vault-acme icon indicating copy to clipboard operation
vault-acme copied to clipboard

Published 20 hours ago verified publisher icon remilapeyre

unset dns_resolvers breaks anything calling getAccount

Open BlueSpaceCanary opened this issue 2 years ago • 2 comments

example panic:

Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: panic: interface conversion: interface {} is nil, not []interface {}
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: goroutine 52 [running]:
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: github.com/remilapeyre/vault-acme/acme.getAccount({0x1709ba0?, 0xc00021e300?}, {0x1709d28?,
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/work/vault-acme/vault-acme/acme/account.go:94 +0x8ab
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: github.com/remilapeyre/vault-acme/acme.(*backend).accountWrite(0xc0002a0850, {0x1709ba0, 0xc
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/work/vault-acme/vault-acme/acme/path_accounts.go:120 +0x29d
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: github.com/hashicorp/vault/sdk/framework.(*Backend).HandleRequest(0xc0001cc1a0, {0x1709ba0,
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/github.com/hashicorp/vault/[email protected]
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: github.com/hashicorp/vault/sdk/plugin.(*backendGRPCPluginServer).HandleRequest(0xc000306280,
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/github.com/hashicorp/vault/[email protected]
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: github.com/hashicorp/vault/sdk/plugin/pb._Backend_HandleRequest_Handler({0x138c520?, 0xc0003
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/github.com/hashicorp/vault/[email protected]
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: google.golang.org/grpc.(*Server).processUnaryRPC(0xc00009a480, {0x1710428, 0xc000188180}, 0x
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/google.golang.org/[email protected]/server.go:1024 +0xd1e
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: google.golang.org/grpc.(*Server).handleStream(0xc00009a480, {0x1710428, 0xc000188180}, 0xc00
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/google.golang.org/[email protected]/server.go:1313 +0xa05
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: google.golang.org/grpc.(*Server).serveStreams.func1.1()
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/google.golang.org/[email protected]/server.go:722 +0x98
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin: created by google.golang.org/grpc.(*Server).serveStreams.func1
Jul 09 23:14:55 wrex vault[7263]: 2022-07-09T23:14:55.360Z [DEBUG] secrets.acme.acme_d31db409.acme.acme-plugin:         /home/runner/go/pkg/mod/google.golang.org/[email protected]/server.go:720 +0xea

Unfortunately updating an account calls getAccount, so fixing an existing account by setting dns_resolvers doesn't really work 😅

If I remember my Go maps correctly, I think the fix would just be something simple like

if rs, ok := d["dns_resolvers"]; ok {
  a.DNSResolvers = make([]string, len(rs.([]interface{})))
  for i, resolver := range rs.([]interface{}) {
	a.DNSResolvers[i] = resolver.(string)
  }
}

BlueSpaceCanary avatar Jul 09 '22 23:07 BlueSpaceCanary

oh, I should add that rolling back to 0.0.8 works fine

BlueSpaceCanary avatar Jul 12 '22 20:07 BlueSpaceCanary

Hi @BlueSpaceCanary, thanks for looking into this. I will fix this in the coming week.

remilapeyre avatar Aug 17 '22 21:08 remilapeyre