Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nil-Pointer error on AppRole login #4716

Closed
Luzifer opened this issue Jun 7, 2018 · 4 comments
Closed

Nil-Pointer error on AppRole login #4716

Luzifer opened this issue Jun 7, 2018 · 4 comments
Milestone

Comments

@Luzifer
Copy link

Luzifer commented Jun 7, 2018

Describe the bug

2018-06-07 13:55:02.621399 I | http: panic serving 172.18.0.1:41090: assignment to entry in nil map
goroutine 2077 [running]:
net/http.(*conn).serve.func1(0xc420a5f900)
        /goroot/src/net/http/server.go:1726 +0xd0
panic(0x1f14b80, 0x25414d0)
        /goroot/src/runtime/panic.go:502 +0x229
github.com/hashicorp/vault/builtin/credential/approle.(*backend).pathLoginUpdate(0xc42014ad80, 0x255e720, 0xc4205d72c0, 0xc420852ea0, 0xc42094d880, 0x0, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/builtin/credential/approle/path_login.go:265 +0x6e0
github.com/hashicorp/vault/builtin/credential/approle.(*backend).(github.com/hashicorp/vault/builtin/credential/approle.pathLoginUpdate)-fm(0x255e720, 0xc4205d72c0, 0xc420852ea0, 0xc42094d880, 0xc4206cb8e8, 0x3039302d61396601, 0xc42076f0a8)
        /gopath/src/github.com/hashicorp/vault/builtin/credential/approle/path_login.go:30 +0x52
github.com/hashicorp/vault/logical/framework.(*Backend).HandleRequest(0xc4206cba00, 0x255e720, 0xc4205d72c0, 0xc420852ea0, 0x0, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/logical/framework/backend.go:223 +0x475
github.com/hashicorp/vault/vault.(*Router).routeCommon(0xc4201e6400, 0x255e720, 0xc4205d72c0, 0xc420852ea0, 0x0, 0x0, 0x8000000, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/vault/router.go:516 +0x794
github.com/hashicorp/vault/vault.(*Router).Route(0xc4201e6400, 0x255e720, 0xc4205d72c0, 0xc420852ea0, 0xc4203ed530, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/vault/router.go:376 +0x4e
github.com/hashicorp/vault/vault.(*Core).handleLoginRequest(0xc420090900, 0x255e720, 0xc4205d72c0, 0xc420852ea0, 0x0, 0x0, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/vault/request_handling.go:664 +0x53b
github.com/hashicorp/vault/vault.(*Core).HandleRequest(0xc420090900, 0xc420852ea0, 0x0, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/vault/request_handling.go:273 +0x35a
github.com/hashicorp/vault/http.request(0xc420090900, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00, 0xc420852ea0, 0x0, 0x0)
        /gopath/src/github.com/hashicorp/vault/http/handler.go:408 +0x3c
github.com/hashicorp/vault/http.handleLogical.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/http/logical.go:148 +0xfb
net/http.HandlerFunc.ServeHTTP(0xc420024960, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
github.com/hashicorp/vault/http.handleRequestForwarding.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/http/handler.go:360 +0x1ca
net/http.HandlerFunc.ServeHTTP(0xc420024980, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
net/http.(*ServeMux).ServeHTTP(0xc4201e9b00, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:2337 +0x130
github.com/hashicorp/vault/http.wrapHelpHandler.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/http/help.go:22 +0x158
net/http.HandlerFunc.ServeHTTP(0xc4200249e0, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
github.com/hashicorp/vault/http.wrapCORSHandler.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/http/cors.go:32 +0x10a
net/http.HandlerFunc.ServeHTTP(0xc420024a00, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
github.com/hashicorp/vault/http.wrapGenericHandler.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/http/handler.go:128 +0xb1
net/http.HandlerFunc.ServeHTTP(0xc420024a20, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
github.com/hashicorp/vault/vendor/github.com/hashicorp/go-cleanhttp.PrintablePathCheckHandler.func1(0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /gopath/src/github.com/hashicorp/vault/vendor/github.com/hashicorp/go-cleanhttp/handlers.go:40 +0xcf
net/http.HandlerFunc.ServeHTTP(0xc420024a40, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:1947 +0x44
net/http.serverHandler.ServeHTTP(0xc4200af930, 0x255cf20, 0xc420a79ce0, 0xc4201a4f00)
        /goroot/src/net/http/server.go:2694 +0xbc
net/http.(*conn).serve(0xc420a5f900, 0x255e720, 0xc4205d7140)
        /goroot/src/net/http/server.go:1830 +0x651
created by net/http.(*Server).Serve
        /goroot/src/net/http/server.go:2795 +0x27b

Expected behavior
Successful login as in v0.10.1 instead of a crash

Environment:

  • Vault Server Version (retrieve with vault status): v0.10.2
  • Vault CLI Version (retrieve with vault version): n/a
  • Server Operating System/Architecture: Linux amd64
  • Client library: hvac==0.2.17
@jefferai jefferai added this to the 0.10.3 milestone Jun 7, 2018
@jefferai
Copy link
Member

jefferai commented Jun 7, 2018

Are you binding your role only via CIDR block?

@vishalnayak
Copy link
Member

This issue was caused by #4470 where-in a non-reused function was removed. The function that was removed was always allocating the metadata, which was not performed by the calling function after its removal.

@Luzifer
Copy link
Author

Luzifer commented Jun 7, 2018

@jefferai in that specific case: Yes.

@jefferai
Copy link
Member

jefferai commented Jun 7, 2018

@Luzifer A quick workaround would be to add some metadata (https://www.vaultproject.io/api/auth/approle/index.html#metadata) during secret ID generation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants