Merge pull request #225 from ianunruh/fix/gh-213

HTTP should return 503 when sealed
This commit is contained in:
Armon Dadgar 2015-05-19 11:32:37 -07:00
commit c81207c6bd
2 changed files with 19 additions and 0 deletions

View file

@ -147,6 +147,11 @@ func requestAuth(r *http.Request, req *logical.Request) *logical.Request {
} }
func respondError(w http.ResponseWriter, status int, err error) { func respondError(w http.ResponseWriter, status int, err error) {
// Adjust status code when sealed
if err == vault.ErrSealed {
status = http.StatusServiceUnavailable
}
w.Header().Add("Content-Type", "application/json") w.Header().Add("Content-Type", "application/json")
w.WriteHeader(status) w.WriteHeader(status)

View file

@ -43,3 +43,17 @@ func TestSysMounts_headerAuth(t *testing.T) {
t.Fatalf("bad: %#v", actual) t.Fatalf("bad: %#v", actual)
} }
} }
func TestHandler_sealed(t *testing.T) {
core, _, token := vault.TestCoreUnsealed(t)
ln, addr := TestServer(t, core)
defer ln.Close()
core.Seal(token)
resp, err := http.Get(addr + "/v1/secret/foo")
if err != nil {
t.Fatalf("err: %s", err)
}
testResponseStatus(t, resp, 503)
}