jefferai/-

## -
diff --git a/builtin/logical/pki/crl_util.go b/builtin/logical/pki/crl_util.go
index b433e25..45624ac 100644
--- a/builtin/logical/pki/crl_util.go
+++ b/builtin/logical/pki/crl_util.go
@@ -18,6 +18,15 @@ type revocationInfo struct {

 // Revokes a cert, and tries to be smart about error recovery
 func revokeCert(b *backend, req *logical.Request, serial string) (*logical.Response, error) {
+	// As this backend is self-contained and this function does not hook into
+	// third parties to manage users or resources, if the mount is tainted,
+	// revocation doesn't matter anyways -- the CRL that would be written will
+	// be immediately blown away by the view being cleared. So we can simply
+	// fast path a successful exit.
+	if b.System().Tainted() {
+		return nil, nil
+	}
+
 	alreadyRevoked := false
 	var revInfo revocationInfo

diff --git a/logical/system_view.go b/logical/system_view.go
index cf3e104..33dd01a 100644
--- a/logical/system_view.go
+++ b/logical/system_view.go
@@ -16,12 +16,23 @@ type SystemView interface {
 	// SudoPrivilege returns true if given path has sudo privileges
 	// for the given client token
 	SudoPrivilege(path string, token string) bool
+
+	// Returns true if the mount is tainted. A mount is tainted if it is in the
+	// process of being unmounted. This should only be used in special
+	// circumstances; a primary use-case is as a guard in revocation functions.
+	// If revocation of a backend's leases fails it can keep the unmounting
+	// process from being successful. If the reason for this failure is not
+	// relevant when the mount is tainted (for instance, saving a CRL to disk
+	// when the stored CRL will be removed during the unmounting process
+	// anyways), we can ignore the errors to allow unmounting to complete.
+	Tainted() bool
 }

 type StaticSystemView struct {
 	DefaultLeaseTTLVal time.Duration
 	MaxLeaseTTLVal     time.Duration
 	SudoPrivilegeVal   bool
+	TaintedVal         bool
 }

 func (d StaticSystemView) DefaultLeaseTTL() time.Duration {
@@ -35,3 +46,7 @@ func (d StaticSystemView) MaxLeaseTTL() time.Duration {
 func (d StaticSystemView) SudoPrivilege(path string, token string) bool {
 	return d.SudoPrivilegeVal
 }
+
+func (d StaticSystemView) Tainted() bool {
+	return d.TaintedVal
+}
diff --git a/vault/dynamic_system_view.go b/vault/dynamic_system_view.go
index 13a3166..9c9340a 100644
--- a/vault/dynamic_system_view.go
+++ b/vault/dynamic_system_view.go
@@ -64,3 +64,8 @@ func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {

 	return
 }
+
+// Tainted indicates that the mount is in the process of being removed
+func (d dynamicSystemView) Tainted() bool {
+	return d.mountEntry.Tainted
+}
	diff --git a/builtin/logical/pki/crl_util.go b/builtin/logical/pki/crl_util.go
	index b433e25..45624ac 100644
	--- a/builtin/logical/pki/crl_util.go
	+++ b/builtin/logical/pki/crl_util.go
	@@ -18,6 +18,15 @@ type revocationInfo struct {

	// Revokes a cert, and tries to be smart about error recovery
	func revokeCert(b backend, req logical.Request, serial string) (*logical.Response, error) {
	+ // As this backend is self-contained and this function does not hook into
	+ // third parties to manage users or resources, if the mount is tainted,
	+ // revocation doesn't matter anyways -- the CRL that would be written will
	+ // be immediately blown away by the view being cleared. So we can simply
	+ // fast path a successful exit.
	+ if b.System().Tainted() {
	+ return nil, nil
	+ }
	+
	alreadyRevoked := false
	var revInfo revocationInfo

	diff --git a/logical/system_view.go b/logical/system_view.go
	index cf3e104..33dd01a 100644
	--- a/logical/system_view.go
	+++ b/logical/system_view.go
	@@ -16,12 +16,23 @@ type SystemView interface {
	// SudoPrivilege returns true if given path has sudo privileges
	// for the given client token
	SudoPrivilege(path string, token string) bool
	+
	+ // Returns true if the mount is tainted. A mount is tainted if it is in the
	+ // process of being unmounted. This should only be used in special
	+ // circumstances; a primary use-case is as a guard in revocation functions.
	+ // If revocation of a backend's leases fails it can keep the unmounting
	+ // process from being successful. If the reason for this failure is not
	+ // relevant when the mount is tainted (for instance, saving a CRL to disk
	+ // when the stored CRL will be removed during the unmounting process
	+ // anyways), we can ignore the errors to allow unmounting to complete.
	+ Tainted() bool
	}

	type StaticSystemView struct {
	DefaultLeaseTTLVal time.Duration
	MaxLeaseTTLVal time.Duration
	SudoPrivilegeVal bool
	+ TaintedVal bool
	}

	func (d StaticSystemView) DefaultLeaseTTL() time.Duration {
	@@ -35,3 +46,7 @@ func (d StaticSystemView) MaxLeaseTTL() time.Duration {
	func (d StaticSystemView) SudoPrivilege(path string, token string) bool {
	return d.SudoPrivilegeVal
	}
	+
	+func (d StaticSystemView) Tainted() bool {
	+ return d.TaintedVal
	+}
	diff --git a/vault/dynamic_system_view.go b/vault/dynamic_system_view.go
	index 13a3166..9c9340a 100644
	--- a/vault/dynamic_system_view.go
	+++ b/vault/dynamic_system_view.go
	@@ -64,3 +64,8 @@ func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {

	return
	}
	+
	+// Tainted indicates that the mount is in the process of being removed
	+func (d dynamicSystemView) Tainted() bool {
	+ return d.mountEntry.Tainted
	+}