Merge pull request #127 from arangodb/vendor-update

Updated go-certificates & go-driver to latest versions

Author: ewoutp

deps/github.com/arangodb-helper/go-certificates/cli/certificates.go

@@ -43,6 +43,9 @@ const (
 	// Client authentication valid for defaults
 	defaultClientAuthValidFor   = time.Hour * 24 * 365 * 1  // 1 years
 	defaultClientAuthCAValidFor = time.Hour * 24 * 365 * 15 // 15 years
+	// TLS curve defaults
+	defaultTLSCurve        = "P256"
+	defaultClientAuthCurve = "P521"
 )
 
 var (
@@ -148,11 +151,11 @@ type createCAOptions struct {
 	ecdsaCurve string
 }
 
-func (o *createCAOptions) ConfigureFlags(f *pflag.FlagSet, defaultFName string, defaultValidFor time.Duration) {
+func (o *createCAOptions) ConfigureFlags(f *pflag.FlagSet, defaultFName string, defaultValidFor time.Duration, defaultCurve string) {
 	f.StringVar(&o.certFile, "cert", defaultFName+".crt", "Filename of the generated CA certificate")
 	f.StringVar(&o.keyFile, "key", defaultFName+".key", "Filename of the generated CA private key")
 	f.DurationVar(&o.validFor, "validfor", defaultValidFor, "Lifetime of the certificate until expiration")
-	f.StringVar(&o.ecdsaCurve, "curve", "P521", "ECDSA curve used for private key")
+	f.StringVar(&o.ecdsaCurve, "curve", defaultCurve, "ECDSA curve used for private key")
 }
 
 func (o *createCAOptions) CreateCA() {
@@ -184,13 +187,13 @@ type createCertificateBaseOptions struct {
 	ecdsaCurve     string
 }
 
-func (o *createCertificateBaseOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration) {
+func (o *createCertificateBaseOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration, defaultCurve string) {
 	f.StringVar(&o.caCertFile, "cacert", defaultCAFName+".crt", "File containing TLS CA certificate")
 	f.StringVar(&o.caKeyFile, "cakey", defaultCAFName+".key", "File containing TLS CA private key")
 	f.StringSliceVar(&o.hosts, "host", nil, "Host name to include in the certificate")
 	f.StringSliceVar(&o.emailAddresses, "email", nil, "Email address to include in the certificate")
 	f.DurationVar(&o.validFor, "validfor", defaultValidFor, "Lifetime of the certificate until expiration")
-	f.StringVar(&o.ecdsaCurve, "curve", "P521", "ECDSA curve used for private key")
+	f.StringVar(&o.ecdsaCurve, "curve", defaultCurve, "ECDSA curve used for private key")
 }
 
 // Create a certificate from given options.
@@ -206,8 +209,8 @@ func (o *createCertificateBaseOptions) CreateCertificate(isClientAuth bool) (str
 
 	// Create certificate
 	options := certificates.CreateCertificateOptions{
-		Hosts:          o.hosts,
-		EmailAddresses: o.emailAddresses,
+		Hosts:          removeEmptyStrings(o.hosts),
+		EmailAddresses: removeEmptyStrings(o.emailAddresses),
 		ValidFor:       o.validFor,
 		ECDSACurve:     o.ecdsaCurve,
 		IsClientAuth:   isClientAuth,
@@ -225,8 +228,8 @@ type createKeyFileOptions struct {
 	keyFile string
 }
 
-func (o *createKeyFileOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration) {
-	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor)
+func (o *createKeyFileOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration, defaultCurve string) {
+	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor, defaultCurve)
 	f.StringVar(&o.keyFile, "keyfile", defaultFName+".keyfile", "Filename of keyfile to generate")
 }
 
@@ -247,8 +250,8 @@ type createCertificateOptions struct {
 	keyFile  string
 }
 
-func (o *createCertificateOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration) {
-	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor)
+func (o *createCertificateOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration, defaultCurve string) {
+	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor, defaultCurve)
 	f.StringVar(&o.certFile, "cert", defaultFName+".crt", "Filename of the generated certificate")
 	f.StringVar(&o.keyFile, "key", defaultFName+".key", "Filename of the generated private key")
 }
@@ -272,8 +275,8 @@ type createKeystoreOptions struct {
 	alias            string
 }
 
-func (o *createKeystoreOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration) {
-	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor)
+func (o *createKeystoreOptions) ConfigureFlags(f *pflag.FlagSet, defaultCAFName, defaultFName string, defaultValidFor time.Duration, defaultCurve string) {
+	o.createCertificateBaseOptions.ConfigureFlags(f, defaultCAFName, defaultFName, defaultValidFor, defaultCurve)
 	f.StringVar(&o.keystoreFile, "keystore", defaultFName+".jks", "Filename of the generated keystore")
 	f.StringVar(&o.keystorePassword, "keystore-password", "", "Password of the generated keystore")
 	f.StringVar(&o.alias, "alias", "", "Aliases use to store the certificate under in the keystore")
@@ -317,12 +320,12 @@ func AddCommands(cmd *cobra.Command, logFatalFunc func(error, string), showUsage
 	cmdCreateClientAuth.AddCommand(cmdCreateClientAuthKeyFile)
 
 	createOptions.jwtsecret.ConfigureFlags(cmdCreateJWTSecret.Flags())
-	createOptions.tls.ca.ConfigureFlags(cmdCreateTLSCA.Flags(), "tls-ca", defaultTLSCAValidFor)
-	createOptions.tls.keyFile.ConfigureFlags(cmdCreateTLSKeyFile.Flags(), "tls-ca", "tls", defaultTLSValidFor)
-	createOptions.tls.certificate.ConfigureFlags(cmdCreateTLSCertificate.Flags(), "tls-ca", "tls", defaultTLSValidFor)
-	createOptions.tls.keystore.ConfigureFlags(cmdCreateTLSKeystore.Flags(), "tls-ca", "tls", defaultTLSValidFor)
-	createOptions.clientAuth.ca.ConfigureFlags(cmdCreateClientAuthCA.Flags(), "client-auth-ca", defaultClientAuthCAValidFor)
-	createOptions.clientAuth.keyFile.ConfigureFlags(cmdCreateClientAuthKeyFile.Flags(), "client-auth-ca", "client-auth", defaultClientAuthValidFor)
+	createOptions.tls.ca.ConfigureFlags(cmdCreateTLSCA.Flags(), "tls-ca", defaultTLSCAValidFor, defaultTLSCurve)
+	createOptions.tls.keyFile.ConfigureFlags(cmdCreateTLSKeyFile.Flags(), "tls-ca", "tls", defaultTLSValidFor, defaultTLSCurve)
+	createOptions.tls.certificate.ConfigureFlags(cmdCreateTLSCertificate.Flags(), "tls-ca", "tls", defaultTLSValidFor, defaultTLSCurve)
+	createOptions.tls.keystore.ConfigureFlags(cmdCreateTLSKeystore.Flags(), "tls-ca", "tls", defaultTLSValidFor, defaultTLSCurve)
+	createOptions.clientAuth.ca.ConfigureFlags(cmdCreateClientAuthCA.Flags(), "client-auth-ca", defaultClientAuthCAValidFor, defaultClientAuthCurve)
+	createOptions.clientAuth.keyFile.ConfigureFlags(cmdCreateClientAuthKeyFile.Flags(), "client-auth-ca", "client-auth", defaultClientAuthValidFor, defaultClientAuthCurve)
 }
 
 // Cobra run function using the usage of the given command
@@ -401,3 +404,14 @@ func mustReadFile(filename string, flagName string) string {
 	}
 	return string(content)
 }
+
+// removeEmptyStrings returns the given slice without all empty entries removed.
+func removeEmptyStrings(slice []string) []string {
+	result := make([]string, 0, len(slice))
+	for _, x := range slice {
+		if x != "" {
+			result = append(result, x)
+		}
+	}
+	return result
+}

deps/github.com/arangodb-helper/go-certificates/create.go

@@ -44,6 +44,7 @@ const (
 )
 
 type CreateCertificateOptions struct {
+	Subject        *pkix.Name    // If set, this name is used for the subject of the certificate and CommonName is ignored.
 	CommonName     string        // Common name set in the certificate. If not specified, defaults to first email address, then first host and if all not set 'ArangoDB'.
 	Hosts          []string      // Comma-separated hostnames and IPs to generate a certificate for
 	EmailAddresses []string      // List of email address to include in the certificate as alternative name
@@ -101,14 +102,18 @@ func CreateCertificate(options CreateCertificateOptions, ca *CA) (string, string
 	} else if len(options.Hosts) > 0 {
 		commonName = options.Hosts[0]
 	}
+	var subject pkix.Name
+	if options.Subject != nil {
+		subject = *options.Subject
+	} else {
+		subject.CommonName = commonName
+		subject.Organization = []string{"ArangoDB"}
+	}
 	template := x509.Certificate{
 		SerialNumber: serialNumber,
-		Subject: pkix.Name{
-			CommonName:   commonName,
-			Organization: []string{"ArangoDB"},
-		},
-		NotBefore: notBefore,
-		NotAfter:  notAfter,
+		Subject:      subject,
+		NotBefore:    notBefore,
+		NotAfter:     notAfter,
 
 		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageAny},

deps/github.com/arangodb/go-driver/.travis.yml

@@ -7,7 +7,7 @@ language: go
 
 env:
   - TEST_SUITE=run-tests-http
-  - TEST_SUITE=run-tests-single ARANGODB=arangodb:3.1
+  - TEST_SUITE=run-tests-single ARANGODB=arangodb:3.2
   - TEST_SUITE=run-tests-single ARANGODB=arangodb/arangodb:latest
   - TEST_SUITE=run-tests-single ARANGODB=arangodb/arangodb-preview:latest
 

deps/github.com/arangodb/go-driver/Makefile

@@ -3,7 +3,7 @@ SCRIPTDIR := $(shell pwd)
 ROOTDIR := $(shell cd $(SCRIPTDIR) && pwd)
 
 GOBUILDDIR := $(SCRIPTDIR)/.gobuild
-GOVERSION := 1.9.2-alpine
+GOVERSION := 1.10.1-alpine
 TMPDIR := $(GOBUILDDIR)
 
 ifndef ARANGODB
@@ -292,6 +292,7 @@ __test_go_test:
 		--net=$(TEST_NET) \
 		-v $(ROOTDIR):/usr/code \
 		-e GOPATH=/usr/code/.gobuild \
+		-e GOCACHE=off \
 		-e TEST_ENDPOINTS=$(TEST_ENDPOINTS) \
 		-e TEST_AUTHENTICATION=$(TEST_AUTHENTICATION) \
 		-e TEST_CONNECTION=$(TEST_CONNECTION) \

deps/github.com/arangodb/go-driver/agency/agency_connection.go

@@ -143,11 +143,13 @@ func (c *agencyConnection) doOnce(ctx context.Context, req driver.Request) (driv
 			epReq := req.Clone()
 			result, err := epConn.Do(ctx, epReq)
 			if err == nil {
-				// Success
-				results <- result
-				// Cancel all other requests
-				cancel()
-				return
+				if err = isSuccess(result); err == nil {
+					// Success
+					results <- result
+					// Cancel all other requests
+					cancel()
+					return
+				}
 			}
 			// Check error
 			if statusCode, ok := isArangoError(err); ok {
@@ -160,6 +162,10 @@ func (c *agencyConnection) doOnce(ctx context.Context, req driver.Request) (driv
 					return
 				}
 			}
+			// No permanent error. Are we the only endpoint?
+			if len(connections) == 1 {
+				errors <- driver.WithStack(err)
+			}
 			// No permanent error, try next agent
 		}(epConn)
 	}
@@ -180,6 +186,20 @@ func (c *agencyConnection) doOnce(ctx context.Context, req driver.Request) (driv
 	return nil, false, driver.WithStack(fmt.Errorf("All %d servers responded with temporary failure", len(connections)))
 }
 
+func isSuccess(resp driver.Response) error {
+	if resp == nil {
+		return driver.WithStack(fmt.Errorf("Response is nil"))
+	}
+	statusCode := resp.StatusCode()
+	if statusCode >= 200 && statusCode < 300 {
+		return nil
+	}
+	return driver.ArangoError{
+		HasError: true,
+		Code:     statusCode,
+	}
+}
+
 // isArangoError checks if the given error is (or is caused by) an ArangoError.
 // If so it returned the Code and true, otherwise it returns 0, false.
 func isArangoError(err error) (int, bool) {
@@ -224,7 +244,7 @@ func (c *agencyConnection) UpdateEndpoints(endpoints []string) error {
 	for i, ep := range endpoints {
 		config := c.config
 		config.Endpoints = []string{ep}
-		config.FailOnRedirect = true
+		config.DontFollowRedirect = true
 		httpConn, err := http.NewConnection(config)
 		if err != nil {
 			return driver.WithStack(err)

deps/github.com/arangodb/go-driver/agency/doc.go

@@ -20,20 +20,19 @@
 // Author Ewout Prangsma
 //
 
-package agency
+/*
+Package agency provides an API to access the ArangoDB agency (it is unlikely that you need this package directly).
 
