upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-02-03 20:40:45 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Fix static secret caching race condition (#28494)

Browse source 
* Fix static ssecret caching data race

* Fix static ssecret caching data race

* Changelog
This commit is contained in:
Violet Hynes 2024-09-24 14:08:48 -04:00 committed by GitHub
parent 7cf6cbd330
commit 6d66990cb6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelog/28494.txt Normal file
View file

@ -0,0 +1,3 @@
```release-note:bug
proxy/cache (enterprise): Fixed a data race that could occur while tracking capabilities in Proxy's static secret cache.
```

2
command/agentproxyshared/cache/lease_cache.go vendored
View file

@ -791,6 +791,7 @@ func (c *LeaseCache) storeStaticSecretIndex(ctx context.Context, req *SendReques
path := getStaticSecretPathFromRequest(req)
capabilitiesIndex.IndexLock.Lock()
// Extra caution -- avoid potential nil
if capabilitiesIndex.ReadablePaths == nil {
capabilitiesIndex.ReadablePaths = make(map[string]struct{})
@ -798,6 +799,7 @@ func (c *LeaseCache) storeStaticSecretIndex(ctx context.Context, req *SendReques
// update the index with the new capability:
capabilitiesIndex.ReadablePaths[path] = struct{}{}
capabilitiesIndex.IndexLock.Unlock()
err = c.SetCapabilitiesIndex(ctx, capabilitiesIndex)
if err != nil {