Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of add nil check for mfa enforcement config namespace on login into release/1.13.x #20406

Merged
merged 2 commits into from
Apr 28, 2023
Merged

Backport of add nil check for mfa enforcement config namespace on login into release/1.13.x #20406

merged 2 commits into from
Apr 28, 2023

Conversation

hc-github-team-secure-vault-core
Copy link
Collaborator

Backport

This PR is auto-generated from #20375 to be assessed for backporting due to the inclusion of the label backport/1.13.x.

The below text is copied from the body of the original PR.

This PR adds a nil check around the namespace for a MFA enforcement config. This resolves a panic experienced on login after deleting a namespace which contains a MFA enforcement configuration.
Example Panic:

2023-04-26T12:39:37.380-0400 [INFO]  http: panic serving 127.0.0.1:64255: runtime error: invalid memory address or nil pointer dereference
goroutine 930 [running]:
net/http.(*conn).serve.func1()
	/Users/runner/actions-runner/_work/_tool/go/1.19.4/x64/src/net/http/server.go:1850 +0xbf
panic({0x5dfd600, 0xae57de0})
	/Users/runner/actions-runner/_work/_tool/go/1.19.4/x64/src/runtime/panic.go:890 +0x262
github.com/hashicorp/vault/vault.(*Core).buildMFAEnforcementConfigList(0xc000ae6000, {0x7dca1b8, 0xc000adf3e0}, 0xc0012de1c0, {0xc001cf723a, 0x17})
	/Users/runner/actions-runner/_work/vault-enterprise/vault-enterprise/vault/login_mfa.go:1696 +0x2f2
github.com/hashicorp/vault/vault.(*Core).handleLoginRequest(0xc000ae6000, {0x7dca1b8, 0xc000adf3e0}, 0xc00165ec00)
	/Users/runner/actions-runner/_work/vault-enterprise/vault-enterprise/vault/request_handling.go:1506 +0x19e9
github.com/hashicorp/vault/vault.(*Core).handleCancelableRequest(0xc000ae6000, {0x7dca1b8, 0xc000adf3b0}, 0xc00165ec00)
	/Users/runner/actions-runner/_work/vault-enterprise/vault-enterprise/vault/request_handling.go:663 +0x15fe
github.com/hashicorp/vault/vault.(*Core).switchedLockHandleRequest(0xc000ae6000, {0x7dca1b8, 0xc000adee40}, 0xc00165ec00, 0xc0?)
	/Users/runner/actions-runner/_work/vault-enterprise/vault-enterprise/vault/request_handling.go:472 +0x539
github.com/hashicorp/vault/vault.(*Core).HandleRequest(...)
Overview of commits

@hc-github-team-secure-vault-core hc-github-team-secure-vault-core force-pushed the backport/davidadeleon/fix-mfa-login-panic/intensely-adapted-frog branch 2 times, most recently from ad6c46c to 40ecf56 Compare April 27, 2023 19:15
@davidadeleon davidadeleon added this to the 1.13.3 milestone Apr 28, 2023
@davidadeleon davidadeleon merged commit ba82d7a into release/1.13.x Apr 28, 2023
@davidadeleon davidadeleon deleted the backport/davidadeleon/fix-mfa-login-panic/intensely-adapted-frog branch April 28, 2023 12:53
@fopina-ci fopina-ci mentioned this pull request Jun 8, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidadeleon davidadeleon davidadeleon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.13.3
Development

Successfully merging this pull request may close these issues.
2 participants
@hc-github-team-secure-vault-core @davidadeleon