Check TTL provided to generic backend on write

If existing entries have unparseable TTLs, return the value plus a
warning, rather than an error.

Fixes #718

CHANGELOG.md

@@ -36,6 +36,9 @@ generate them, leading to client errors.
    enabled [GH-694]
  * everywhere: Don't use http.DefaultClient, as it shares state implicitly and
    is a source of hard-to-track-down bugs [GH-700]
+ * secret/generic: Validate given duration at write time, not just read time;
+   if stored durations are not parseable, return a warning and the default
+   duration rather than an error [GH-718]
 
 MISC:
 

vault/logical_passthrough.go

@@ -123,16 +123,17 @@ func (b *PassthroughBackend) handleRead(
 
 	// Check if there is a ttl key
 	var ttl string
-	ttl, _ = rawData["lease"].(string)
+	ttl, _ = rawData["ttl"].(string)
 	if len(ttl) == 0 {
-		ttl, _ = rawData["ttl"].(string)
+		ttl, _ = rawData["lease"].(string)
 	}
-
 	ttlDuration := b.System().DefaultLeaseTTL()
 	if len(ttl) != 0 {
-		ttlDuration, err = time.ParseDuration(ttl)
+		parsedDuration, err := time.ParseDuration(ttl)
 		if err != nil {
-			return logical.ErrorResponse("failed to parse ttl for entry"), nil
+			resp.AddWarning(fmt.Sprintf("failed to parse stored ttl '%s' for entry; using default", ttl))
+		} else {
+			ttlDuration = parsedDuration
 		}
 		if b.generateLeases {
 			resp.Secret.Renewable = true
@@ -151,6 +152,23 @@ func (b *PassthroughBackend) handleWrite(
 		return nil, fmt.Errorf("missing data fields")
 	}
 
+	// Check if there is a ttl key; verify parseability if so
+	var ttl string
+	ttl = data.Get("ttl").(string)
+	if len(ttl) == 0 {
+		ttl = data.Get("lease").(string)
+	}
+	if len(ttl) != 0 {
+		_, err := time.ParseDuration(ttl)
+		if err != nil {
+			return logical.ErrorResponse("failed to parse ttl for entry"), nil
+		}
+		// Verify that ttl isn't the *only* thing we have
+		if len(req.Data) == 1 {
+			return nil, fmt.Errorf("missing data; only ttl found")
+		}
+	}
+
 	// JSON encode the data
 	buf, err := json.Marshal(req.Data)
 	if err != nil {