResponse 

func (n *NoopAudit) LogResponse(ctx context.Context, in *logical.LogInput) error

func (*NoopAudit) LogTestMessage 

func (n *NoopAudit) LogTestMessage(ctx context.Context, in *logical.LogInput, options map[string]string) error

func (*NoopAudit) Reload 

func (n *NoopAudit) Reload(ctx context.Context) error

func (*NoopAudit) Salt 

func (n *NoopAudit) Salt(ctx context.Context) (*salt.Salt, error)

type NoopBackend 

type NoopBackend struct {
	sync.Mutex

	Root            []string
	Login           []string
	Paths           []string
	Requests        []*logical.Request
	Response        *logical.Response
	RequestHandler  RouterTestHandlerFunc
	Invalidations   []string
	DefaultLeaseTTL time.Duration
	MaxLeaseTTL     time.Duration
	BackendType     logical.BackendType
}

func (*NoopBackend) Cleanup 

func (n *NoopBackend) Cleanup(ctx context.Context)

func (*NoopBackend) HandleExistenceCheck 

func (n *NoopBackend) HandleExistenceCheck(ctx context.Context, req *logical.Request) (bool, bool, error)

func (*NoopBackend) HandleRequest 

func (n *NoopBackend) HandleRequest(ctx context.Context, req *logical.Request) (*logical.Response, error)

func (*NoopBackend) Initialize 

func (n *NoopBackend) Initialize(ctx context.Context, req *logical.InitializationRequest) error

func (*NoopBackend) InvalidateKey 

func (n *NoopBackend) InvalidateKey(ctx context.Context, k string)

func (*NoopBackend) Logger 

func (n *NoopBackend) Logger() log.Logger

func (*NoopBackend) Setup 

func (n *NoopBackend) Setup(ctx context.Context, config *logical.BackendConfig) error

func (*NoopBackend) SpecialPaths 

func (n *NoopBackend) SpecialPaths() *logical.Paths

func (*NoopBackend) System 

func (n *NoopBackend) System() logical.SystemView

func (*NoopBackend) Type 

func (n *NoopBackend) Type() logical.BackendType

type PassthroughBackend 

type PassthroughBackend struct {
	*framework.Backend
	// contains filtered or unexported fields
}

PassthroughBackend is used storing secrets directly into the physical backend. The secrets are encrypted in the durable storage and custom TTL information can be specified, but otherwise this backend doesn't do anything fancy.

func (*PassthroughBackend) GeneratesLeases 

func (b *PassthroughBackend) GeneratesLeases() bool

type PathRules 

type PathRules struct {
	Path                string
	Policy              string
	Permissions         *ACLPermissions
	IsPrefix            bool
	HasSegmentWildcards bool
	Capabilities        []string

	// These keys are used at the top level to make the HCL nicer; we store in
	// the ACLPermissions object though
	MinWrappingTTLHCL     interface{}              `hcl:"min_wrapping_ttl"`
	MaxWrappingTTLHCL     interface{}              `hcl:"max_wrapping_ttl"`
	AllowedParametersHCL  map[string][]interface{} `hcl:"allowed_parameters"`
	DeniedParametersHCL   map[string][]interface{} `hcl:"denied_parameters"`
	RequiredParametersHCL []string                 `hcl:"required_parameters"`
	MFAMethodsHCL         []string                 `hcl:"mfa_methods"`
	ControlGroupHCL       *ControlGroupHCL         `hcl:"control_group"`
}

PathRules represents a policy for a path in the namespace.

type PeerNode 

type PeerNode struct {
	Hostname       string    `json:"hostname"`
	APIAddress     string    `json:"api_address"`
	ClusterAddress string    `json:"cluster_address"`
	Version        string    `json:"version"`
	LastEcho       time.Time `json:"last_echo"`
	UpgradeVersion string    `json:"upgrade_version,omitempty"`
	RedundancyZone string    `json:"redundancy_zone,omitempty"`
}

type PerfStandbyElectionInput 

type PerfStandbyElectionInput struct {
	// contains filtered or unexported fields
}

func (*PerfStandbyElectionInput) Descriptor deprecated 

func (*PerfStandbyElectionInput) Descriptor() ([]byte, []int)

Deprecated: Use PerfStandbyElectionInput.ProtoReflect.Descriptor instead.

func (*PerfStandbyElectionInput) ProtoMessage 

func (*PerfStandbyElectionInput) ProtoMessage()

func (*PerfStandbyElectionInput) ProtoReflect 

func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message

func (*PerfStandbyElectionInput) Reset 

func (x *PerfStandbyElectionInput) Reset()

func (*PerfStandbyElectionInput) String 

func (x *PerfStandbyElectionInput) String() string

type PerfStandbyElectionResponse 

type PerfStandbyElectionResponse struct {
	ID                 string     `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	ClusterID          string     `protobuf:"bytes,2,opt,name=cluster_id,json=clusterId,proto3" json:"cluster_id,omitempty"`
	PrimaryClusterAddr string     `protobuf:"bytes,3,opt,name=primary_cluster_addr,json=primaryClusterAddr,proto3" json:"primary_cluster_addr,omitempty"`
	CaCert             []byte     `protobuf:"bytes,4,opt,name=ca_cert,json=caCert,proto3" json:"ca_cert,omitempty"`
	ClientCert         []byte     `protobuf:"bytes,5,opt,name=client_cert,json=clientCert,proto3" json:"client_cert,omitempty"`
	ClientKey          *ClientKey `protobuf:"bytes,6,opt,name=client_key,json=clientKey,proto3" json:"client_key,omitempty"`
	// contains filtered or unexported fields
}

func (*PerfStandbyElectionResponse) Descriptor deprecated 

func (*PerfStandbyElectionResponse) Descriptor() ([]byte, []int)

Deprecated: Use PerfStandbyElectionResponse.ProtoReflect.Descriptor instead.

