luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

Store clamped TTLs back in the role's config

Browse source
This commit is contained in:
Sean Chittenden 2016-05-15 08:13:56 -07:00
parent af4e2feda7
commit b0bba6d271
No known key found for this signature in database
GPG key ID: 4EBC9DC16C2E5E16
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
builtin/logical/pki/path_roles.go
View file

@ -339,7 +339,7 @@ func (b *backend) pathRoleCreate(
// If they are using the system default, cap it to the role max;
// if it was specified on the command line, make it an error
if len(entry.TTL) == 0 {
entry.TTL = entry.MaxTTL
ttl = maxTTL
} else {
return logical.ErrorResponse(
`"ttl" value must be less than "max_ttl" and/or backend default max lease TTL value`,
@ -347,6 +347,10 @@ func (b *backend) pathRoleCreate(
}
}
// Persist clamped TTLs
entry.TTL = ttl.String()
entry.MaxTTL = maxTTL.String()
if errResp := validateKeyTypeLength(entry.KeyType, entry.KeyBits); errResp != nil {
return errResp, nil
}