Skip to content

Sync upstream patches#20

Merged
cipherboy merged 7 commits intoopenbao:mainfrom
cipherboy:sync-upstream-patches
Feb 13, 2025
Merged

Sync upstream patches#20
cipherboy merged 7 commits intoopenbao:mainfrom
cipherboy:sync-upstream-patches

Conversation

@cipherboy
Copy link
Member

@cipherboy cipherboy commented Feb 9, 2025
edited
Loading

This adds four patches from upstream which are still licensed under the MPL:

This required two changes:

  1. Fix the transit context cancellation test to use the container version we have.
  2. Add the ParsePaths(...) helper to the PKCS#11 library code.

Some new library imports were done at different versions.

@cipherboy cipherboy requested review from DanGhita and JanMa February 9, 2025 22:48
@cipherboy cipherboy force-pushed the sync-upstream-patches branch 3 times, most recently from fc60671 to 9580695 Compare February 9, 2025 22:54
JanMa
JanMa requested changes Feb 10, 2025
View reviewed changes
johanbrandhorst and others added 6 commits February 13, 2025 11:36
@johanbrandhorst @cipherboy
wrappers/transit: support context cancelation (hashicorp#259)
d95a37f 
This makes the transit client respect context cancelation,
which is a critical feature of any I/O API.

Original commit: 05c77e8
@sgmiller @cipherboy
Support parseutil.ParsePath for sensitive values in wrapper configs (h…
2facc1f 
…ashicorp#272) and Use ParsePaths to source sensitive wrapper config values from Env/File if desired (hashicorp#275)

* Add support for stdlib ParsePath to sensitive options

* wip

* wire up QuietParsePath to all remaining wrappers

* Add ParsePaths

* wip new pattern

* bug fixes

* remove unused

* unit test

* mod tidy

* remove unnecessary change

* remove unnecessary change

* Use the new parsepath options

* add missing errnoturl check

* Update to parsepath 0.1.9

* rollback wrapper changes until we have a tagged top level package

* Improve ParsePaths behavior in errors, and add a usage comment

Original commit: a1337fd

---

* Add support for stdlib ParsePath to sensitive options

* wip

* wire up QuietParsePath to all remaining wrappers

* Add ParsePaths

* wip new pattern

* bug fixes

* remove unused

* unit test

* mod tidy

* remove unnecessary change

* remove unnecessary change

* Use the new parsepath options

* add missing errnoturl check

* Update to parsepath 0.1.9

* update go.mods to point to a fixed tag for ParsePath

* go mod tidy

* pr feedback

Original commit: 9aac87b
@sgmiller @cipherboy
Facilitate use of User Managed Identities (hashicorp#277)
43fece5 
* wip

* tidy

Original commit: 0ea6bba
@sgmiller @cipherboy
Fix the fact that some GCP env vars are immune to disallowEnvVars (ha…
c93d1b5 
…shicorp#250)

Original commit: 24f9019
@cipherboy
Fix transit context cancellation test
f435ace 
Signed-off-by: Alexander Scheel <ascheel@gitlab.com>
@cipherboy
Add wrapping.ParsePaths(...) to pkcs11
78cc904 
Signed-off-by: Alexander Scheel <ascheel@gitlab.com>
@cipherboy cipherboy force-pushed the sync-upstream-patches branch from 9580695 to 78cc904 Compare February 13, 2025 17:36
@cipherboy
Bump openbao/api & openbao/sdk to latest versions
996c2b9 
Signed-off-by: Alexander Scheel <ascheel@gitlab.com>
@cipherboy cipherboy mentioned this pull request Feb 13, 2025
Closed
48 tasks
@cipherboy cipherboy merged commit c6047d9 into openbao:main Feb 13, 2025
15 checks passed
tomek-securosys added a commit to securosys-com/go-kms-wrapping that referenced this pull request Oct 28, 2025
@tomek-securosys @johanbrandhorst
Sync upstream patches (openbao#20)
e28b0c6 
* wrappers/transit: support context cancelation (#259)

This makes the transit client respect context cancelation,
which is a critical feature of any I/O API.

Original commit: 05c77e8

* Support parseutil.ParsePath for sensitive values in wrapper configs (#272) and Use ParsePaths to source sensitive wrapper config values from Env/File if desired (#275)

* Add support for stdlib ParsePath to sensitive options

* wip

* wire up QuietParsePath to all remaining wrappers

* Add ParsePaths

* wip new pattern

* bug fixes

* remove unused

* unit test

* mod tidy

* remove unnecessary change

* remove unnecessary change

* Use the new parsepath options

* add missing errnoturl check

* Update to parsepath 0.1.9

* rollback wrapper changes until we have a tagged top level package

* Improve ParsePaths behavior in errors, and add a usage comment

Original commit: a1337fd

---

* Add support for stdlib ParsePath to sensitive options

* wip

* wire up QuietParsePath to all remaining wrappers

* Add ParsePaths

* wip new pattern

* bug fixes

* remove unused

* unit test

* mod tidy

* remove unnecessary change

* remove unnecessary change

* Use the new parsepath options

* add missing errnoturl check

* Update to parsepath 0.1.9

* update go.mods to point to a fixed tag for ParsePath

* go mod tidy

* pr feedback

Original commit: 9aac87b

* Facilitate use of User Managed Identities (#277)

* wip

* tidy

Original commit: 0ea6bba

* Fix the fact that some GCP env vars are immune to disallowEnvVars (#250)

Original commit: 24f9019

* Fix transit context cancellation test


* Add wrapping.ParsePaths(...) to pkcs11


* Bump openbao/api & openbao/sdk to latest versions


---------

Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>
Signed-off-by: Tomasz Madej <tomasz.madej@securosys.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JanMa JanMa JanMa approved these changes

@DanGhita DanGhita Awaiting requested review from DanGhita

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cipherboy @JanMa @johanbrandhorst @sgmiller