mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-29 22:51:31 +01:00
Code Issues Projects Releases Wiki Activity

DBPW - Remove AutoMTLS option from DB plugin opts (#10182)

Browse Source
This commit is contained in:
Michael Golowka 2020-10-19 16:35:04 -06:00 committed by GitHub
parent 23b3f13d25
commit cf4cbe15bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 4 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk/database/dbplugin/v5/plugin_client.go
View File

@ -45,7 +45,6 @@ func NewPluginClient(ctx context.Context, sys pluginutil.RunnerUtil, pluginRunne
pluginutil.HandshakeConfig(handshakeConfig), pluginutil.HandshakeConfig(handshakeConfig),
pluginutil.Logger(logger), pluginutil.Logger(logger),
pluginutil.MetadataMode(isMetadataMode), pluginutil.MetadataMode(isMetadataMode),
pluginutil.AutoMTLS(false),
) )
if err != nil { if err != nil {
return nil, err return nil, err

1
sdk/database/newdbplugin/plugin_client.go
View File

@ -45,7 +45,6 @@ func NewPluginClient(ctx context.Context, sys pluginutil.RunnerUtil, pluginRunne
pluginutil.HandshakeConfig(handshakeConfig), pluginutil.HandshakeConfig(handshakeConfig),
pluginutil.Logger(logger), pluginutil.Logger(logger),
pluginutil.MetadataMode(isMetadataMode), pluginutil.MetadataMode(isMetadataMode),
pluginutil.AutoMTLS(false),
) )
if err != nil { if err != nil {
return nil, err return nil, err

11
sdk/helper/pluginutil/run_config.go
View File

@ -26,7 +26,6 @@ type runConfig struct {
hs plugin.HandshakeConfig hs plugin.HandshakeConfig
logger log.Logger logger log.Logger
isMetadataMode bool isMetadataMode bool
autoMTLS bool
} }
func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error) { func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error) {
@ -46,7 +45,7 @@ func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error
cmd.Env = append(cmd.Env, metadataEnv) cmd.Env = append(cmd.Env, metadataEnv)
var clientTLSConfig *tls.Config var clientTLSConfig *tls.Config
if !rc.autoMTLS && !rc.isMetadataMode { if !rc.isMetadataMode {
// Get a CA TLS Certificate // Get a CA TLS Certificate
certBytes, key, err := generateCert() certBytes, key, err := generateCert()
if err != nil { if err != nil {
@ -86,7 +85,7 @@ func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error
plugin.ProtocolNetRPC, plugin.ProtocolNetRPC,
plugin.ProtocolGRPC, plugin.ProtocolGRPC,
}, },
AutoMTLS: rc.autoMTLS, AutoMTLS: false,
} }
return clientConfig, nil return clientConfig, nil
} }
@ -139,12 +138,6 @@ func MetadataMode(isMetadataMode bool) RunOpt {
} }
} }
func AutoMTLS(autoMTLS bool) RunOpt {
return func(rc *runConfig) {
rc.autoMTLS = autoMTLS
}
}
func (r *PluginRunner) RunConfig(ctx context.Context, opts ...RunOpt) (*plugin.Client, error) { func (r *PluginRunner) RunConfig(ctx context.Context, opts ...RunOpt) (*plugin.Client, error) {
rc := runConfig{ rc := runConfig{
command: r.Command, command: r.Command,