func (*PerfStandbyElectionResponse) GetCaCert 

func (x *PerfStandbyElectionResponse) GetCaCert() []byte

func (*PerfStandbyElectionResponse) GetClientCert 

func (x *PerfStandbyElectionResponse) GetClientCert() []byte

func (*PerfStandbyElectionResponse) GetClientKey 

func (x *PerfStandbyElectionResponse) GetClientKey() *ClientKey

func (*PerfStandbyElectionResponse) GetClusterID 

func (x *PerfStandbyElectionResponse) GetClusterID() string

func (*PerfStandbyElectionResponse) GetID 

func (x *PerfStandbyElectionResponse) GetID() string

func (*PerfStandbyElectionResponse) GetPrimaryClusterAddr 

func (x *PerfStandbyElectionResponse) GetPrimaryClusterAddr() string

func (*PerfStandbyElectionResponse) ProtoMessage 

func (*PerfStandbyElectionResponse) ProtoMessage()

func (*PerfStandbyElectionResponse) ProtoReflect 

func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message

func (*PerfStandbyElectionResponse) Reset 

func (x *PerfStandbyElectionResponse) Reset()

func (*PerfStandbyElectionResponse) String 

func (x *PerfStandbyElectionResponse) String() string

type PhysicalBackendBundle 

type PhysicalBackendBundle struct {
	Backend   physical.Backend
	HABackend physical.HABackend
	Cleanup   func()
}

type PluginCatalog 

type PluginCatalog struct {
	// contains filtered or unexported fields
}

PluginCatalog keeps a record of plugins known to vault. External plugins need to be registered to the catalog before they can be used in backends. Builtin plugins are automatically detected and included in the catalog.

func (*PluginCatalog) Delete 

func (c *PluginCatalog) Delete(ctx context.Context, name string, pluginType consts.PluginType, pluginVersion string) error

Delete is used to remove an external plugin from the catalog. Builtin plugins can not be deleted.

func (*PluginCatalog) Get 

func (c *PluginCatalog) Get(ctx context.Context, name string, pluginType consts.PluginType, version string) (*pluginutil.PluginRunner, error)

Get retrieves a plugin with the specified name from the catalog. It first looks for external plugins with this name and then looks for builtin plugins. It returns a PluginRunner or an error if no plugin was found.

func (*PluginCatalog) List 

func (c *PluginCatalog) List(ctx context.Context, pluginType consts.PluginType) ([]string, error)

List returns a list of all the known plugin names. If an external and builtin plugin share the same name, only one instance of the name will be returned.

func (*PluginCatalog) ListVersionedPlugins 

func (c *PluginCatalog) ListVersionedPlugins(ctx context.Context, pluginType consts.PluginType) ([]pluginutil.VersionedPlugin, error)

func (*PluginCatalog) NewPluginClient 

func (c *PluginCatalog) NewPluginClient(ctx context.Context, config pluginutil.PluginClientConfig) (*pluginClient, error)

NewPluginClient returns a client for managing the lifecycle of a plugin process

func (*PluginCatalog) Set 

func (c *PluginCatalog) Set(ctx context.Context, name string, pluginType consts.PluginType, version string, command string, args []string, env []string, sha256 []byte) error

Set registers a new external plugin with the catalog, or updates an existing external plugin. It takes the name, command and SHA256 of the plugin.

func (*PluginCatalog) UpgradePlugins 

func (c *PluginCatalog) UpgradePlugins(ctx context.Context, logger log.Logger) error

UpdatePlugins will loop over all the plugins of unknown type and attempt to upgrade them to typed plugins

type Policy 

type Policy struct {
	Name      string       `hcl:"name"`
	Paths     []*PathRules `hcl:"-"`
	Raw       string
	Type      PolicyType
	Templated bool
	// contains filtered or unexported fields
}

Policy is used to represent the policy specified by an ACL configuration.

func ParseACLPolicy 

func ParseACLPolicy(ns *namespace.Namespace, rules string) (*Policy, error)

ParseACLPolicy is used to parse the specified ACL rules into an intermediary set of policies, before being compiled into the ACL

func (*Policy) ShallowClone 

func (p *Policy) ShallowClone() *Policy

ShallowClone returns a shallow clone of the policy. This should not be used if any of the reference-typed fields are going to be modified

type PolicyCheckOpts 

type PolicyCheckOpts struct {
	RootPrivsRequired bool
	Unauth            bool
}

type PolicyEntry 

type PolicyEntry struct {
	Version   int
	Raw       string
	Templated bool
	Type      PolicyType
	// contains filtered or unexported fields
}

PolicyEntry is used to store a policy by name

type PolicyMFABackend 

type PolicyMFABackend struct {
	*MFABackend
}

func NewPolicyMFABackend 

func NewPolicyMFABackend(core *Core, logger hclog.Logger) *PolicyMFABackend

type PolicyStore 

type PolicyStore struct {
	// contains filtered or unexported fields
}

PolicyStore is used to provide durable storage of policy, and to manage ACLs associated with them.

func NewPolicyStore 

func NewPolicyStore(ctx context.Context, core *Core, baseView *BarrierView, system logical.SystemView, logger log.Logger) (*PolicyStore, error)

NewPolicyStore creates a new PolicyStore that is backed using a given view. It used used to durable store and manage named policy.

func (*PolicyStore) ACL 

func (ps *PolicyStore) ACL(ctx context.Context, entity *identity.Entity, policyNames map[string][]string, additionalPolicies ...*Policy) (*ACL, error)

ACL is used to return an ACL which is built using the named policies and pre-fetched policies if given.

func (*PolicyStore) DeletePolicy 

func (ps *PolicyStore) DeletePolicy(ctx context.Context, name string, policyType PolicyType) error

DeletePolicy is used to delete the named policy

func (*PolicyStore) GetPolicy 

func (ps *PolicyStore) GetPolicy(ctx context.Context, name string, policyType PolicyType) (*Policy, error)

