2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00
Commit Graph

14 Commits

Author SHA1 Message Date
Jarrod Johnson
301ed7a798 Fix mistake in b64e invocation 2022-03-10 09:15:26 -05:00
Jarrod Johnson
b42e2e4932 Change to b64 output for hmac
base64 utility is not always available, so natively
use base64 format for hmac output.
2022-03-10 09:00:54 -05:00
Jarrod Johnson
61d037ae31 Combine genpasshmac with clortho
This permits saving on addons size by using the same
binary for both networked api grant and hmac api
grant.
2022-03-09 13:36:47 -05:00
Jarrod Johnson
0abe978bd9 Implement hmac of apikey
For routed deployment, we have to preshare some information.

Additionally, the API arm mechanism gets too open ended.

Add support for using a shared secret over another
channel to do HMAC of a key to authenticate peer,
which has an alternate api arming mechanism
that is hardened.
2022-03-08 14:46:00 -05:00
Jarrod Johnson
b463a53146 Cleanup per coverity
Fix a number of concerns that coverity reports
2022-02-17 17:05:00 -05:00
Jarrod Johnson
1645d47b73 Fix clortho
The suggested correection for clortho was in fact
incorrect.  Revert back and cast it.
2021-06-04 17:19:19 -04:00
Jarrod Johnson
e0c59cc341 Fixup c utilities and add start_root
The diskless will use start_root to boot the 'main' OS as a container.
2021-06-03 17:06:10 -04:00
Jarrod Johnson
917a51a406 Error if bind to privileged port fails 2021-04-28 08:37:23 -04:00
Jarrod Johnson
1ecef6f251 Be a bit paranoid about string boundary 2020-11-06 13:57:35 -05:00
Jarrod Johnson
31c2c5f6f7 Fix errors in the TPM2 support 2020-11-06 13:38:37 -05:00
Jarrod Johnson
f7e7d05729 Add TPM2 support to node api key handling
This is an optional capability that image payloads may use
to use the TPM2 to protect an apikey as an alternative to
arming a weak authentication invocation
2020-11-06 10:00:36 -05:00
Jarrod Johnson
785d8a7c1c Fix a couple of problems
In RHV, tmux was unable to attach because of TMUX variable.
Unset it to allow tmux to work normally.

Clortho didn't specify family, which worked in linux but not
in ESXi.
2020-06-19 10:24:51 -04:00
Jarrod Johnson
e4a4bdf317 Fix clortho mistake
In attempting to correct clortho,
a mistake was made in the printf
formats.
2020-05-04 17:27:22 -04:00
Jarrod Johnson
efe936a93d Further build process for confluent_osdeploy 2020-05-04 15:45:35 -04:00