luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Fix keyring file missing after Vault restart (#15946)

This commit is contained in:
shujun10086 2022-06-16 01:22:42 +08:00 committed by GitHub
parent 7d0a252d55
commit 9f0a72ef2a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/15946.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
core/seal: Fix possible keyring truncation when using the file backend.
```

11
sdk/physical/file/file.go
View File

@ -242,8 +242,9 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
// JSON encode the entry and write it
fullPath := filepath.Join(path, key)
tempPath := fullPath + ".temp"
f, err := os.OpenFile(
fullPath,
tempPath,
os.O_CREATE|os.O_TRUNC|os.O_WRONLY,
0o600)
if err != nil {
@ -262,6 +263,10 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
})
f.Close()
if encErr == nil {
err = os.Rename(tempPath, fullPath)
if err != nil {
return err
}
return nil
}
@ -270,7 +275,7 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
// See if we ended up with a zero-byte file and if so delete it, might be a
// case of disk being full but the file info is in metadata that is
// reserved.
fi, err := os.Stat(fullPath)
fi, err := os.Stat(tempPath)
if err != nil {
return encErr
}
@ -278,7 +283,7 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
return encErr
}
if fi.Size() == 0 {
os.Remove(fullPath)
os.Remove(tempPath)
}
return encErr
}