GetPolicy is used to fetch the named policy

func (*PolicyStore) ListPolicies 

func (ps *PolicyStore) ListPolicies(ctx context.Context, policyType PolicyType) ([]string, error)

ListPolicies is used to list the available policies

func (*PolicyStore) SetPolicy 

func (ps *PolicyStore) SetPolicy(ctx context.Context, p *Policy) error

SetPolicy is used to create or update the given policy

type PolicyType 

type PolicyType uint32
const (
	PolicyTypeACL PolicyType = iota
	PolicyTypeRGP
	PolicyTypeEGP

	// Triggers a lookup in the map to figure out if ACL or RGP
	PolicyTypeToken
)

func (PolicyType) String 

func (p PolicyType) String() string

type RawBackend 

type RawBackend struct {
	*framework.Backend
	// contains filtered or unexported fields
}

func NewRawBackend 

func NewRawBackend(core *Core) *RawBackend

type RegisterAuthFunc 

type RegisterAuthFunc func(context.Context, time.Duration, string, *logical.Auth, string) error

type RekeyBackup 

type RekeyBackup struct {
	Nonce string
	Keys  map[string][]string
}

RekeyBackup stores the backup copy of PGP-encrypted keys

type RekeyResult 

type RekeyResult struct {
	SecretShares         [][]byte
	PGPFingerprints      []string
	Backup               bool
	RecoveryKey          bool
	VerificationRequired bool
	VerificationNonce    string
}

RekeyResult is used to provide the key parts back after they are generated as part of the rekey.

type RekeyVerifyResult 

type RekeyVerifyResult struct {
	Complete bool
	Nonce    string
}

type ReplicationTokenInfo 

type ReplicationTokenInfo struct{}

type RequestForwardingClient 

type RequestForwardingClient interface {
	ForwardRequest(ctx context.Context, in *forwarding.Request, opts ...grpc.CallOption) (*forwarding.Response, error)
	Echo(ctx context.Context, in *EchoRequest, opts ...grpc.CallOption) (*EchoReply, error)
	PerformanceStandbyElectionRequest(ctx context.Context, in *PerfStandbyElectionInput, opts ...grpc.CallOption) (RequestForwarding_PerformanceStandbyElectionRequestClient, error)
}

RequestForwardingClient is the client API for RequestForwarding service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewRequestForwardingClient 

func NewRequestForwardingClient(cc grpc.ClientConnInterface) RequestForwardingClient

type RequestForwardingServer 

type RequestForwardingServer interface {
	ForwardRequest(context.Context, *forwarding.Request) (*forwarding.Response, error)
	Echo(context.Context, *EchoRequest) (*EchoReply, error)
	PerformanceStandbyElectionRequest(*PerfStandbyElectionInput, RequestForwarding_PerformanceStandbyElectionRequestServer) error
	// contains filtered or unexported methods
}

RequestForwardingServer is the server API for RequestForwarding service. All implementations must embed UnimplementedRequestForwardingServer for forward compatibility

type RequestForwarding_PerformanceStandbyElectionRequestClient 

type RequestForwarding_PerformanceStandbyElectionRequestClient interface {
	Recv() (*PerfStandbyElectionResponse, error)
	grpc.ClientStream
}

type RequestForwarding_PerformanceStandbyElectionRequestServer 

type RequestForwarding_PerformanceStandbyElectionRequestServer interface {
	Send(*PerfStandbyElectionResponse) error
	grpc.ServerStream
}

type ResponseCounts 

type ResponseCounts struct {
	DistinctEntities int `json:"distinct_entities"`
	EntityClients    int `json:"entity_clients"`
	NonEntityTokens  int `json:"non_entity_tokens"`
	NonEntityClients int `json:"non_entity_clients"`
	Clients          int `json:"clients"`
}

type ResponseMonth 

type ResponseMonth struct {
	Timestamp  string               `json:"timestamp"`
	Counts     *ResponseCounts      `json:"counts"`
	Namespaces []*ResponseNamespace `json:"namespaces"`
	NewClients *ResponseNewClients  `json:"new_clients" mapstructure:"new_clients"`
}

type ResponseMount 

type ResponseMount struct {
	MountPath string          `json:"mount_path"`
	Counts    *ResponseCounts `json:"counts"`
}

type ResponseNamespace 

type ResponseNamespace struct {
	NamespaceID   string           `json:"namespace_id"`
	NamespacePath string           `json:"namespace_path"`
	Counts        ResponseCounts   `json:"counts"`
	Mounts        []*ResponseMount `json:"mounts"`
}

type ResponseNewClients 

type ResponseNewClients struct {
	Counts     *ResponseCounts      `json:"counts"`
	Namespaces []*ResponseNamespace `json:"namespaces"`
}

type RollbackManager 

type RollbackManager struct {
	// contains filtered or unexported fields
}

RollbackManager is responsible for performing rollbacks of partial secrets within logical backends.

During normal operations, it is possible for logical backends to error partially through an operation. These are called "partial secrets": they are never sent back to a user, but they do need to be cleaned up. This manager handles that by periodically (on a timer) requesting that the backends clean up.

The RollbackManager periodically initiates a logical.RollbackOperation on every mounted logical backend. It ensures that only one rollback operation is in-flight at any given time within a single seal/unseal phase.

func NewRollbackManager 

func NewRollbackManager(ctx context.Context, logger log.Logger, backendsFunc func() []*MountEntry, router *Router, core *Core) *RollbackManager

NewRollbackManager is used to create a new rollback manager

func (*RollbackManager) Rollback 

func (m *RollbackManager) Rollback(ctx context.Context, path string) error

Rollback is used to trigger an immediate rollback of the path, or to join an existing rollback operation if in flight. Caller should have core's statelock held (write OR read). If an already inflight rollback is happening this function will simply wait for it to complete

func (*RollbackManager) Start 

func (m *RollbackManager) Start()

Start starts the rollback manager

func (*RollbackManager) Stop 

func (m *RollbackManager) Stop()

