Do not do noramlization of the fingerprint format

2025-09-14 05:36:12 +00:00 · 2018-06-24 11:07:23 +01:00
parent 7c27cd08ad
commit 37e8c17041
2 changed files with 8 additions and 54 deletions
--- a/pkg/cloudprovider/providers/vsphere/vclib/connection.go
+++ b/pkg/cloudprovider/providers/vsphere/vclib/connection.go
@@ -17,7 +17,6 @@ limitations under the License.
 package vclib

 import (
-	"bytes"
 	"context"
 	"crypto/tls"
 	"encoding/pem"
@@ -25,7 +24,6 @@ import (
 	"net"
 	neturl "net/url"
 	"sync"
-	"unicode"

 	"github.com/golang/glog"
 	"github.com/vmware/govmomi/session"
@@ -172,11 +170,7 @@ func (connection *VSphereConnection) NewClient(ctx context.Context) (*vim25.Clie
 	}

 	tpHost := connection.Hostname + ":" + connection.Port
-	tp, err := normalizeThumbprint(connection.Thumbprint)
-	if err != nil {
-		return nil, err
-	}
-	sc.SetThumbprint(tpHost, tp)
+	sc.SetThumbprint(tpHost, connection.Thumbprint)

 	client, err := vim25.NewClient(ctx, sc)
 	if err != nil {
@@ -210,25 +204,3 @@ func (connection *VSphereConnection) UpdateCredentials(username string, password
 	connection.Username = username
 	connection.Password = password
 }
-
-func normalizeThumbprint(original string) (string, error) {
-	buffer := &bytes.Buffer{}
-	outIdx := 0
-
-	for _, r := range original {
-		if outIdx%2 == 0 && outIdx > 0 {
-			if _, err := buffer.WriteRune(':'); err != nil {
-				return "", err
-			}
-		}
-		if r == ':' {
-			continue
-		}
-		if _, err := buffer.WriteRune(unicode.ToUpper(r)); err != nil {
-			return "", err
-		}
-		outIdx++
-	}
-
-	return buffer.String(), nil
-}
--- a/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go
+++ b/pkg/cloudprovider/providers/vsphere/vclib/connection_test.go
@@ -69,8 +69,13 @@ func createTestServer(
 		t.Fatal("Expected server.TLS.Certificates not to be empty")
 	}
 	x509LeafCert := server.TLS.Certificates[0].Certificate[0]
-	tpBytes := sha1.Sum(x509LeafCert)
-	tpString := fmt.Sprintf("%x", tpBytes)
+	var tpString string
+	for i, b := range sha1.Sum(x509LeafCert) {
+		if i > 0 {
+			tpString += ":"
+		}
+		tpString += fmt.Sprintf("%02X", b)
+	}

 	return server, tpString
 }
@@ -151,29 +156,6 @@ func TestWithValidThumbprint(t *testing.T) {
 	verifyConnectionWasMade()
 }

-func TestWithValidThumbprintAlternativeFormat(t *testing.T) {
-	handler, verifyConnectionWasMade := getRequestVerifier(t)
-
-	server, thumbprint :=
-		createTestServer(t, fixtures.CaCertPath, fixtures.ServerCertPath, fixtures.ServerKeyPath, handler)
-	server.StartTLS()
-	u := mustParseUrl(t, server.URL)
-
-	// lowercase, remove the ':'
-	tpDifferentFormat := strings.Replace(strings.ToLower(thumbprint), ":", "", -1)
-
-	connection := &vclib.VSphereConnection{
-		Hostname:   u.Hostname(),
-		Port:       u.Port(),
-		Thumbprint: tpDifferentFormat,
-	}
-
-	// Ignoring error here, because we only care about the TLS connection
-	connection.NewClient(context.Background())
-
-	verifyConnectionWasMade()
-}
-
 func TestWithInvalidCaCertPath(t *testing.T) {
 	connection := &vclib.VSphereConnection{
 		Hostname: "should-not-matter",