From f2282247ef48a7681f74ff63d6ca1726f14eab40 Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Tue, 28 Feb 2017 18:36:28 -0500
Subject: [PATCH] Add seal cache purging back into postUnseal

---
 vault/core.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/vault/core.go b/vault/core.go
index f804008c0..8476c45dc 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -1215,6 +1215,12 @@ func (c *Core) postUnseal() (retErr error) {
 		purgable.Purge()
 	}
 
+	// Purge these for safety in case of a rekey
+	c.seal.SetBarrierConfig(nil)
+	if c.seal.RecoveryKeySupported() {
+		c.seal.SetRecoveryConfig(nil)
+	}
+
 	if err := enterprisePostUnseal(c); err != nil {
 		return err
 	}