Stop stops the running manager. This will wait for any in-flight rollbacks to complete.

type Router 

type Router struct {
	// contains filtered or unexported fields
}

Router is used to do prefix based routing of a request to a logical backend

func NewRouter 

func NewRouter() *Router

NewRouter returns a new router

func (*Router) LoginPath 

func (r *Router) LoginPath(ctx context.Context, path string) bool

LoginPath checks if the given path is used for logins Matching Priority

  1. prefix
  2. exact
  3. wildcard

func (*Router) MatchingAPIPrefixByStoragePath 

func (r *Router) MatchingAPIPrefixByStoragePath(ctx context.Context, path string) (*namespace.Namespace, string, string, bool)

MatchingAPIPrefixByStoragePath the api path information for the given storage path

func (*Router) MatchingBackend 

func (r *Router) MatchingBackend(ctx context.Context, path string) logical.Backend

MatchingBackend returns the backend used for a path

func (*Router) MatchingMount 

func (r *Router) MatchingMount(ctx context.Context, path string) string

MatchingMount returns the mount prefix that would be used for a path

func (*Router) MatchingMountByAPIPath 

func (r *Router) MatchingMountByAPIPath(ctx context.Context, path string) string

func (*Router) MatchingMountByAccessor 

func (r *Router) MatchingMountByAccessor(mountAccessor string) *MountEntry

MatchingMountByAccessor returns the MountEntry by accessor lookup

func (*Router) MatchingMountByUUID 

func (r *Router) MatchingMountByUUID(mountID string) *MountEntry

func (*Router) MatchingMountEntry 

func (r *Router) MatchingMountEntry(ctx context.Context, path string) *MountEntry

MatchingMountEntry returns the MountEntry used for a path

func (*Router) MatchingStorageByAPIPath 

func (r *Router) MatchingStorageByAPIPath(ctx context.Context, path string) logical.Storage

MatchingStorageByAPIPath/StoragePath returns the storage used for API/Storage paths respectively

func (*Router) MatchingStorageByStoragePath 

func (r *Router) MatchingStorageByStoragePath(ctx context.Context, path string) logical.Storage

func (*Router) MatchingStoragePrefixByAPIPath 

func (r *Router) MatchingStoragePrefixByAPIPath(ctx context.Context, path string) (string, bool)

MatchingStoragePrefixByAPIPath the storage prefix for the given api path

func (*Router) MatchingSystemView 

func (r *Router) MatchingSystemView(ctx context.Context, path string) logical.SystemView

MatchingSystemView returns the SystemView used for a path

func (*Router) Mount 

func (r *Router) Mount(backend logical.Backend, prefix string, mountEntry *MountEntry, storageView *BarrierView) error

Mount is used to expose a logical backend at a given prefix, using a unique salt, and the barrier view for that path.

func (*Router) MountConflict 

func (r *Router) MountConflict(ctx context.Context, path string) string

MountConflict determines if there are potential path conflicts

func (*Router) Remount 

func (r *Router) Remount(ctx context.Context, src, dst string) error

Remount is used to change the mount location of a logical backend

func (*Router) RootPath 

func (r *Router) RootPath(ctx context.Context, path string) bool

RootPath checks if the given path requires root privileges

func (*Router) Route 

func (r *Router) Route(ctx context.Context, req *logical.Request) (*logical.Response, error)

Route is used to route a given request

func (*Router) RouteExistenceCheck 

func (r *Router) RouteExistenceCheck(ctx context.Context, req *logical.Request) (*logical.Response, bool, bool, error)

RouteExistenceCheck is used to route a given existence check request

func (*Router) Taint 

func (r *Router) Taint(ctx context.Context, path string) error

Taint is used to mark a path as tainted. This means only RollbackOperation RevokeOperation requests are allowed to proceed

func (*Router) Unmount 

func (r *Router) Unmount(ctx context.Context, prefix string) error

Unmount is used to remove a logical backend from a given prefix

func (*Router) Untaint 

func (r *Router) Untaint(ctx context.Context, path string) error

Untaint is used to unmark a path as tainted.

func (*Router) ValidateMountByAccessor 

func (r *Router) ValidateMountByAccessor(accessor string) *ValidateMountResponse

ValidateMountByAccessor returns the mount type and ID for a given mount accessor

type RouterAccess 

type RouterAccess struct {
	// contains filtered or unexported fields
}

RouterAccess provides access into some things necessary for testing

func NewRouterAccess 

func NewRouterAccess(c *Core) *RouterAccess

func (*RouterAccess) StoragePrefixByAPIPath 

func (r *RouterAccess) StoragePrefixByAPIPath(ctx context.Context, path string) (string, bool)

type RouterTestHandlerFunc 

type RouterTestHandlerFunc func(context.Context, *logical.Request) (*logical.Response, error)

type SSCTokenGenerationCounter 

type SSCTokenGenerationCounter struct {
	Counter int
}

type Seal 

type Seal interface {
	SetCore(*Core)
	Init(context.Context) error
	Finalize(context.Context) error
	StoredKeysSupported() seal.StoredKeysSupport
	SealWrapable() bool
	SetStoredKeys(context.Context, [][]byte) error
	GetStoredKeys(context.Context) ([][]byte, error)
	BarrierType() wrapping.WrapperType
	BarrierConfig(context.Context) (*SealConfig, error)
	SetBarrierConfig(context.Context, *SealConfig) error
	SetCachedBarrierConfig(*SealConfig)
	RecoveryKeySupported() bool
	RecoveryType() string
	RecoveryConfig(context.Context) (*SealConfig, error)
	RecoveryKey(context.Context) ([]byte, error)
	SetRecoveryConfig(context.Context, *SealConfig) error
	SetCachedRecoveryConfig(*SealConfig)
	SetRecoveryKey(context.Context, []byte) error
	VerifyRecoveryKey(context.Context, []byte) error
	GetAccess() *seal.Access
}

func NewDefaultSeal 

func NewDefaultSeal(lowLevel *seal.Access) Seal

func NewTestSeal 

func NewTestSeal(t testing.T, opts *seal.TestSealOpts) Seal

type SealAccess 

type SealAccess struct {
	// contains filtered or unexported fields
}

SealAccess is a wrapper around Seal that exposes accessor methods through Core.SealAccess() while restricting the ability to modify Core.seal itself.

func NewSealAccess 

func NewSealAccess(seal Seal) *SealAccess

func (*SealAccess) BarrierConfig 

func (s *SealAccess) BarrierConfig(ctx context.Context) (*SealConfig, error)

func (*SealAccess) BarrierType 

func (s *SealAccess) BarrierType() wrapping.WrapperType

func (*SealAccess) ClearCaches 

func (s *SealAccess) ClearCaches(ctx context.Context)

func (*SealAccess) GetAccess 

func (s *SealAccess) GetAccess() *seal.Access

func (*SealAccess) RecoveryConfig 

func (s *SealAccess) RecoveryConfig(ctx context.Context) (*SealConfig, error)

func (*SealAccess) RecoveryKeySupported 

func (s *SealAccess) RecoveryKeySupported() bool

func (*SealAccess) StoredKeysSupported 

func (s *SealAccess) StoredKeysSupported() seal.StoredKeysSupport

func (*SealAccess) VerifyRecoveryKey 

func (s *SealAccess) VerifyRecoveryKey(ctx context.Context, key []byte) error

type SealConfig 

type SealConfig struct {
	// The type, for sanity checking
	Type string `json:"type" mapstructure:"type"`

	// SecretShares is the number of shares the secret is split into. This is
	// the N value of Shamir.
	SecretShares int `json:"secret_shares" mapstructure:"secret_shares"`

	// SecretThreshold is the number of parts required to open the vault. This
	// is the T value of Shamir.
	SecretThreshold int `json:"secret_threshold" mapstructure:"secret_threshold"`

	// PGPKeys is the array of public PGP keys used, if requested, to encrypt
	// the output unseal tokens. If provided, it sets the value of
	// SecretShares. Ordering is important.
	PGPKeys []string `json:"pgp_keys" mapstructure:"pgp_keys"`

	// Nonce is a nonce generated by Vault used to ensure that when unseal keys
	// are submitted for a rekey operation, the rekey operation itself is the
	// one intended. This prevents hijacking of the rekey operation, since it
	// is unauthenticated.
	Nonce string `json:"nonce" mapstructure:"nonce"`

	// Backup indicates whether or not a backup of PGP-encrypted unseal keys
	// should be stored at coreUnsealKeysBackupPath after successful rekeying.
	Backup bool `json:"backup" mapstructure:"backup"`

	// How many keys to store, for seals that support storage.  Always 0 or 1.
	StoredShares int `json:"stored_shares" mapstructure:"stored_shares"`

	// Stores the progress of the rekey operation (key shares)
	RekeyProgress [][]byte `json:"-"`

	// VerificationRequired indicates that after a rekey validation must be
	// performed (via providing shares from the new key) before the new key is
	// actually installed. This is omitted from JSON as we don't persist the
	// new key, it lives only in memory.
	VerificationRequired bool `json:"-"`

	// VerificationKey is the new key that we will roll to after successful
	// validation
	VerificationKey []byte `json:"-"`

	// VerificationNonce stores the current operation nonce for verification
	VerificationNonce string `json:"-"`

	// Stores the progress of the verification operation (key shares)
	VerificationProgress [][]byte `json:"-"`
}

SealConfig is used to describe the seal configuration

func (*SealConfig) Clone 

func (s *SealConfig) Clone() *SealConfig

func (*SealConfig) Validate 

func (s *SealConfig) Validate() error

Validate is used to sanity check the seal configuration

type SealStatusResponse 

type SealStatusResponse struct {
	Type              string `json:"type"`
	Initialized       bool   `json:"initialized"`
	Sealed            bool   `json:"sealed"`
	T                 int    `json:"t"`
	N                 int    `json:"n"`
	Progress          int    `json:"progress"`
	Nonce             string `json:"nonce"`
	Version           string `json:"version"`
	BuildDate         string `json:"build_date"`
	Migration         bool   `json:"migration"`
	ClusterName       string `json:"cluster_name,omitempty"`
	ClusterID         string `json:"cluster_id,omitempty"`
	RecoverySeal      bool   `json:"recovery_seal"`
	StorageType       string `json:"storage_type,omitempty"`
	HCPLinkStatus     string `json:"hcp_link_status,omitempty"`
	HCPLinkResourceID string `json:"hcp_link_resource_ID,omitempty"`
}

type SecurityBarrier 

type SecurityBarrier interface {
	// Initialized checks if the barrier has been initialized
	// and has a root key set.
	Initialized(ctx context.Context) (bool, error)

	// Initialize works only if the barrier has not been initialized
	// and makes use of the given root key.  When sealKey is provided
	// it's because we're using a new-style Shamir seal, and rootKey
	// is to be stored using sealKey to encrypt it.
	Initialize(ctx context.Context, rootKey []byte, sealKey []byte, random io.Reader) error

	// GenerateKey is used to generate a new key
	GenerateKey(io.Reader) ([]byte, error)

	// KeyLength is used to sanity check a key
	KeyLength() (int, int)

	// Sealed checks if the barrier has been unlocked yet. The Barrier
	// is not expected to be able to perform any CRUD until it is unsealed.
	Sealed() (bool, error)

	// Unseal is used to provide the unseal key which permits the barrier
	// to be unsealed. If the key is not correct, the barrier remains sealed.
	Unseal(ctx context.Context, key []byte) error

	// VerifyRoot is used to check if the given key matches the root key
	VerifyRoot(key []byte) error

	// SetRootKey is used to directly set a new root key. This is used in
	// replicated scenarios due to the chicken and egg problem of reloading the
	// keyring from disk before we have the root key to decrypt it.
	SetRootKey(key []byte) error

	// ReloadKeyring is used to re-read the underlying keyring.
	// This is used for HA deployments to ensure the latest keyring
	// is present in the leader.
	ReloadKeyring(ctx context.Context) error

	// ReloadRootKey is used to re-read the underlying root key.
	// This is used for HA deployments to ensure the latest root key
	// is available for keyring reloading.
	ReloadRootKey(ctx context.Context) error

	// Seal is used to re-seal the barrier. This requires the barrier to
	// be unsealed again to perform any further operations.
	Seal() error

	// Rotate is used to create a new encryption key. All future writes
	// should use the new key, while old values should still be decryptable.
	Rotate(ctx context.Context, reader io.Reader) (uint32, error)

	// CreateUpgrade creates an upgrade path key to the given term from the previous term
	CreateUpgrade(ctx context.Context, term uint32) error

	// DestroyUpgrade destroys the upgrade path key to the given term
	DestroyUpgrade(ctx context.Context, term uint32) error

	// CheckUpgrade looks for an upgrade to the current term and installs it
	CheckUpgrade(ctx context.Context) (bool, uint32, error)

	// ActiveKeyInfo is used to inform details about the active key
	ActiveKeyInfo() (*KeyInfo, error)

	// RotationConfig returns the auto-rotation config for the barrier key
	RotationConfig() (KeyRotationConfig, error)

	// SetRotationConfig updates the auto-rotation config for the barrier key
	SetRotationConfig(ctx context.Context, config KeyRotationConfig) error

	// Rekey is used to change the master key used to protect the keyring
	Rekey(context.Context, []byte) error

	// For replication we must send over the keyring, so this must be available
	Keyring() (*Keyring, error)

	// For encryption count shipping, a function which handles updating local encryption counts if the consumer succeeds.
	// This isolates the barrier code from the replication system
	ConsumeEncryptionCount(consumer func(int64) error) error

	// Add encryption counts from a remote source (downstream cluster node)
	AddRemoteEncryptions(encryptions int64)

	// Check whether an automatic rotation is due
	CheckBarrierAutoRotate(ctx context.Context) (string, error)

	// SecurityBarrier must provide the storage APIs
	logical.Storage

	// SecurityBarrier must provide the encryption APIs
	BarrierEncryptor
}

SecurityBarrier is a critical component of Vault. It is used to wrap an untrusted physical backend and provide a single point of encryption, decryption and checksum verification. The goal is to ensure that any data written to the barrier is confidential and that integrity is preserved. As a real-world analogy, this is the steel and concrete wrapper around a Vault. The barrier should only be Unlockable given its key.

type SentinelResults 

type SentinelResults struct {
	GrantingPolicies []logical.PolicyInfo
}

type SystemBackend 

type SystemBackend struct {
	*framework.Backend
	Core *Core
	// contains filtered or unexported fields
}

SystemBackend implements logical.Backend and is used to interact with the core of the system. This backend is hardcoded to exist at the "sys" prefix. Conceptually it is similar to procfs on Linux.

func NewSystemBackend 

func NewSystemBackend(core *Core, logger log.Logger) *SystemBackend

type TOTPPersister 

type TOTPPersister interface {
	PersistTOTPKey(ctx context.Context, configID string, entityID string, key string) error
}

type TemplateError 

type TemplateError struct {
	Err error
}

func (*TemplateError) Error 

func (t *TemplateError) Error() string

func (*TemplateError) WrappedErrors 

func (t *TemplateError) WrappedErrors() []error

type TestCluster 

type TestCluster struct {
	BarrierKeys        [][]byte
	RecoveryKeys       [][]byte
	CACert             *x509.Certificate
	CACertBytes        []byte
	CACertPEM          []byte
	CACertPEMFile      string
	CAKey              *ecdsa.PrivateKey
	CAKeyPEM           []byte
	Cores              []*TestClusterCore
	ID                 string
	RootToken          string
	RootCAs            *x509.CertPool
	TempDir            string
	ClientAuthRequired bool
	Logger             log.Logger
	CleanupFunc        func()
	SetupFunc          func()

	LicensePublicKey  ed25519.PublicKey
	LicensePrivateKey ed25519.PrivateKey
	// contains filtered or unexported fields
}

func CreateTestClusterWithRollbackPeriod 

func CreateTestClusterWithRollbackPeriod(t testing.T, newPeriod time.Duration, base *CoreConfig, opts *TestClusterOptions) *TestCluster

func NewTestCluster 

func NewTestCluster(t testing.T, base *CoreConfig, opts *TestClusterOptions) *TestCluster

NewTestCluster creates a new test cluster based on the provided core config and test cluster options.

N.B. Even though a single base CoreConfig is provided, NewTestCluster will instantiate a core config for each core it creates. If separate seal per core is desired, opts.SealFunc can be provided to generate a seal for each one. Otherwise, the provided base.Seal will be shared among cores. NewCore's default behavior is to generate a new DefaultSeal if the provided Seal in coreConfig (i.e. base.Seal) is nil.

If opts.Logger is provided, it takes precedence and will be used as the cluster logger and will be the basis for each core's logger. If no opts.Logger is given, one will be generated based on t.Name() for the cluster logger, and if no base.Logger is given will also be used as the basis for each core's logger.

func (*TestCluster) AttemptUnsealCore 

func (c *TestCluster) AttemptUnsealCore(core *TestClusterCore) error

func (*TestCluster) Cleanup 

func (c *TestCluster) Cleanup()

func (*TestCluster) EnsureCoresSealed 

func (c *TestCluster) EnsureCoresSealed(t testing.T)

func (*TestCluster) Start 

func (c *TestCluster) Start()

func (*TestCluster) StartCore 

func (cluster *TestCluster) StartCore(t testing.T, idx int, opts *TestClusterOptions)

Restart a TestClusterCore that was stopped, by replacing the underlying Core.

func (*TestCluster) StopCore 

func (cluster *TestCluster) StopCore(t testing.T, idx int)

StopCore performs an orderly shutdown of a core.

func (*TestCluster) UnsealCore 

func (c *TestCluster) UnsealCore(t testing.T, core *TestClusterCore)

func (*TestCluster) UnsealCoreWithStoredKeys 

func (c *TestCluster) UnsealCoreWithStoredKeys(t testing.T, core *TestClusterCore)

func (*TestCluster) UnsealCores 

func (c *TestCluster) UnsealCores(t testing.T)

UnsealCores uses the cluster barrier keys to unseal the test cluster cores

func (*TestCluster) UnsealCoresWithError 

func (c *TestCluster) UnsealCoresWithError(useStoredKeys bool) error

type TestClusterCore 

type TestClusterCore struct {
	*Core
	CoreConfig           *CoreConfig
	Client               *api.Client
	Handler              http.Handler
	Address              *net.TCPAddr
	Listeners            []*TestListener
	ReloadFuncs          *map[string][]reloadutil.ReloadFunc
	ReloadFuncsLock      *sync.RWMutex
	Server               *http.Server
	ServerCert           *x509.Certificate
	ServerCertBytes      []byte
	ServerCertPEM        []byte
	ServerKey            *ecdsa.PrivateKey
	ServerKeyPEM         []byte
	TLSConfig            *tls.Config
	UnderlyingStorage    physical.Backend
	UnderlyingRawStorage physical.Backend
	UnderlyingHAStorage  physical.HABackend
	Barrier              SecurityBarrier
	NodeID               string
}

func (*TestClusterCore) Seal 

func (c *TestClusterCore) Seal(t testing.T)

type TestClusterOptions 

type TestClusterOptions struct {
	KeepStandbysSealed       bool
	SkipInit                 bool
	HandlerFunc              func(*HandlerProperties) http.Handler
	DefaultHandlerProperties HandlerProperties

	// BaseListenAddress is used to explicitly assign ports in sequence to the
	// listener of each core.  It should be a string of the form
	// "127.0.0.1:20000"
	//
	// WARNING: Using an explicitly assigned port above 30000 may clash with
	// ephemeral ports that have been assigned by the OS in other tests.  The
	// use of explicitly assigned ports below 30000 is strongly recommended.
	// In addition, you should be careful to use explicitly assigned ports that
	// do not clash with any other explicitly assigned ports in other tests.
	BaseListenAddress string

	// BaseClusterListenPort is used to explicitly assign ports in sequence to
	// the cluster listener of each core.  If BaseClusterListenPort is
	// specified, then BaseListenAddress must also be specified.  Each cluster
	// listener will use the same host as the one specified in
	// BaseListenAddress.
	//
	// WARNING: Using an explicitly assigned port above 30000 may clash with
	// ephemeral ports that have been assigned by the OS in other tests.  The
	// use of explicitly assigned ports below 30000 is strongly recommended.
	// In addition, you should be careful to use explicitly assigned ports that
	// do not clash with any other explicitly assigned ports in other tests.
	BaseClusterListenPort int

	NumCores       int
	SealFunc       func() Seal
	UnwrapSealFunc func() Seal
	Logger         log.Logger
	TempDir        string
	CACert         []byte
	CAKey          *ecdsa.PrivateKey
	// PhysicalFactory is used to create backends.
	// The int argument is the index of the core within the cluster, i.e. first
	// core in cluster will have 0, second 1, etc.
	// If the backend is shared across the cluster (i.e. is not Raft) then it
	// should return nil when coreIdx != 0.
	PhysicalFactory func(t testing.T, coreIdx int, logger log.Logger, conf map[string]interface{}) *PhysicalBackendBundle
	// FirstCoreNumber is used to assign a unique number to each core within
	// a multi-cluster setup.
	FirstCoreNumber   int
	RequireClientAuth bool
	// SetupFunc is called after the cluster is started.
	SetupFunc      func(t testing.T, c *TestCluster)
	PR1103Disabled bool

	// ClusterLayers are used to override the default cluster connection layer
	ClusterLayers cluster.NetworkLayerSet
	// InmemClusterLayers is a shorthand way of asking for ClusterLayers to be
	// built using the inmem implementation.
	InmemClusterLayers bool

	// RaftAddressProvider is used to set the raft ServerAddressProvider on
	// each core.
	//
	// If SkipInit is true, then RaftAddressProvider has no effect.
	// RaftAddressProvider should only be specified if the underlying physical
	// storage is Raft.
	RaftAddressProvider raftlib.ServerAddressProvider

	CoreMetricSinkProvider func(clusterName string) (*metricsutil.ClusterMetricSink, *metricsutil.MetricsHelper)

	PhysicalFactoryConfig map[string]interface{}
	LicensePublicKey      ed25519.PublicKey
	LicensePrivateKey     ed25519.PrivateKey

	// this stores the vault version that should be used for each core config
	VersionMap        map[int]string
	RedundancyZoneMap map[int]string
	KVVersion         string
}

type TestListener 

type TestListener struct {
	net.Listener
	Address *net.TCPAddr
}

type TestLogger 

type TestLogger struct {
	log.Logger
	Path string
	File *os.File
	// contains filtered or unexported fields
}

func NewTestLogger 

func NewTestLogger(t testing.T) *TestLogger

func (*TestLogger) StopLogging 

func (tl *TestLogger) StopLogging()

type TokenCounter 

type TokenCounter struct {
	// Total is the total number of tokens
	Total int `json:"total"`
}

TokenCounter counts the number of tokens

type TokenStore 

type TokenStore struct {
	*framework.Backend
	// contains filtered or unexported fields
}

TokenStore is used to manage client tokens. Tokens are used for clients to authenticate, and each token is mapped to an applicable set of policy which is used for authorization.

func NewTokenStore 

func NewTokenStore(ctx context.Context, logger log.Logger, core *Core, config *logical.BackendConfig) (*TokenStore, error)

NewTokenStore is used to construct a token store that is backed by the given barrier view.

func (*TokenStore) CalculateSignedTokenHMAC 

func (ts *TokenStore) CalculateSignedTokenHMAC(marshalledToken []byte) ([]byte, error)

func (*TokenStore) GenerateSSCTokenID 

func (ts *TokenStore) GenerateSSCTokenID(innerToken string, walState *logical.WALState, te *logical.TokenEntry) string

GenerateSSCTokenID generates the ID field of the TokenEntry struct for newly minted service tokens. This function is meant to be robust so as to allow vault to continue operating even in the case where IDs can't be generated. Thus it logs errors as opposed to throwing them.

func (*TokenStore) GetSSCTokensGenerationCounter 

func (ts *TokenStore) GetSSCTokensGenerationCounter() int

func (*TokenStore) Invalidate 

func (ts *TokenStore) Invalidate(ctx context.Context, key string)

func (*TokenStore) Lookup 

func (ts *TokenStore) Lookup(ctx context.Context, id string) (*logical.TokenEntry, error)

Lookup is used to find a token given its ID. It acquires a read lock, then calls lookupInternal.

func (*TokenStore) Salt 

func (ts *TokenStore) Salt(ctx context.Context) (*salt.Salt, error)

func (*TokenStore) SaltID 

func (ts *TokenStore) SaltID(ctx context.Context, id string) (string, error)

SaltID is used to apply a salt and hash to an ID to make sure its not reversible

func (*TokenStore) SetExpirationManager 

func (ts *TokenStore) SetExpirationManager(exp *ExpirationManager)

SetExpirationManager is used to provide the token store with an expiration manager. This is used to manage prefix based revocation of tokens and to tidy entries when removed from the token store.

func (*TokenStore) UpdateSSCTokensGenerationCounter 

func (ts *TokenStore) UpdateSSCTokensGenerationCounter(ctx context.Context) error

func (*TokenStore) UseToken 

func (ts *TokenStore) UseToken(ctx context.Context, te *logical.TokenEntry) (*logical.TokenEntry, error)

UseToken is used to manage restricted use tokens and decrement their available uses. Returns two values: a potentially updated entry or, if the token has been revoked, nil; and whether an error was encountered. The locking here isn't perfect, as other parts of the code may update an entry, but usually none after the entry is already created...so this is pretty good.

func (*TokenStore) UseTokenByID 

func (ts *TokenStore) UseTokenByID(ctx context.Context, id string) (*logical.TokenEntry, error)

type TokenStorer 

type TokenStorer interface {
	LookupToken(context.Context, string) (*logical.TokenEntry, error)
	CreateToken(context.Context, *logical.TokenEntry) error
}

type UIConfig 

type UIConfig struct {
	// contains filtered or unexported fields
}

UIConfig contains UI configuration. This takes both a physical view and a barrier view because it is stored in both plaintext and encrypted to allow for getting the header values before the barrier is unsealed

func NewUIConfig 

func NewUIConfig(enabled bool, physicalStorage physical.Backend, barrierStorage logical.Storage) *UIConfig

NewUIConfig creates a new UI config

func (*UIConfig) DeleteHeader 

func (c *UIConfig) DeleteHeader(ctx context.Context, header string) error

DeleteHeader deletes the header configuration for the given header

func (*UIConfig) Enabled 

func (c *UIConfig) Enabled() bool

Enabled returns if the UI is enabled

func (*UIConfig) GetHeader 

func (c *UIConfig) GetHeader(ctx context.Context, header string) ([]string, error)

GetHeader retrieves the configured values for the given header

func (*UIConfig) HeaderKeys 

func (c *UIConfig) HeaderKeys(ctx context.Context) ([]string, error)

HeaderKeys returns the list of the configured headers

func (*UIConfig) Headers 

func (c *UIConfig) Headers(ctx context.Context) (http.Header, error)

Headers returns the response headers that should be returned in the UI

func (*UIConfig) SetHeader 

func (c *UIConfig) SetHeader(ctx context.Context, header string, values []string) error

SetHeader sets the values for the given header

type UnimplementedRequestForwardingServer 

type UnimplementedRequestForwardingServer struct {
}

UnimplementedRequestForwardingServer must be embedded to have forward compatible implementations.

func (UnimplementedRequestForwardingServer) Echo 

func (UnimplementedRequestForwardingServer) Echo(context.Context, *EchoRequest) (*EchoReply, error)

func (UnimplementedRequestForwardingServer) ForwardRequest 

func (UnimplementedRequestForwardingServer) ForwardRequest(context.Context, *forwarding.Request) (*forwarding.Response, error)

func (UnimplementedRequestForwardingServer) PerformanceStandbyElectionRequest 

func (UnimplementedRequestForwardingServer) PerformanceStandbyElectionRequest(*PerfStandbyElectionInput, RequestForwarding_PerformanceStandbyElectionRequestServer) error

type UnsafeRequestForwardingServer 

type UnsafeRequestForwardingServer interface {
	// contains filtered or unexported methods
}

UnsafeRequestForwardingServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to RequestForwardingServer will result in compilation errors.

type UnsealStrategy 

type UnsealStrategy interface {
	// contains filtered or unexported methods
}

type ValidateMountResponse 

type ValidateMountResponse struct {
	MountType     string `json:"mount_type" structs:"mount_type" mapstructure:"mount_type"`
	MountAccessor string `json:"mount_accessor" structs:"mount_accessor" mapstructure:"mount_accessor"`
	MountPath     string `json:"mount_path" structs:"mount_path" mapstructure:"mount_path"`
	MountLocal    bool   `json:"mount_local" structs:"mount_local" mapstructure:"mount_local"`
}

type VaultVersion 

type VaultVersion struct {
	TimestampInstalled time.Time
	Version            string
	BuildDate          string
}

Source Files

View all Source files

Directories

Path Synopsis
external_tests
sealmigration
capabilities
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.