mirror of https://github.com/hashicorp/consul
make sure auto_encrypt has private key type and bits (#6392)
commit
d051342902
|
@ -51,6 +51,13 @@ func (c *Client) RequestAutoEncryptCerts(servers []string, port int, token strin
|
||||||
return errFn(err)
|
return errFn(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if conf.PrivateKeyType == "" {
|
||||||
|
conf.PrivateKeyType = connect.DefaultPrivateKeyType
|
||||||
|
}
|
||||||
|
if conf.PrivateKeyBits == 0 {
|
||||||
|
conf.PrivateKeyBits = connect.DefaultPrivateKeyBits
|
||||||
|
}
|
||||||
|
|
||||||
// Create a new private key
|
// Create a new private key
|
||||||
pk, pkPEM, err := connect.GeneratePrivateKeyWithConfig(conf.PrivateKeyType, conf.PrivateKeyBits)
|
pk, pkPEM, err := connect.GeneratePrivateKeyWithConfig(conf.PrivateKeyType, conf.PrivateKeyBits)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -1,11 +1,13 @@
|
||||||
package consul
|
package consul
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/stretchr/testify/require"
|
|
||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"os"
|
"os"
|
||||||
"testing"
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestAutoEncrypt_resolveAddr(t *testing.T) {
|
func TestAutoEncrypt_resolveAddr(t *testing.T) {
|
||||||
|
@ -77,3 +79,31 @@ func TestAutoEncrypt_missingPortError(t *testing.T) {
|
||||||
_, _, err = net.SplitHostPort(host)
|
_, _, err = net.SplitHostPort(host)
|
||||||
require.False(t, missingPortError(host, err))
|
require.False(t, missingPortError(host, err))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAutoEncrypt_RequestAutoEncryptCerts(t *testing.T) {
|
||||||
|
dir1, c1 := testClient(t)
|
||||||
|
defer os.RemoveAll(dir1)
|
||||||
|
defer c1.Shutdown()
|
||||||
|
servers := []string{"localhost"}
|
||||||
|
port := 8301
|
||||||
|
token := ""
|
||||||
|
interruptCh := make(chan struct{})
|
||||||
|
doneCh := make(chan struct{})
|
||||||
|
var err error
|
||||||
|
go func() {
|
||||||
|
_, _, err = c1.RequestAutoEncryptCerts(servers, port, token, interruptCh)
|
||||||
|
close(doneCh)
|
||||||
|
}()
|
||||||
|
select {
|
||||||
|
case <-doneCh:
|
||||||
|
// since there are no servers at this port, we shouldn't be
|
||||||
|
// done and this should be an error of some sorts that happened
|
||||||
|
// in the setup phase before entering the for loop in
|
||||||
|
// RequestAutoEncryptCerts.
|
||||||
|
require.NoError(t, err)
|
||||||
|
case <-time.After(50 * time.Millisecond):
|
||||||
|
// this is the happy case since auto encrypt is in its loop to
|
||||||
|
// try to request certs.
|
||||||
|
interruptCh <- struct{}{}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue