Commit Graph

22 Commits

Author SHA1 Message Date
Wilmer Paulino
856500dc43 macaroons: ensure path for macaroon DB exists
Co-Authored-By: Karl Ranna <karl@karlranna.com>
2018-08-23 18:05:00 -07:00
Conner Fromknecht
8beeeb1944
macaroons/constraints_test: remove extraneous semicolon 2018-08-02 18:20:50 -07:00
Conner Fromknecht
1ded697e8d
multi: sort import paths with gofmt 2018-08-02 18:20:49 -07:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
Wilmer Paulino
fc6505a0ff
macaroons: export db filename 2018-05-31 17:23:59 -07:00
Oliver Gugger
f22b0ccdbc macaroons: fix incorrect comparison in isRegistered, wrap long lines 2018-05-18 10:14:06 +02:00
Oliver Gugger
3eff9804ee macaroons: add technical documentation, fix comments 2018-05-18 10:13:25 +02:00
Oliver Gugger
8e4e2bd889 macaroons: add tests for service and constraints 2018-05-18 10:08:05 +02:00
whythat
04f4dbe639 macaroons: add utilities for constraint tests 2018-05-18 10:08:05 +02:00
whythat
a2f900ec2d macaroons: add constraints unit tests 2018-05-18 10:08:05 +02:00
Matt Drollette
92eebff64e macaroons: don't zero mem if never unlocked 2018-03-18 16:09:54 -07:00
Olaoluwa Osuntokun
800eea931f
build+multi: switch from bolt to bbolt
In this commit, we switch from boltbd/bolt to coreos/bbolt as the
former is no longer being actively maintained.
2018-03-10 19:01:13 -08:00
Alex
de6efbd1a1 multi: macaroon root key encryption 2018-02-05 21:44:06 -08:00
Alex
21c29c33d7 multi: upgrade macaroons to v2, replace per-method auth with interceptors
This commit reworks the macaroon authentication framework to use the
v2 macaroon format and bakery API. It also replaces the code in each
RPC method which calls the macaroon verifier with interceptors which
call the macaroon verifier instead. In addition, the operation
permissions are reworked to fit the new format of "allow" commands
(specifically, entity/operation permissions instead of method
permissions).
2018-01-31 17:14:49 -08:00
whythat
1379488e72 macaroons: rename PermissionsConstraint to AllowConstraint 2017-09-19 16:46:20 -07:00
whythat
7df503575c macaroons: add error reporting for macaroon constraints 2017-09-19 16:46:20 -07:00
whythat
679e86174f macaroons: add IP lock macaroon constraint 2017-09-19 16:46:20 -07:00
whythat
a6b9155150 macaroons: use constraint layer for macaroon tweaking 2017-09-19 16:46:20 -07:00
whythat
5c3493bd30 macaroons: add constraint/checker options layer 2017-09-19 16:46:20 -07:00
Olaoluwa Osuntokun
6e3abdfd14
macaroons: ensure all bytes read from db are copied before returning
This commit is a precautionary commit put in place in order to ensure
that the logic of macaroon retrieval doesn’t run into a bug triggered
by returning a reference into bolt’s active memory map. This can arise
if one returns a pointer directly read from the database. We seek to
avoid this by instead ensuring all byte slices are fully copied before
returning.
2017-08-23 11:34:43 -07:00
Olaoluwa Osuntokun
bb59a6e6e9
macaroons: expand doc strings and comments within package 2017-08-22 00:52:48 -07:00
Alex
662731e719 macaroons: add macaroons package and update glide 2017-08-17 19:20:41 -07:00