From 13d8f7b02e69e12210f65992145cf93adc8f8768 Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Wed, 17 Oct 2018 02:33:12 -0400 Subject: [PATCH] Use TypeCommaStringSlice for SSH zeroaddress roles (#5528) Fixes #5527 --- builtin/logical/ssh/path_config_zeroaddress.go | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/builtin/logical/ssh/path_config_zeroaddress.go b/builtin/logical/ssh/path_config_zeroaddress.go index 02754baaca4f..d91c6810d5d5 100644 --- a/builtin/logical/ssh/path_config_zeroaddress.go +++ b/builtin/logical/ssh/path_config_zeroaddress.go @@ -3,7 +3,6 @@ package ssh import ( "context" "fmt" - "strings" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical/framework" @@ -19,7 +18,7 @@ func pathConfigZeroAddress(b *backend) *framework.Path { Pattern: "config/zeroaddress", Fields: map[string]*framework.FieldSchema{ "roles": &framework.FieldSchema{ - Type: framework.TypeString, + Type: framework.TypeCommaStringSlice, Description: `[Required] Comma separated list of role names which allows credentials to be requested for any IP address. CIDR blocks previously registered under these roles will be ignored.`, @@ -60,13 +59,12 @@ func (b *backend) pathConfigZeroAddressRead(ctx context.Context, req *logical.Re } func (b *backend) pathConfigZeroAddressWrite(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { - roleNames := d.Get("roles").(string) - if roleNames == "" { + roles := d.Get("roles").([]string) + if len(roles) == 0 { return logical.ErrorResponse("Missing roles"), nil } // Check if the roles listed actually exist in the backend - roles := strings.Split(roleNames, ",") for _, item := range roles { role, err := b.getRole(ctx, req.Storage, item) if err != nil {