scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

seal/gcpkms: fix panic that occurs when the seal config map is nil (#8840)

Browse Source
This commit is contained in:
Calvin Leung Huang
2020-04-24 13:31:03 -07:00
committed by GitHub
parent 3e6df9bdec
commit e23cacb33a
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
command/server/seal/server_seal_gcpckms.go
View File

@@ -12,8 +12,16 @@ import (
)
func configureGCPCKMSSeal(configSeal *server.Seal, infoKeys *[]string, info *map[string]string, logger log.Logger, inseal vault.Seal) (vault.Seal, error) {
kms := gcpckms.NewWrapper(nil)
// The config map can be nil if all other seal params were provided via env
// vars so we nil check here before setting user_agent down below.
if configSeal.Config == nil {
configSeal.Config = map[string]string{}
}
// This is not exposed at the moment so we always override user_agent
// with Vault's internal value.
configSeal.Config["user_agent"] = useragent.String()
kms := gcpckms.NewWrapper(nil)
kmsInfo, err := kms.SetConfig(configSeal.Config)
if err != nil {
// If the error is any other than logical.KeyNotFoundError, return the error