file audit backend panics on reading key data for transit ecdsa-p256 key types

[sdboyer]

Environment:

• Vault Version: v0.7.3
• Operating System/Architecture: amazon linux, x86_64

Vault Config File:

very simple right now, but storage backend is consul, via local agent

Startup Log Output:

Expected Behavior:

I attempted to read key information (e.g. vault read transit/keys/<name>) for a key of type ecdsa-p256, using a token with the necessary privileges on a vault server with a file audit backend enabled. I expected to see that key's information.

Actual Behavior:

A 500 error from the command, and a panic recorded in the server's logs:

[ERROR] audit: panic during logging: request_path=transit/keys/boss2 error="reflect: reflect.Value.Set using unaddressable value"
[ERROR] core: failed to audit response: request_path=transit/keys/boss2 error=1 error occurred:
* panic generating audit log

Steps to Reproduce:

vault server -dev
vault audit-enable file "file_path=/tmp/vault-test-audit"
vault mount transit
vault write transit/keys/testkey "type=ecdsa-p256"
vault read transit/keys/testkey

[joelthompson]

@sdboyer -- this looks like a duplicate of of #2958 which should be fixed in the next version of Vault. Try downloading the 0.8 RC1 from https://releases.hashicorp.com/vault/0.8.0-rc1/ and see if it fixes it for you.

[sdboyer]

that's totally it. thank you, and sorry i didn't search before posting!