Affected by GO-2022-0618 and 17 other vulnerabilities

GO-2022-0618: Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault

GO-2022-0632: Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault in github.com/hashicorp/vault

GO-2023-1708: HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault

GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault

GO-2023-1897: HashiCorp Vault's revocation list not respected in github.com/hashicorp/vault

GO-2023-1900: Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault

GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

GO-2023-2088: Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault

GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

GO-2025-3663: Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information in github.com/hashicorp/vault

GO-2025-3836: Hashicorp Vault has Incorrect Validation for Non-CA Certificates in github.com/hashicorp/vault

GO-2025-3839: Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault

GO-2025-3841: Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse in github.com/hashicorp/vault

GO-2025-3848: HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault

GO-2025-3924: HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads in github.com/hashicorp/vault

server

package

v0.6.0-beta1 Latest Latest Go to latest Published: May 23, 2016 License: MPL-2.0 Imports: 16 Imported by: 123

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/vault

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Backend
- func (b *Backend) GoString() string
type Config
- func (c *Config) Merge(c2 *Config) *Config
type Listener
- func (l *Listener) GoString() string
type ListenerFactory
type ReloadFunc
- func NewListener(t string, config map[string]string) (net.Listener, map[string]string, ReloadFunc, error)
type Telemetry
- func (s *Telemetry) GoString() string

Constants ¶

This section is empty.

Variables ¶

View Source

var BuiltinListeners = map[string]ListenerFactory{
	"tcp": tcpListenerFactory,
}

BuiltinListeners is the list of built-in listener types.

Functions ¶

This section is empty.

Types ¶

type Backend ¶

type Backend struct {
	Type          string
	AdvertiseAddr string
	Config        map[string]string
}

Backend is the backend configuration for the server.

func (*Backend) GoString ¶

func (b *Backend) GoString() string

type Config ¶

type Config struct {
	Listeners []*Listener `hcl:"-"`
	Backend   *Backend    `hcl:"-"`
	HABackend *Backend    `hcl:"-"`

	DisableCache bool `hcl:"disable_cache"`
	DisableMlock bool `hcl:"disable_mlock"`

	Telemetry *Telemetry `hcl:"telemetry"`

	MaxLeaseTTL        time.Duration `hcl:"-"`
	MaxLeaseTTLRaw     string        `hcl:"max_lease_ttl"`
	DefaultLeaseTTL    time.Duration `hcl:"-"`
	DefaultLeaseTTLRaw string        `hcl:"default_lease_ttl"`
}

Config is the configuration for the vault server.

func DevConfig ¶

func DevConfig() *Config

DevConfig is a Config that is used for dev mode of Vault.

func LoadConfig ¶

func LoadConfig(path string) (*Config, error)

LoadConfig loads the configuration at the given path, regardless if its a file or directory.

func LoadConfigDir ¶

func LoadConfigDir(dir string) (*Config, error)

LoadConfigDir loads all the configurations in the given directory in alphabetical order.

func LoadConfigFile ¶

func LoadConfigFile(path string) (*Config, error)

LoadConfigFile loads the configuration from the given file.

func ParseConfig ¶ added in v0.5.2

func ParseConfig(d string) (*Config, error)

func (*Config) Merge ¶

func (c *Config) Merge(c2 *Config) *Config

Merge merges two configurations.

type Listener ¶

type Listener struct {
	Type   string
	Config map[string]string
}

Listener is the listener configuration for the server.

func (*Listener) GoString ¶

func (l *Listener) GoString() string

type ListenerFactory ¶

type ListenerFactory func(map[string]string) (net.Listener, map[string]string, ReloadFunc, error)

ListenerFactory is the factory function to create a listener.

type ReloadFunc ¶ added in v0.5.2

type ReloadFunc func(map[string]string) error

ReloadFunc are functions that are called when a reload is requested.

func NewListener ¶

func NewListener(t string, config map[string]string) (net.Listener, map[string]string, ReloadFunc, error)

NewListener creates a new listener of the given type with the given configuration. The type is looked up in the BuiltinListeners map.

type Telemetry ¶ added in v0.3.0

type Telemetry struct {
	StatsiteAddr string `hcl:"statsite_address"`
	StatsdAddr   string `hcl:"statsd_address"`

	DisableHostname bool `hcl:"disable_hostname"`
}

Telemetry is the telemetry configuration for the server

func (*Telemetry) GoString ¶ added in v0.3.0

func (s *Telemetry) GoString() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL