Merge "veyron/services/mgmt/node/impl: add self-installation functionality to node manager."
diff --git a/lib/netconfig/ipaux_other.go b/lib/netconfig/ipaux_other.go
index 23496f0..2826424 100644
--- a/lib/netconfig/ipaux_other.go
+++ b/lib/netconfig/ipaux_other.go
@@ -1,4 +1,4 @@
-// +build !linux,!bsd
+// +build !linux,!darwin,!dragonfly,!freebsd,!netbsd,!openbsd
// TODO(bprosnitz) Should change for nacl?
package netconfig
diff --git a/services/identity/blesser/macaroon.go b/services/identity/blesser/macaroon.go
index 5233788..9fc7798 100644
--- a/services/identity/blesser/macaroon.go
+++ b/services/identity/blesser/macaroon.go
@@ -66,5 +66,12 @@
if len(m.Caveats) == 0 {
m.Caveats = []security.Caveat{security.UnconstrainedUse()}
}
- return ctx.LocalPrincipal().Bless(ctx.RemoteBlessings().PublicKey(), ctx.LocalBlessings(), m.Name, m.Caveats[0], m.Caveats[1:]...)
+ // TODO(ashankar,toddw): After the old security model is ripped out and the VDL configuration
+ // files have the scheme to translate between "wire" types and "in-memory" types, this should just
+ // become return ctx.LocalPrincipal().....
+ blessings, err := ctx.LocalPrincipal().Bless(ctx.RemoteBlessings().PublicKey(), ctx.LocalBlessings(), m.Name, m.Caveats[0], m.Caveats[1:]...)
+ if err != nil {
+ return nil, err
+ }
+ return security.MarshalBlessings(blessings), nil
}
diff --git a/services/identity/blesser/macaroon_test.go b/services/identity/blesser/macaroon_test.go
index 8ea499a..0a907c8 100644
--- a/services/identity/blesser/macaroon_test.go
+++ b/services/identity/blesser/macaroon_test.go
@@ -39,10 +39,13 @@
m = BlessingMacaroon{Creation: time.Now(), Name: "user", Caveats: []security.Caveat{cOnlyMethodFoo}}
if result, err := blesser.Bless(context, newMacaroon(t, key, m)); err != nil || result == nil {
t.Errorf("Got (%v, %v)", result, err)
- } else if _, ok := result.(security.Blessings); !ok {
+ } else if _, ok := result.(security.WireBlessings); !ok {
t.Errorf("Got %T, want security.Blessings", result)
} else {
- b := result.(security.Blessings)
+ b, err := security.NewBlessings(result.(security.WireBlessings))
+ if err != nil {
+ t.Fatalf("Unable to decode response into a security.Blessings object: %v", err)
+ }
if !reflect.DeepEqual(b.PublicKey(), user.PublicKey()) {
t.Errorf("Received blessing for public key %v. Client:%v, Blesser:%v", b.PublicKey(), user.PublicKey(), provider.PublicKey())
}
diff --git a/services/identity/blesser/oauth.go b/services/identity/blesser/oauth.go
index be6dd9f..320e370 100644
--- a/services/identity/blesser/oauth.go
+++ b/services/identity/blesser/oauth.go
@@ -132,7 +132,7 @@
if err != nil {
return nil, "", err
}
- return blessing, email, nil
+ return security.MarshalBlessings(blessing), email, nil
}
// DEPRECATED