-//
-// The Agency is fault-tolerant and highly-available key-value store
-// that is used to store critical, low-level information about
-// an ArangoDB cluster.
-//
-// The API provided in this package gives access to the Agency.
-//
-// THIS API IS NOT USED FOR NORMAL DATABASE ACCESS.
-//
-// Reasons for using this API are:
-// - You want to make use of an indepent Agency as your own HA key-value store.
-// - You want access to low-level information of your database. USE WITH GREAT CARE!
-//
-// WARNING: Messing around in the Agency can quickly lead to a corrupt database!
-//
+The Agency is fault-tolerant and highly-available key-value store
+that is used to store critical, low-level information about
+an ArangoDB cluster.
+
+THIS API IS NOT USED FOR NORMAL DATABASE ACCESS.
+
+Reasons for using this API are:
+- You want to make use of an indepent Agency as your own HA key-value store.
+- You want access to low-level information of your database. USE WITH GREAT CARE!
+
+WARNING: Messing around in the Agency can quickly lead to a corrupt database!
+*/
+package agency

deps/github.com/arangodb/go-driver/cluster/doc.go

@@ -0,0 +1,26 @@
+//
+// DISCLAIMER
+//
+// Copyright 2018 ArangoDB GmbH, Cologne, Germany
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Copyright holder is ArangoDB GmbH, Cologne, Germany
+//
+// Author Ewout Prangsma
+//
+
+/*
+Package cluster implements a driver.Connection that provides cluster failover support (it is not intended to be used directly).
+*/
+package cluster

deps/github.com/arangodb/go-driver/collection_document_impl.go

@@ -103,7 +103,7 @@ func (c *collection) CreateDocument(ctx context.Context, document interface{}) (
 	if err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
 	if cs.Silent {
@@ -155,7 +155,7 @@ func (c *collection) CreateDocuments(ctx context.Context, documents interface{})
 	if err != nil {
 		return nil, nil, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return nil, nil, WithStack(err)
 	}
 	if cs.Silent {
@@ -196,7 +196,7 @@ func (c *collection) UpdateDocument(ctx context.Context, key string, update inte
 	if err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
 	if cs.Silent {
@@ -264,7 +264,7 @@ func (c *collection) UpdateDocuments(ctx context.Context, keys []string, updates
 	if err != nil {
 		return nil, nil, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return nil, nil, WithStack(err)
 	}
 	if cs.Silent {
@@ -305,7 +305,7 @@ func (c *collection) ReplaceDocument(ctx context.Context, key string, document i
 	if err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
 	if cs.Silent {
@@ -373,7 +373,7 @@ func (c *collection) ReplaceDocuments(ctx context.Context, keys []string, docume
 	if err != nil {
 		return nil, nil, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(201, 202); err != nil {
 		return nil, nil, WithStack(err)
 	}
 	if cs.Silent {
@@ -407,7 +407,7 @@ func (c *collection) RemoveDocument(ctx context.Context, key string) (DocumentMe
 	if err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(200, 202)); err != nil {
+	if err := resp.CheckStatus(200, 202); err != nil {
 		return DocumentMeta{}, WithStack(err)
 	}
 	if cs.Silent {
@@ -456,7 +456,7 @@ func (c *collection) RemoveDocuments(ctx context.Context, keys []string) (Docume
 	if err != nil {
 		return nil, nil, WithStack(err)
 	}
-	if err := resp.CheckStatus(cs.okStatus(201, 202)); err != nil {
+	if err := resp.CheckStatus(200, 202); err != nil {
 		return nil, nil, WithStack(err)
 	}
 	if cs.Silent {

deps/github.com/arangodb/go-driver/context.go

@@ -359,16 +359,6 @@ func applyContextSettings(ctx context.Context, req Request) contextSettings {
 	return result
 }
 
-// okStatus returns one of the given status codes depending on the WaitForSync field value.
-// If WaitForSync==true, statusWithWaitForSync is returned, otherwise statusWithoutWaitForSync is returned.
-func (cs contextSettings) okStatus(statusWithWaitForSync, statusWithoutWaitForSync int) int {
-	if cs.WaitForSync {
-		return statusWithWaitForSync
-	} else {
-		return statusWithoutWaitForSync
-	}
-}
-
 // contextOrBackground returns the given context if it is not nil.
 // Returns context.Background() otherwise.
 func contextOrBackground(ctx context.Context) context.Context {