From 37e8c17041faded0b1183e4e1ed3d85f9e2e52b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hannes=20H=C3=B6rl?= Date: Sun, 24 Jun 2018 11:07:23 +0100 Subject: [PATCH] Do not do noramlization of the fingerprint format --- .../providers/vsphere/vclib/connection.go | 30 +---------------- .../vsphere/vclib/connection_test.go | 32 ++++--------------- 2 files changed, 8 insertions(+), 54 deletions(-) diff --git a/pkg/cloudprovider/providers/vsphere/vclib/connection.go b/pkg/cloudprovider/providers/vsphere/vclib/connection.go index 8d2e7b27d08..af56069c94b 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/connection.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/connection.go @@ -17,7 +17,6 @@ limitations under the License. package vclib import ( - "bytes" "context" "crypto/tls" "encoding/pem" @@ -25,7 +24,6 @@ import ( "net" neturl "net/url" "sync" - "unicode" "github.com/golang/glog" "github.com/vmware/govmomi/session" @@ -172,11 +170,7 @@ func (connection *VSphereConnection) NewClient(ctx context.Context) (*vim25.Clie } tpHost := connection.Hostname + ":" + connection.Port - tp, err := normalizeThumbprint(connection.Thumbprint) - if err != nil { - return nil, err - } - sc.SetThumbprint(tpHost, tp) + sc.SetThumbprint(tpHost, connection.Thumbprint) client, err := vim25.NewClient(ctx, sc) if err != nil { @@ -210,25 +204,3 @@ func (connection *VSphereConnection) UpdateCredentials(username string, password connection.Username = username connection.Password = password } - -func normalizeThumbprint(original string) (string, error) { - buffer := &bytes.Buffer{} - outIdx := 0 - - for _, r := range original { - if outIdx%2 == 0 && outIdx > 0 { - if _, err := buffer.WriteRune(':'); err != nil { - return "", err - } - } - if r == ':' { - continue - } - if _, err := buffer.WriteRune(unicode.ToUpper(r)); err != nil { - return "", err - } - outIdx++ - } - - return buffer.String(), nil -} diff --git a/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go b/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go index 05fe4cd3ed4..14fd22d8413 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go @@ -69,8 +69,13 @@ func createTestServer( t.Fatal("Expected server.TLS.Certificates not to be empty") } x509LeafCert := server.TLS.Certificates[0].Certificate[0] - tpBytes := sha1.Sum(x509LeafCert) - tpString := fmt.Sprintf("%x", tpBytes) + var tpString string + for i, b := range sha1.Sum(x509LeafCert) { + if i > 0 { + tpString += ":" + } + tpString += fmt.Sprintf("%02X", b) + } return server, tpString } @@ -151,29 +156,6 @@ func TestWithValidThumbprint(t *testing.T) { verifyConnectionWasMade() } -func TestWithValidThumbprintAlternativeFormat(t *testing.T) { - handler, verifyConnectionWasMade := getRequestVerifier(t) - - server, thumbprint := - createTestServer(t, fixtures.CaCertPath, fixtures.ServerCertPath, fixtures.ServerKeyPath, handler) - server.StartTLS() - u := mustParseUrl(t, server.URL) - - // lowercase, remove the ':' - tpDifferentFormat := strings.Replace(strings.ToLower(thumbprint), ":", "", -1) - - connection := &vclib.VSphereConnection{ - Hostname: u.Hostname(), - Port: u.Port(), - Thumbprint: tpDifferentFormat, - } - - // Ignoring error here, because we only care about the TLS connection - connection.NewClient(context.Background()) - - verifyConnectionWasMade() -} - func TestWithInvalidCaCertPath(t *testing.T) { connection := &vclib.VSphereConnection{ Hostname: "should-not-matter",