Recover from panics during request forwarding #3072

jefferai · 2017-07-27T15:47:27Z

When request forwarding, if we have a panic, the entire connection gets killed. Instead, log an error with the panic information.

Fixes #2877

Note: fix is currently incomplete for the full issue.

gRPC doesn't have a handler for recovering from a panic like a normal HTTP request so a panic will actually kill Vault's listener. This basically copies the net/http logic for managing this. The SSH-specific logic is removed here as the underlying issue is caused by the request forwarding mechanism.

chrishoffman · 2017-07-28T01:07:50Z

@jefferai the initial panic recovery worked it just was casting to the wrong type. I was able to recreate the issue and address it by casting it to a string and returning the correct error. I can't assign you as a reviewer since you created this PR. Can you take a look?

jefferai · 2017-07-28T01:21:59Z

Hah, ok. Perfect. Looks great!

jefferai added 2 commits July 27, 2017 11:44

Fix error message formatting and response body

cd9d21f

jefferai added this to the 0.8.0 milestone Jul 27, 2017

fixing recovery from x/golang/crypto panics

0ac923d

chrishoffman self-assigned this Jul 28, 2017

chrishoffman self-requested a review July 28, 2017 01:53

chrishoffman approved these changes Jul 28, 2017

View reviewed changes

chrishoffman merged commit b5cabc2 into master Jul 28, 2017

chrishoffman deleted the req-forwarding-recover branch July 28, 2017 01:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Recover from panics during request forwarding #3072

Recover from panics during request forwarding #3072

jefferai commented Jul 27, 2017

chrishoffman commented Jul 28, 2017

jefferai commented Jul 28, 2017

Recover from panics during request forwarding #3072

Recover from panics during request forwarding #3072

Conversation

jefferai commented Jul 27, 2017

chrishoffman commented Jul 28, 2017

jefferai commented Jul 28, 2017