scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 02:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Chroot Listener (#22304)

Browse Source 
* Initial oss-patch apply

* Added changelog

* Renamed changelog txt

* Added the imports to the handler file

* Added a check that no two ports are the same, and modified changelog

* Edited go sum entry

* Tidy up using go mod

* Use strutil instead

* Revert go sum and go mod

* Revert sdk go sum

* Edited go.sum to before

* Edited go.sum again to initial

* Revert changes
This commit is contained in:
divyaac
2023-08-14 12:35:34 -07:00
committed by GitHub
parent 951f1fef1b
commit d5b29f697a
12 changed files with 146 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
internalshared/configutil/listener.go
View File

@@ -19,6 +19,7 @@ import (
"github.com/hashicorp/go-sockaddr/template"
"github.com/hashicorp/hcl"
"github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/helper/namespace"
)
type ListenerTelemetry struct {
@@ -118,6 +119,10 @@ type Listener struct {
// Custom Http response headers
CustomResponseHeaders map[string]map[string]string `hcl:"-"`
CustomResponseHeadersRaw interface{} `hcl:"custom_response_headers"`
// ChrootNamespace will prepend the specified namespace to requests
ChrootNamespaceRaw interface{} `hcl:"chroot_namespace"`
ChrootNamespace string `hcl:"-"`
}
// AgentAPI allows users to select which parts of the Agent API they want enabled.
@@ -201,7 +206,6 @@ func ParseListeners(result *SharedConfig, list *ast.ObjectList) error {
return multierror.Prefix(fmt.Errorf("unsupported listener role %q", l.Role), fmt.Sprintf("listeners.%d:", i))
}
}
// Request Parameters
{
if l.MaxRequestSizeRaw != nil {
@@ -423,6 +427,20 @@ func ParseListeners(result *SharedConfig, list *ast.ObjectList) error {
}
result.Listeners = append(result.Listeners, &l)
// Chroot Namespace
{
// If a valid ChrootNamespace value exists, then canonicalize the namespace value
if l.ChrootNamespaceRaw != nil {
if l.ChrootNamespace, err = parseutil.ParseString(l.ChrootNamespaceRaw); err != nil {
return multierror.Prefix(fmt.Errorf("invalid value for chroot_namespace: %w", err), fmt.Sprintf("listeners.%d", i))
} else {
l.ChrootNamespace = namespace.Canonicalize(l.ChrootNamespace)
}
l.ChrootNamespaceRaw = nil
}
}
}
return nil