github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-14 05:36:12 +00:00
Code Issues Projects Releases Wiki Activity

Do not do noramlization of the fingerprint format

Browse Source
This commit is contained in:
Hannes Hörl
2018-06-24 11:07:23 +01:00
parent 7c27cd08ad
commit 37e8c17041
2 changed files with 8 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
pkg/cloudprovider/providers/vsphere/vclib/connection.go
View File

@@ -17,7 +17,6 @@ limitations under the License.
package vclib package vclib
import ( import (
"bytes"
"context" "context"
"crypto/tls" "crypto/tls"
"encoding/pem" "encoding/pem"
@@ -25,7 +24,6 @@ import (
"net" "net"
neturl "net/url" neturl "net/url"
"sync" "sync"
"unicode"
"github.com/golang/glog" "github.com/golang/glog"
"github.com/vmware/govmomi/session" "github.com/vmware/govmomi/session"
@@ -172,11 +170,7 @@ func (connection *VSphereConnection) NewClient(ctx context.Context) (*vim25.Clie
} }
tpHost := connection.Hostname + ":" + connection.Port tpHost := connection.Hostname + ":" + connection.Port
tp, err := normalizeThumbprint(connection.Thumbprint) sc.SetThumbprint(tpHost, connection.Thumbprint)
if err != nil {
return nil, err
}
sc.SetThumbprint(tpHost, tp)
client, err := vim25.NewClient(ctx, sc) client, err := vim25.NewClient(ctx, sc)
if err != nil { if err != nil {
@@ -210,25 +204,3 @@ func (connection *VSphereConnection) UpdateCredentials(username string, password
connection.Username = username connection.Username = username
connection.Password = password connection.Password = password
} }
func normalizeThumbprint(original string) (string, error) {
buffer := &bytes.Buffer{}
outIdx := 0
for _, r := range original {
if outIdx%2 == 0 && outIdx > 0 {
if _, err := buffer.WriteRune(':'); err != nil {
return "", err
}
}
if r == ':' {
continue
}
if _, err := buffer.WriteRune(unicode.ToUpper(r)); err != nil {
return "", err
}
outIdx++
}
return buffer.String(), nil
}

32
pkg/cloudprovider/providers/vsphere/vclib/connection_test.go
View File

@@ -69,8 +69,13 @@ func createTestServer(
t.Fatal("Expected server.TLS.Certificates not to be empty") t.Fatal("Expected server.TLS.Certificates not to be empty")
} }
x509LeafCert := server.TLS.Certificates[0].Certificate[0] x509LeafCert := server.TLS.Certificates[0].Certificate[0]
tpBytes := sha1.Sum(x509LeafCert) var tpString string
tpString := fmt.Sprintf("%x", tpBytes) for i, b := range sha1.Sum(x509LeafCert) {
if i > 0 {
tpString += ":"
}
tpString += fmt.Sprintf("%02X", b)
}
return server, tpString return server, tpString
} }
@@ -151,29 +156,6 @@ func TestWithValidThumbprint(t *testing.T) {
verifyConnectionWasMade() verifyConnectionWasMade()
} }
func TestWithValidThumbprintAlternativeFormat(t *testing.T) {
handler, verifyConnectionWasMade := getRequestVerifier(t)
server, thumbprint :=
createTestServer(t, fixtures.CaCertPath, fixtures.ServerCertPath, fixtures.ServerKeyPath, handler)
server.StartTLS()
u := mustParseUrl(t, server.URL)
// lowercase, remove the ':'
tpDifferentFormat := strings.Replace(strings.ToLower(thumbprint), ":", "", -1)
connection := &vclib.VSphereConnection{
Hostname: u.Hostname(),
Port: u.Port(),
Thumbprint: tpDifferentFormat,
}
// Ignoring error here, because we only care about the TLS connection
connection.NewClient(context.Background())
verifyConnectionWasMade()
}
func TestWithInvalidCaCertPath(t *testing.T) { func TestWithInvalidCaCertPath(t *testing.T) {
connection := &vclib.VSphereConnection{ connection := &vclib.VSphereConnection{
Hostname: "should-not-matter", Hostname: "should-not-matter",