120
sdk/helper/pluginutil/run_config_test.go
View File

@ -50,7 +50,6 @@ func TestNameMakeConfig(t *testing.T) {
}, },
logger: hclog.NewNullLogger(), logger: hclog.NewNullLogger(),
isMetadataMode: true, isMetadataMode: true,
autoMTLS: false,
}, },
responseWrapInfoTimes: 0, responseWrapInfoTimes: 0,
@ -109,7 +108,6 @@ func TestNameMakeConfig(t *testing.T) {
}, },
logger: hclog.NewNullLogger(), logger: hclog.NewNullLogger(),
isMetadataMode: false, isMetadataMode: false,
autoMTLS: false,
}, },
responseWrapInfo: &wrapping.ResponseWrapInfo{ responseWrapInfo: &wrapping.ResponseWrapInfo{
@ -155,124 +153,6 @@ func TestNameMakeConfig(t *testing.T) {
}, },
expectTLSConfig: true, expectTLSConfig: true,
}, },
"metadata mode, AutoMTLS": {
rc: runConfig{
command: "echo",
args: []string{"foo", "bar"},
sha256: []byte("some_sha256"),
env: []string{"initial=true"},
pluginSets: map[int]plugin.PluginSet{
1: plugin.PluginSet{
"bogus": nil,
},
},
hs: plugin.HandshakeConfig{
ProtocolVersion: 1,
MagicCookieKey: "magic_cookie_key",
MagicCookieValue: "magic_cookie_value",
},
logger: hclog.NewNullLogger(),
isMetadataMode: true,
autoMTLS: true,
},
responseWrapInfoTimes: 0,
mlockEnabled: false,
mlockEnabledTimes: 1,
expectedConfig: &plugin.ClientConfig{
HandshakeConfig: plugin.HandshakeConfig{
ProtocolVersion: 1,
MagicCookieKey: "magic_cookie_key",
MagicCookieValue: "magic_cookie_value",
},
VersionedPlugins: map[int]plugin.PluginSet{
1: plugin.PluginSet{
"bogus": nil,
},
},
Cmd: commandWithEnv(
"echo",
[]string{"foo", "bar"},
[]string{
"initial=true",
fmt.Sprintf("%s=%s", PluginVaultVersionEnv, version.GetVersion().Version),
fmt.Sprintf("%s=%t", PluginMetadataModeEnv, true),
},
),
SecureConfig: &plugin.SecureConfig{
Checksum: []byte("some_sha256"),
// Hash is generated
},
AllowedProtocols: []plugin.Protocol{
plugin.ProtocolNetRPC,
plugin.ProtocolGRPC,
},
Logger: hclog.NewNullLogger(),
AutoMTLS: true,
},
expectTLSConfig: false,
},
"not-metadata mode, AutoMTLS": {
rc: runConfig{
command: "echo",
args: []string{"foo", "bar"},
sha256: []byte("some_sha256"),
env: []string{"initial=true"},
pluginSets: map[int]plugin.PluginSet{
1: plugin.PluginSet{
"bogus": nil,
},
},
hs: plugin.HandshakeConfig{
ProtocolVersion: 1,
MagicCookieKey: "magic_cookie_key",
MagicCookieValue: "magic_cookie_value",
},
logger: hclog.NewNullLogger(),
isMetadataMode: false,
autoMTLS: true,
},
responseWrapInfoTimes: 0,
mlockEnabled: false,
mlockEnabledTimes: 1,
expectedConfig: &plugin.ClientConfig{
HandshakeConfig: plugin.HandshakeConfig{
ProtocolVersion: 1,
MagicCookieKey: "magic_cookie_key",
MagicCookieValue: "magic_cookie_value",
},
VersionedPlugins: map[int]plugin.PluginSet{
1: plugin.PluginSet{
"bogus": nil,
},
},
Cmd: commandWithEnv(
"echo",
[]string{"foo", "bar"},
[]string{
"initial=true",
fmt.Sprintf("%s=%s", PluginVaultVersionEnv, version.GetVersion().Version),
fmt.Sprintf("%s=%t", PluginMetadataModeEnv, false),
},
),
SecureConfig: &plugin.SecureConfig{
Checksum: []byte("some_sha256"),
// Hash is generated
},
AllowedProtocols: []plugin.Protocol{
plugin.ProtocolNetRPC,
plugin.ProtocolGRPC,
},
Logger: hclog.NewNullLogger(),
AutoMTLS: true,
},
expectTLSConfig: false,
},
} }
for name, test := range tests { for name, test := range tests {

1
vendor/github.com/hashicorp/vault/sdk/database/dbplugin/v5/plugin_client.go generated vendored
View File

@ -45,7 +45,6 @@ func NewPluginClient(ctx context.Context, sys pluginutil.RunnerUtil, pluginRunne
pluginutil.HandshakeConfig(handshakeConfig), pluginutil.HandshakeConfig(handshakeConfig),
pluginutil.Logger(logger), pluginutil.Logger(logger),
pluginutil.MetadataMode(isMetadataMode), pluginutil.MetadataMode(isMetadataMode),
pluginutil.AutoMTLS(false),
) )
if err != nil { if err != nil {
return nil, err return nil, err

11
vendor/github.com/hashicorp/vault/sdk/helper/pluginutil/run_config.go generated vendored
View File

@ -26,7 +26,6 @@ type runConfig struct {
hs plugin.HandshakeConfig hs plugin.HandshakeConfig
logger log.Logger logger log.Logger
isMetadataMode bool isMetadataMode bool
autoMTLS bool
} }
func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error) { func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error) {
@ -46,7 +45,7 @@ func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error
cmd.Env = append(cmd.Env, metadataEnv) cmd.Env = append(cmd.Env, metadataEnv)
var clientTLSConfig *tls.Config var clientTLSConfig *tls.Config
if !rc.autoMTLS && !rc.isMetadataMode { if !rc.isMetadataMode {
// Get a CA TLS Certificate // Get a CA TLS Certificate
certBytes, key, err := generateCert() certBytes, key, err := generateCert()
if err != nil { if err != nil {
@ -86,7 +85,7 @@ func (rc runConfig) makeConfig(ctx context.Context) (*plugin.ClientConfig, error
plugin.ProtocolNetRPC, plugin.ProtocolNetRPC,
plugin.ProtocolGRPC, plugin.ProtocolGRPC,
}, },
AutoMTLS: rc.autoMTLS, AutoMTLS: false,
} }
return clientConfig, nil return clientConfig, nil
} }
@ -139,12 +138,6 @@ func MetadataMode(isMetadataMode bool) RunOpt {
} }
} }
func AutoMTLS(autoMTLS bool) RunOpt {
return func(rc *runConfig) {
rc.autoMTLS = autoMTLS
}
}
func (r *PluginRunner) RunConfig(ctx context.Context, opts ...RunOpt) (*plugin.Client, error) { func (r *PluginRunner) RunConfig(ctx context.Context, opts ...RunOpt) (*plugin.Client, error) {
rc := runConfig{ rc := runConfig{
command: r.Command, command: r.Command,