upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-02-03 20:40:45 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Load SSCT Generation Counter Upon DR Promotion [OSS] (#16956)

Browse source 
* port ssct bugfix to load epoch from storage

* changelog

* update changelog to be user-facing

* change 2 to two
This commit is contained in:
Hridoy Roy 2022-08-31 11:05:21 -07:00 committed by GitHub
parent 05997054cf
commit d7d5c055fc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelog/16956.txt Normal file
View file

@ -0,0 +1,3 @@
```release-note:bug
core: Prevent two or more DR failovers from invalidating SSCT tokens generated on the previous primaries.
```

3
vault/token_store_util_common.go
View file

@ -38,6 +38,9 @@ func (ts *TokenStore) loadSSCTokensGenerationCounter(ctx context.Context) error
}
func (ts *TokenStore) UpdateSSCTokensGenerationCounter(ctx context.Context) error {
if err := ts.loadSSCTokensGenerationCounter(ctx); err != nil {
return err
}
ts.sscTokensGenerationCounter.Counter += 1
if ts.sscTokensGenerationCounter.Counter <= 0 {
// Don't store the 0 value