From c4b31d5bdaa14659a159bac80949e3bd2c837206 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Tue, 6 Nov 2018 09:42:03 -0800
Subject: [PATCH] Add HSMAutoDeprecated for ent upgrade (#5704)

---
 command/server_util.go | 2 +-
 vault/seal/seal.go     | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/command/server_util.go b/command/server_util.go
index ad0fc1b01e..365859958b 100644
--- a/command/server_util.go
+++ b/command/server_util.go
@@ -21,7 +21,7 @@ func adjustCoreForSealMigration(ctx context.Context, core *vault.Core, coreConfi
 	}
 	var existSeal vault.Seal
 	var newSeal vault.Seal
-	if existBarrierSealConfig != nil &&
+	if existBarrierSealConfig != nil && existBarrierSealConfig.Type != vaultseal.HSMAutoDeprecated &&
 		(existBarrierSealConfig.Type != seal.BarrierType() ||
 			config.Seal != nil && config.Seal.Disabled) {
 		// If the existing seal is not Shamir, we're going to Shamir, which
diff --git a/vault/seal/seal.go b/vault/seal/seal.go
index 1a3db6c38f..b80217a010 100644
--- a/vault/seal/seal.go
+++ b/vault/seal/seal.go
@@ -14,6 +14,10 @@ const (
 	GCPCKMS       = "gcpckms"
 	AzureKeyVault = "azurekeyvault"
 	Test          = "test-auto"
+
+	// HSMAutoDeprecated is a deprecated seal type prior to 0.9.0.
+	// It is still referenced in certain code paths for upgrade purporses
+	HSMAutoDeprecated = "hsm-auto"
 )
 
 // Access is the embedded implemention of autoSeal that contains logic