scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix max_ttl not being honored in database backend when default_ttl is zero (#3814)

Browse Source 
Fixes #3812
This commit is contained in:
Jeff Mitchell
2018-01-18 01:43:38 -05:00
committed by GitHub
parent b907a2e01f
commit 69eca11b62
7 changed files with 112 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
builtin/logical/postgresql/path_role_create.go
View File

@@ -63,6 +63,11 @@ func (b *backend) pathRoleCreateRead(ctx context.Context, req *logical.Request,
}
}
ttl := lease.Lease
if ttl == 0 || (lease.LeaseMax > 0 && ttl > lease.LeaseMax) {
ttl = lease.LeaseMax
}
// Generate the username, password and expiration. PG limits user to 63 characters
displayName := req.DisplayName
if len(displayName) > 26 {
@@ -81,7 +86,7 @@ func (b *backend) pathRoleCreateRead(ctx context.Context, req *logical.Request,
return nil, err
}
expiration := time.Now().
Add(lease.Lease).
Add(ttl).
Format("2006-01-02 15:04:05-0700")
// Get our handle
@@ -142,7 +147,7 @@ func (b *backend) pathRoleCreateRead(ctx context.Context, req *logical.Request,
"username": username,
"role": name,
})
resp.Secret.TTL = lease.Lease
resp.Secret.TTL = ttl
return resp, nil
}