luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

aws-ec2: added a nil check for storedIdentity in login renewal

Browse source
This commit is contained in:
vishalnayak 2016-06-20 10:19:57 -04:00
parent 5a71be7cf1
commit 383be815b6
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
builtin/credential/aws-ec2/path_login.go
View file

@ -501,13 +501,16 @@ func (b *backend) pathLoginRenew(
// Cross check that the instance is still in 'running' state // Cross check that the instance is still in 'running' state
_, err := b.validateInstance(req.Storage, instanceID, region) _, err := b.validateInstance(req.Storage, instanceID, region)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to verify instance ID: %s", err) return nil, fmt.Errorf("failed to verify instance ID '%s': %s", instanceID, err)
} }
storedIdentity, err := whitelistIdentityEntry(req.Storage, instanceID) storedIdentity, err := whitelistIdentityEntry(req.Storage, instanceID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if storedIdentity == nil {
return nil, fmt.Errorf("failed to verify the whitelist identity entry for instance ID: %s", instanceID)
}
// Ensure that role entry is not deleted. // Ensure that role entry is not deleted.
roleEntry, err := b.lockedAWSRole(req.Storage, storedIdentity.Role) roleEntry, err := b.lockedAWSRole(req.Storage, storedIdentity.Role)