Christopher Swenson 816036b8d5

VAULT-5935 agent: redact renew-self if using auto auth (#15380) ...

Vault agent redacts the token and accessor for `/auth/token/lookup-self` (and `lookup`)
if the token is the auto auth token to prevent it from leaking.

Similarly, we need to redact the token and accessor from `renew-self`
and `renew`, which also leak the token and accessor.

I tested this locally by starting up a Vault agent and querying the
agent endpoints, and ensuring that the accessor and token were set to
the empty string in the response.

2022-05-12 09:25:55 -07:00

..

cacheboltdb

agent/cache: Store leases in-order in persistent cache so that restore respects dependencies (#12843)

2021-10-27 11:36:48 +01:00

cachememdb

Run a more strict formatter over the code (#11312)

2021-04-08 09:43:39 -07:00

keymanager

Run a more strict formatter over the code (#11312)

2021-04-08 09:43:39 -07:00

api_proxy_test.go

[VAULT-3157] Move mergeStates utils from Agent to api module (#12731)

2021-10-06 10:57:06 -07:00

api_proxy.go

[VAULT-3157] Move mergeStates utils from Agent to api module (#12731)

2021-10-06 10:57:06 -07:00

cache_test.go

VAULT-5935 agent: redact renew-self if using auto auth (#15380)

2022-05-12 09:25:55 -07:00

handler.go

VAULT-5935 agent: redact renew-self if using auto auth (#15380)

2022-05-12 09:25:55 -07:00

lease_cache_test.go

ensure errors are checked (#12989)

2021-11-01 13:34:51 -05:00

lease_cache.go

VAULT-5935 agent: redact renew-self if using auto auth (#15380)

2022-05-12 09:25:55 -07:00

listener.go

Run a more strict formatter over the code (#11312)

2021-04-08 09:43:39 -07:00

proxy.go

Agent auto auth wrapping new config checks (#6479)

2019-04-05 16:12:54 -04:00

testing.go

agent: add an inflight cache better concurrent request handling (#10705)

2021-01-26 12:09:37 -08:00