scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 18:48:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Send initialized information via sys/seal-status (#5424)

Browse Source
This commit is contained in:
Jeff Mitchell
2018-09-27 16:03:37 -05:00
committed by Brian Kassouf
parent e559a1f20a
commit 382f28ee24
4 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
api/sys_seal.go
View File

@@ -57,6 +57,7 @@ func sealStatusRequest(c *Sys, r *Request) (*SealStatusResponse, error) {
type SealStatusResponse struct { type SealStatusResponse struct {
Type string `json:"type"` Type string `json:"type"`
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"` Sealed bool `json:"sealed"`
T int `json:"t"` T int `json:"t"`
N int `json:"n"` N int `json:"n"`

1
command/format.go
View File

@@ -320,6 +320,7 @@ func OutputSealStatus(ui cli.Ui, client *api.Client, status *api.SealStatusRespo
out := []string{} out := []string{}
out = append(out, "Key | Value") out = append(out, "Key | Value")
out = append(out, fmt.Sprintf("%sSeal Type | %s", sealPrefix, status.Type)) out = append(out, fmt.Sprintf("%sSeal Type | %s", sealPrefix, status.Type))
out = append(out, fmt.Sprintf("Initialized | %t", status.Initialized))
out = append(out, fmt.Sprintf("Sealed | %t", status.Sealed)) out = append(out, fmt.Sprintf("Sealed | %t", status.Sealed))
out = append(out, fmt.Sprintf("Total %sShares | %d", sealPrefix, status.N)) out = append(out, fmt.Sprintf("Total %sShares | %d", sealPrefix, status.N))
out = append(out, fmt.Sprintf("Threshold | %d", status.T)) out = append(out, fmt.Sprintf("Threshold | %d", status.T))

9
http/sys_seal.go
View File

@@ -177,7 +177,12 @@ func handleSysSealStatusRaw(core *vault.Core, w http.ResponseWriter, r *http.Req
} }
if sealConfig == nil { if sealConfig == nil {
respondError(w, http.StatusBadRequest, fmt.Errorf("server is not yet initialized")) respondOk(w, &SealStatusResponse{
Type: core.SealAccess().BarrierType(),
Initialized: false,
Sealed: true,
RecoverySeal: core.SealAccess().RecoveryKeySupported(),
})
return return
} }
@@ -201,6 +206,7 @@ func handleSysSealStatusRaw(core *vault.Core, w http.ResponseWriter, r *http.Req
respondOk(w, &SealStatusResponse{ respondOk(w, &SealStatusResponse{
Type: sealConfig.Type, Type: sealConfig.Type,
Initialized: true,
Sealed: sealed, Sealed: sealed,
T: sealConfig.SecretThreshold, T: sealConfig.SecretThreshold,
N: sealConfig.SecretShares, N: sealConfig.SecretShares,
@@ -215,6 +221,7 @@ func handleSysSealStatusRaw(core *vault.Core, w http.ResponseWriter, r *http.Req
type SealStatusResponse struct { type SealStatusResponse struct {
Type string `json:"type"` Type string `json:"type"`
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"` Sealed bool `json:"sealed"`
T int `json:"t"` T int `json:"t"`
N int `json:"n"` N int `json:"n"`

4
vault/seal_access.go
View File

@@ -20,6 +20,10 @@ func (s *SealAccess) StoredKeysSupported() bool {
return s.seal.StoredKeysSupported() return s.seal.StoredKeysSupported()
} }
func (s *SealAccess) BarrierType() string {
return s.seal.BarrierType()
}
func (s *SealAccess) BarrierConfig(ctx context.Context) (*SealConfig, error) { func (s *SealAccess) BarrierConfig(ctx context.Context) (*SealConfig, error) {
return s.seal.BarrierConfig(ctx) return s.seal.BarrierConfig(ctx)
} }