From 28746e094aaf3e107ad0c5b4838f26575cfd99f3 Mon Sep 17 00:00:00 2001 From: HridoyRoy Date: Wed, 31 Aug 2022 09:27:39 -0700 Subject: [PATCH 1/4] port ssct bugfix to load epoch from storage --- vault/token_store_util_common.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vault/token_store_util_common.go b/vault/token_store_util_common.go index 235e2d216777..a10bb83a854f 100644 --- a/vault/token_store_util_common.go +++ b/vault/token_store_util_common.go @@ -38,6 +38,9 @@ func (ts *TokenStore) loadSSCTokensGenerationCounter(ctx context.Context) error } func (ts *TokenStore) UpdateSSCTokensGenerationCounter(ctx context.Context) error { + if err := ts.loadSSCTokensGenerationCounter(ctx); err != nil { + return err + } ts.sscTokensGenerationCounter.Counter += 1 if ts.sscTokensGenerationCounter.Counter <= 0 { // Don't store the 0 value From 3d9adc8ed301aa0fb4cca28ef7f3d0f5057272d9 Mon Sep 17 00:00:00 2001 From: HridoyRoy Date: Wed, 31 Aug 2022 09:30:38 -0700 Subject: [PATCH 2/4] changelog --- changelog/16956.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelog/16956.txt diff --git a/changelog/16956.txt b/changelog/16956.txt new file mode 100644 index 000000000000..f2b07c953755 --- /dev/null +++ b/changelog/16956.txt @@ -0,0 +1,3 @@ +```release-note:bug +core: Load SSCT Token Generation counter from storage when upgrading a DR to a primary +``` From 525286822855dd48ebe2143dca2a7b7f352988bb Mon Sep 17 00:00:00 2001 From: HridoyRoy Date: Wed, 31 Aug 2022 09:53:28 -0700 Subject: [PATCH 3/4] update changelog to be user-facing --- changelog/16956.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog/16956.txt b/changelog/16956.txt index f2b07c953755..b7e2669787f4 100644 --- a/changelog/16956.txt +++ b/changelog/16956.txt @@ -1,3 +1,3 @@ ```release-note:bug -core: Load SSCT Token Generation counter from storage when upgrading a DR to a primary +core: Prevent 2 or more DR failovers from invalidating SSCT tokens generated on the previous primaries. ``` From 5949fcabd6fc2e4dcdd7d52fd81d8b952fc59852 Mon Sep 17 00:00:00 2001 From: HridoyRoy Date: Wed, 31 Aug 2022 09:54:41 -0700 Subject: [PATCH 4/4] change 2 to two --- changelog/16956.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog/16956.txt b/changelog/16956.txt index b7e2669787f4..8912f727f4f6 100644 --- a/changelog/16956.txt +++ b/changelog/16956.txt @@ -1,3 +1,3 @@ ```release-note:bug -core: Prevent 2 or more DR failovers from invalidating SSCT tokens generated on the previous primaries. +core: Prevent two or more DR failovers from invalidating SSCT tokens generated on the previous primaries. ```