scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 18:17:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use stored seal generation info for response to sys/seal-backend-status (#28631)

Browse Source 
Use stored seal generation info for response to sys/seal-backend-status.
This commit is contained in:
Victor Rodriguez
2024-10-09 10:04:50 -04:00
committed by GitHub
parent 25ce991234
commit 770d902f60
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/28631.txt Normal file
View File

@@ -0,0 +1,3 @@
```release-note:bug
core/seal: Fix an issue that could cause reading from sys/seal-backend-status to return stale information.
```

11
vault/logical_system.go
View File

@@ -5642,7 +5642,16 @@ func (c *Core) GetSealBackendStatus(ctx context.Context) (*SealBackendStatusResp
if err != nil { if err != nil {
return nil, fmt.Errorf("could not list partially seal wrapped values: %w", err) return nil, fmt.Errorf("could not list partially seal wrapped values: %w", err)
} }
genInfo := c.seal.GetAccess().GetSealGenerationInfo() // When multi-seal is enabled, use the stored seal generation information. Note that the in-memory
// value may not be up-to-date on non-active nodes.
genInfo, err := PhysicalSealGenInfo(ctx, c.physical)
if err != nil {
return nil, fmt.Errorf("could not read seal generation information: %w", err)
}
if genInfo == nil {
// Multi-seal is not enabled, use the in-memory value.
genInfo = c.seal.GetAccess().GetSealGenerationInfo()
}
r.FullyWrapped = genInfo.IsRewrapped() && len(pps) == 0 r.FullyWrapped = genInfo.IsRewrapped() && len(pps) == 0
return &r, nil return &r, nil
} }