Don't assume that the creator of the order wants the delegations.
Instead it's much nicer with our current scheme to take in a big
slice of people who want delegations, so that each person who ne
eds a delegation doesn't need to make an order.
Supports MSP and requires several arguments to add hipchat integration to
red october. RedOctober will then alert on creation of an order, any new
delegation, or several other states.
The keycache does not remove active delegations when uses drops to zero;
rather it only removes these when Refresh is called.
So Valid returns true even if the user's delegation has expired,
so fullMatch is not set to false in unwrapKey,
so DecryptKey fails since the keycache refreshes and finds the delegation has expired,
so tmpKeyValue is left empty and decryptErr is set.
Since decryptErr is only used to break out of the inner loop, and
fullMatch wasn't set to false, no error is returned from unwrapKey.
So aesKey in DecryptKey is an empty string, causing an error when
passed to aes.NewCipher.
This commit actively removes a delegation from the keycache when it
is used for the last time, and properly handles errors thrown by
DecryptKey in unwrapKey.
The "minimum" parameter was ignored, so when a single user
was provided as an owner, the encrypted data had no KeySet value
and could not be decrypted.
This change fixes the API and cryptor to pay attention to the Minimum
parameter and handle the case where Minimum is 1
The idea is to create a new type (to avoid ugly string parsing) and
then, instead of iterating through delegations with the username, iterate
through the delegations and look for your username and matching slot. Also
in cases we don't have the slot (everything but delegation), find the slot
when we match a user.
This fixes a bug introduced by the new socket activation/systemd-brokered listening whereby Red October speaks HTTP rather than HTTPS over that socket.
This allows a single Red October instance to have multiple names,
which is useful for load-balancing across multiple instances (e.g.,
one can have a fleet of instances (ro1, ro2, ...) and also a logical
name (redoctober.example.com) and have working access via both names
thanks to the magic of SNI.
