Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix panic on renewing a renewable KV v1 secret #118

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fix panic on renewing a renewable KV v1 secret #118

wants to merge 3 commits into from

Conversation

maxb
Copy link
Contributor

@maxb maxb commented Jul 25, 2023

A regression was introduced in #17, in 2018. Better late than never,
let's fix it. This will open the door to considering deleting the second
copy of the KV v1 source code within the Vault repo, and just referring
to this as the canonical copy.

The fix selectively reverts some parts of #17, renames handleRead to
handleReadOrRenew, and adds some detailed comments to explain the
subtlety.

maxb added 2 commits July 25, 2023 12:45
@maxb
Fix panic on renewing a renewable KV v1 secret
e48f3ee 
A regression was introduced in hashicorp#17, in 2018. Better late than never,
let's fix it. This will open the door to considering deleting the second
copy of the KV v1 source code within the Vault repo, and just referring
to this as the canonical copy.

The fix selectively reverts some parts of hashicorp#17, renames `handleRead` to
`handleReadOrRenew`, and adds some detailed comments to explain the
subtlety.
@maxb
Oops, forgot to commit this file
4fbd309
maxb
maxb commented Jul 25, 2023
View reviewed changes
passthrough.go
// with leases switched on or off
func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendConfig, leases bool) (logical.Backend, error) {
func LeaseSwitchedPassthroughBackendFactory(ctx context.Context, conf *logical.BackendConfig, leases bool) (logical.Backend, error) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note to reviewer: The changes above are just an opportunistic cleanup whilst I was here ... one of the three factory functions was inconsistently missing the Factory suffix.

Compatibility: Should not really be an issue, no-one other than Vault should be importing this as a library and Vault doesn't (yet) call these.

passthrough_test.go
InternalData: map[string]interface{}{
"secret_type": "kv",
},
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note to reviewer: This is a bit fake, hacking together just enough of what a real RenewOperation request would look like. Ideally I'd like to run a real Core and generate a real lease renewal, but the relevant test helpers are not exposed for out-of-tree plugins to use. This is probably good enough, I guess.

@maxb maxb mentioned this pull request Jul 25, 2023
Open
@averche averche requested a review from a team July 26, 2023 20:02
@tomhjp tomhjp requested review from a team and removed request for a team July 27, 2023 09:28
@maxb
Copy link
Contributor Author

maxb commented Aug 23, 2023

Hi @hsimon-hashicorp ... it's me again. I wonder if you'd be able to help get the right eyes on this one too? I fear it's a bit out of the way, in a rather quiet plugin repository - but it would be great to get it merged to unlock additional cleanups in the main Vault repository.

@maxb maxb mentioned this pull request Aug 31, 2023
Closed
@raymonstah
Copy link
Contributor

@maxb Hey Max, thanks for the contribution. Would you mind resolving the current merge conflicts? I'll take a look at the PR, but I'm not super familiar and don't have all of the context. I can try to help get more eyes on it.

@raymonstah raymonstah requested a review from a team August 31, 2023 23:44
@hsimon-hashicorp
Copy link

@maxb Hey Max, thanks for the contribution. Would you mind resolving the current merge conflicts? I'll take a look at the PR, but I'm not super familiar and don't have all of the context. I can try to help get more eyes on it.

Thank you @raymonstah! I missed the original ping, and I'll see if we can get some eyes on it too.

@maxb
Copy link
Contributor Author

maxb commented Sep 1, 2023

I'll take a look at the PR, but I'm not super familiar and don't have all of the context.

Thanks! In essence, the context is this:

  • There is a rare operational mode for KVv1s where they are configured with leased_passthrough=true and individual secrets have a ttl key
  • This was inadvertently broken in Update path definitions to work with OpenAPI #17, causing Vault to panic during request handling if it is used
  • Since it has been broken for some time, we may infer not many users are affected - although there is another report of the issue in Fix Renew operation for KV v1 #55 - however the broken functionality is extensively relied upon in Vault's own tests ... where it works because the Vault repo embeds an old copy of the KVv1 implementation, which is a bit inelegant, and sometimes a source of confusion
  • The fix is pretty simple... selectively revert the unnecessary changes that broke it
  • But I'm also adding comments, renaming a function, and adding a test, for insurance against this behaviour being overlooked again in the future

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@maxb @raymonstah @hsimon-hashicorp