Commit 6f8424ad38
added an public function so we can import redoctober's NewServer
function in external test packages to create an RO server without having
to actually install the binary in test environments.
This used to work until 0f06d0a051,
which makes it impossible to import main package in external packages.
This change moves `NewServer` and its related code to a non-main
package so other packages can still import it in tests or any other
places.
Signed-off-by: Daniel Dao <dqminh89@gmail.com>
The diff for this is a bit ugly due to indentation changes, but
essentially each navbar tag that exists, was converted into a tab. From
there, only one tab is shown at a time- this makes navigation generally
suck less, and is visually less painful.
In parallel, the markup for each tab was adjusted to be more consistent.
This commit adds basic sentry reporting. If enabled by setting the
appropriate configuration value, it will report panics and errors.
Certain functions in the core package (Delegate, Encrypt, Decrypt,
Restore, and ResetPersisted) have additional Sentry reporting as
these are the most common errors.
+ If a valid hipchat configuration is provided, send a message when
Red October has restarted.
+ If persistence is inactive, alert the channel that this is the case.
+ Add a lock to the keycache.
+ Ensure that all instantiations of keycaches use New, rather
than the old keycache.Cache{make()} construct. This no longer
works with the lock in place.
+ Update travis to run the race detector on a few specific packages
that should help identify this type of problem in the future.
* disable endless retry logic
- we should do the retry logic at application cmd/ro, cmd/ro will need to
deal with keyboard interrupts as well
* update test self-signed certificate with a expiry of 100 years
* ro tool supports retries after getting delegation errors
* make docker: build a docker image for redoctober
* add a convenient entrypoint to generate certificates out of the box
* add detection based on RO_CERTS and RO_KEYS
instead of detection based on the presence of RO_DATA, add RO_CERTS and RO_KEYS
which are paths to the ceritificates and keys so we can generate them more
effectively.
Signed-off-by: Daniel Dao <dqminh@cloudflare.com>
* dockerfile: bump golang to 1.7.1
When delegating to a group of users, Red October will return the
error "User not found" if the user can't be found. This makes it
difficult to figure out the user that couldn't be found. This change
goes through the list of users and includes all usernames that
couldn't be found in the error message.
This change addresses several points:
1. The integration tests didn't verify that delegations could be used
for decryption following a restore. The integration tests now
verify this.
2. There was no functionality for clearing persisted delegations if
needed. The vault admin can now do this via the command line tool.
3. Restoring active delegations wasn't storing the key with the
delegation. Keys are now serialised properly.
4. [Minor] The MSP package now reports the name of the offending user
when it can't find a user name in the database.
+ Add the relevant parts to the command line tool and the client
package.
+ Small improvements to cryptor's restore function:
+ Don't try to restore if the store is already active.
+ Flush the persistence key cache once the restoration occurs.
+ The redoctober program now explicitly mentions that a config file is
invalid when that's the case.
+ Add a new restore UI box. When a user delegates successfully for a
restoration, the current restoration state is returned.
+ Add the persistence state to the summary output.
+ Rename "ordernum" to "slot": this is a longstanding complaint about
the UI, and I fixed it while I was mucking about with this PR.
+ persistLabels moved from cryptor to persist package global.
+ Restore now explicitly checks for the case where there aren't enough
shares to return `ErrRestoreDelegations`.
+ The users responsible for restoring the cache are now logged.
This is a rather large change. It consists of the following changes:
+ Direct access to the keycache has been removed from the core
package. This forces all interaction with the cache to go
through the Cryptor, which is required for persistence. The
Cryptor needs to know when the cache has changed, and the only
way to do this effectively is to make the Cryptor responsible
for managing the keycache.
+ A new persist package has been added. This provides a Store
interface, for which two implementations are provided. The
first is a null persister: this is used when no persistence
is configured. The second is a file-backed persistence store.
+ The Cryptor now persists the cache every time it changes.
Additionally, a number of missing returns in a function in the core
package have been added.
This simplifies our deployment process, allowing us to use existing
configuration management tools designed for templating command-line
parameters to template the config files in a straightforward manner.
This pull request adds a status endpoint to the Red October server; as
of this pull request, the status endpoint only returns the current
delegation persistence state. The HTTP UI has not been updated, as
this is scoped out for a future request; however, the CLI utility now
features a status command to fetch this information.
