scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 18:17:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

backport of commit 913481fb1f (#24222)

Browse Source 
Co-authored-by: Scott Miller <smiller@hashicorp.com>
This commit is contained in:
hc-github-team-secure-vault-core
2023-11-21 11:42:53 -05:00
committed by GitHub
parent 638a194580
commit b19d2a7f54
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
command/server.go
View File

@@ -2570,10 +2570,16 @@ func setSeal(c *ServerCommand, config *server.Config, infoKeys []string, info ma
Priority: 1, Priority: 1,
Name: "shamir", Name: "shamir",
}) })
case 1: default:
// If there's only one seal and it's disabled assume they want to allSealsDisabled := true
for _, c := range config.Seals {
if !c.Disabled {
allSealsDisabled = false
}
}
// If all seals are disabled assume they want to
// migrate to a shamir seal and simply didn't provide it // migrate to a shamir seal and simply didn't provide it
if config.Seals[0].Disabled { if allSealsDisabled {
config.Seals = append(config.Seals, &configutil.KMS{ config.Seals = append(config.Seals, &configutil.KMS{
Type: vault.SealConfigTypeShamir.String(), Type: vault.SealConfigTypeShamir.String(),
Priority: 1, Priority: 1,