Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of Address OCSP client caching issue into release/1.15.x #26013

Merged
merged 1 commit into from
Mar 18, 2024
Merged

Backport of Address OCSP client caching issue into release/1.15.x #26013

merged 1 commit into from
Mar 18, 2024

Conversation

hc-github-team-secure-vault-core
Copy link
Collaborator

Backport

This PR is auto-generated from #25986 to be assessed for backporting due to the inclusion of the label backport/1.15.x.

The below text is copied from the body of the original PR.

  • The OCSP cache built into the client that is used by cert-auth would cache the responses but when pulling out a cached value the response wasn't validating properly and was then thrown away. So effectively we were operating with no cache.

  • The issue was around a confusion of the client's internal status vs the Go SDK OCSP status integer values.

Overview of commits

@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Mar 18, 2024
@hc-github-team-secure-vault-core hc-github-team-secure-vault-core force-pushed the backport/stevendpclark/vault-24947-fix-ocsp-cache/clearly-loyal-lion branch from f8d7ec6 to 8c4fb02 Compare March 18, 2024 19:12
@stevendpclark stevendpclark self-assigned this Mar 18, 2024
@stevendpclark stevendpclark enabled auto-merge (squash) March 18, 2024 19:13
@stevendpclark stevendpclark added this to the 1.15.7 milestone Mar 18, 2024
@github-actions GitHub Actions
Copy link

Build Results:
All builds succeeded! ✅

@github-actions GitHub Actions
Copy link

CI Results:
All Go tests succeeded! ✅

@stevendpclark stevendpclark merged commit c760d1d into release/1.15.x Mar 18, 2024
76 of 79 checks passed
@stevendpclark stevendpclark deleted the backport/stevendpclark/vault-24947-fix-ocsp-cache/clearly-loyal-lion branch March 18, 2024 19:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevendpclark stevendpclark stevendpclark approved these changes

Assignees

@stevendpclark stevendpclark

Labels
backport hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.15.7
Development

Successfully merging this pull request may close these issues.
2 participants
@hc-github-team-secure-vault-core @stevendpclark