mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-21 22:51:09 +02:00
Code Issues Projects Releases Wiki Activity

vault: defer barrier initialization until as late as possible

Browse Source
This commit is contained in:
Armon Dadgar 2015-05-08 11:06:39 -07:00
parent 05ae758208
commit eedd63a105
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
vault/core.go
View File

@ -619,12 +619,6 @@ func (c *Core) Initialize(config *SealConfig) (*InitResult, error) {
return nil, fmt.Errorf("master key generation failed: %v", err)
}
// Initialize the barrier
if err := c.barrier.Initialize(masterKey); err != nil {
c.logger.Printf("[ERR] core: failed to initialize barrier: %v", err)
return nil, fmt.Errorf("failed to initialize barrier: %v", err)
}
// Return the master key if only a single key part is used
results := new(InitResult)
if config.SecretShares == 1 {
@ -639,6 +633,12 @@ func (c *Core) Initialize(config *SealConfig) (*InitResult, error) {
}
results.SecretShares = shares
}
// Initialize the barrier
if err := c.barrier.Initialize(masterKey); err != nil {
c.logger.Printf("[ERR] core: failed to initialize barrier: %v", err)
return nil, fmt.Errorf("failed to initialize barrier: %v", err)
}
c.logger.Printf("[INFO] core: security barrier initialized")
// Unseal the barrier