* disable endless retry logic
- we should do the retry logic at application cmd/ro, cmd/ro will need to
deal with keyboard interrupts as well
* update test self-signed certificate with a expiry of 100 years
* ro tool supports retries after getting delegation errors
* make docker: build a docker image for redoctober
* add a convenient entrypoint to generate certificates out of the box
* add detection based on RO_CERTS and RO_KEYS
instead of detection based on the presence of RO_DATA, add RO_CERTS and RO_KEYS
which are paths to the ceritificates and keys so we can generate them more
effectively.
Signed-off-by: Daniel Dao <dqminh@cloudflare.com>
* dockerfile: bump golang to 1.7.1
When delegating to a group of users, Red October will return the
error "User not found" if the user can't be found. This makes it
difficult to figure out the user that couldn't be found. This change
goes through the list of users and includes all usernames that
couldn't be found in the error message.
This change addresses several points:
1. The integration tests didn't verify that delegations could be used
for decryption following a restore. The integration tests now
verify this.
2. There was no functionality for clearing persisted delegations if
needed. The vault admin can now do this via the command line tool.
3. Restoring active delegations wasn't storing the key with the
delegation. Keys are now serialised properly.
4. [Minor] The MSP package now reports the name of the offending user
when it can't find a user name in the database.
+ Add the relevant parts to the command line tool and the client
package.
+ Small improvements to cryptor's restore function:
+ Don't try to restore if the store is already active.
+ Flush the persistence key cache once the restoration occurs.
+ The redoctober program now explicitly mentions that a config file is
invalid when that's the case.
+ Add a new restore UI box. When a user delegates successfully for a
restoration, the current restoration state is returned.
+ Add the persistence state to the summary output.
+ Rename "ordernum" to "slot": this is a longstanding complaint about
the UI, and I fixed it while I was mucking about with this PR.
+ persistLabels moved from cryptor to persist package global.
+ Restore now explicitly checks for the case where there aren't enough
shares to return `ErrRestoreDelegations`.
+ The users responsible for restoring the cache are now logged.
This is a rather large change. It consists of the following changes:
+ Direct access to the keycache has been removed from the core
package. This forces all interaction with the cache to go
through the Cryptor, which is required for persistence. The
Cryptor needs to know when the cache has changed, and the only
way to do this effectively is to make the Cryptor responsible
for managing the keycache.
+ A new persist package has been added. This provides a Store
interface, for which two implementations are provided. The
first is a null persister: this is used when no persistence
is configured. The second is a file-backed persistence store.
+ The Cryptor now persists the cache every time it changes.
Additionally, a number of missing returns in a function in the core
package have been added.
This simplifies our deployment process, allowing us to use existing
configuration management tools designed for templating command-line
parameters to template the config files in a straightforward manner.
This pull request adds a status endpoint to the Red October server; as
of this pull request, the status endpoint only returns the current
delegation persistence state. The HTTP UI has not been updated, as
this is scoped out for a future request; however, the CLI utility now
features a status command to fetch this information.
