luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Make sure updating pending and storage are done as a group (#4727)

This commit is contained in:
Jeff Mitchell 2018-06-08 17:24:44 -04:00 committed by GitHub
parent 575a606db7
commit be64c859e1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 34 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
vault/expiration.go
View File

@ -580,11 +580,16 @@ func (m *ExpirationManager) RevokeByToken(te *logical.TokenEntry) error {
if le != nil {
le.ExpireTime = time.Now()
if err := m.persistEntry(le); err != nil {
return err
}
{
m.pendingLock.Lock()
if err := m.persistEntry(le); err != nil {
m.pendingLock.Unlock()
return err
}
m.updatePending(le, 0)
m.updatePendingInternal(le, 0)
m.pendingLock.Unlock()
}
}
}
@ -707,12 +712,18 @@ func (m *ExpirationManager) Renew(leaseID string, increment time.Duration) (*log
le.Secret = resp.Secret
le.ExpireTime = resp.Secret.ExpirationTime()
le.LastRenewalTime = time.Now()
if err := m.persistEntry(le); err != nil {
return nil, err
}
// Update the expiration time
m.updatePending(le, resp.Secret.LeaseTotal())
{
m.pendingLock.Lock()
if err := m.persistEntry(le); err != nil {
m.pendingLock.Unlock()
return nil, err
}
// Update the expiration time
m.updatePendingInternal(le, resp.Secret.LeaseTotal())
m.pendingLock.Unlock()
}
// Return the response
return resp, nil
@ -782,12 +793,18 @@ func (m *ExpirationManager) RenewToken(req *logical.Request, source string, toke
le.Auth = resp.Auth
le.ExpireTime = resp.Auth.ExpirationTime()
le.LastRenewalTime = time.Now()
if err := m.persistEntry(le); err != nil {
return nil, err
}
// Update the expiration time
m.updatePending(le, resp.Auth.LeaseTotal())
{
m.pendingLock.Lock()
if err := m.persistEntry(le); err != nil {
m.pendingLock.Unlock()
return nil, err
}
// Update the expiration time
m.updatePendingInternal(le, resp.Auth.LeaseTotal())
m.pendingLock.Unlock()
}
retResp.Auth = resp.Auth
return retResp, nil
@ -963,7 +980,10 @@ func (m *ExpirationManager) FetchLeaseTimes(leaseID string) (*leaseEntry, error)
func (m *ExpirationManager) updatePending(le *leaseEntry, leaseTotal time.Duration) {
m.pendingLock.Lock()
defer m.pendingLock.Unlock()
m.updatePendingInternal(le, leaseTotal)
}
func (m *ExpirationManager) updatePendingInternal(le *leaseEntry, leaseTotal time.Duration) {
// Check for an existing timer
timer, ok := m.pending[le.LeaseID]