From ac5f6fcbe1cd8948f19878e895c3ec650ea4cfad Mon Sep 17 00:00:00 2001 From: Diptanu Choudhury Date: Tue, 25 Oct 2016 16:01:53 -0700 Subject: [PATCH] Moving the certs into tlsutil package --- client/client.go | 2 +- tlsutil/config_test.go | 56 +++++++++---------- {test => tlsutil/test}/ca/certindex | 0 {test => tlsutil/test}/ca/myca.conf | 0 {test => tlsutil/test}/ca/privkey.pem | 0 {test => tlsutil/test}/ca/root.cer | 0 {test => tlsutil/test}/ca/serialfile | 0 {test => tlsutil/test}/hostname/Alice.crt | 0 {test => tlsutil/test}/hostname/Alice.key | 0 {test => tlsutil/test}/hostname/CertAuth.crt | 0 {test => tlsutil/test}/key/ourdomain.cer | 0 {test => tlsutil/test}/key/ourdomain.csr | 0 {test => tlsutil/test}/key/ourdomain.key | 0 .../test}/key/ssl-cert-snakeoil.key | 0 .../test}/key/ssl-cert-snakeoil.pem | 0 {test => tlsutil/test}/notes.txt | 0 16 files changed, 29 insertions(+), 29 deletions(-) rename {test => tlsutil/test}/ca/certindex (100%) rename {test => tlsutil/test}/ca/myca.conf (100%) rename {test => tlsutil/test}/ca/privkey.pem (100%) rename {test => tlsutil/test}/ca/root.cer (100%) rename {test => tlsutil/test}/ca/serialfile (100%) rename {test => tlsutil/test}/hostname/Alice.crt (100%) rename {test => tlsutil/test}/hostname/Alice.key (100%) rename {test => tlsutil/test}/hostname/CertAuth.crt (100%) rename {test => tlsutil/test}/key/ourdomain.cer (100%) rename {test => tlsutil/test}/key/ourdomain.csr (100%) rename {test => tlsutil/test}/key/ourdomain.key (100%) rename {test => tlsutil/test}/key/ssl-cert-snakeoil.key (100%) rename {test => tlsutil/test}/key/ssl-cert-snakeoil.pem (100%) rename {test => tlsutil/test}/notes.txt (100%) diff --git a/client/client.go b/client/client.go index acb1bffd3..1d56cbe37 100644 --- a/client/client.go +++ b/client/client.go @@ -165,7 +165,7 @@ var ( // NewClient is used to create a new client from the given configuration func NewClient(cfg *config.Config, consulSyncer *consul.Syncer, logger *log.Logger) (*Client, error) { - //Create the tls wrapper + // Create the tls wrapper var tlsWrap tlsutil.Wrapper if cfg.TLSConfig.EnableRPC { tw, err := cfg.TLSConfiguration().OutgoingTLSWrapper() diff --git a/tlsutil/config_test.go b/tlsutil/config_test.go index 48cba972c..d773f5e9f 100644 --- a/tlsutil/config_test.go +++ b/tlsutil/config_test.go @@ -25,7 +25,7 @@ func TestConfig_AppendCA_None(t *testing.T) { func TestConfig_CACertificate_Valid(t *testing.T) { conf := &Config{ - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", } pool := x509.NewCertPool() err := conf.AppendCA(pool) @@ -50,8 +50,8 @@ func TestConfig_KeyPair_None(t *testing.T) { func TestConfig_KeyPair_Valid(t *testing.T) { conf := &Config{ - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", } cert, err := conf.KeyPair() if err != nil { @@ -77,7 +77,7 @@ func TestConfig_OutgoingTLS_MissingCA(t *testing.T) { func TestConfig_OutgoingTLS_OnlyCA(t *testing.T) { conf := &Config{ - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", } tls, err := conf.OutgoingTLSConfig() if err != nil { @@ -91,7 +91,7 @@ func TestConfig_OutgoingTLS_OnlyCA(t *testing.T) { func TestConfig_OutgoingTLS_VerifyOutgoing(t *testing.T) { conf := &Config{ VerifyOutgoing: true, - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", } tls, err := conf.OutgoingTLSConfig() if err != nil { @@ -114,7 +114,7 @@ func TestConfig_OutgoingTLS_VerifyOutgoing(t *testing.T) { func TestConfig_OutgoingTLS_ServerName(t *testing.T) { conf := &Config{ VerifyOutgoing: true, - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", ServerName: "consul.example.com", } tls, err := conf.OutgoingTLSConfig() @@ -138,7 +138,7 @@ func TestConfig_OutgoingTLS_ServerName(t *testing.T) { func TestConfig_OutgoingTLS_VerifyHostname(t *testing.T) { conf := &Config{ VerifyServerHostname: true, - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", ServerName: "foo", } tls, err := conf.OutgoingTLSConfig() @@ -162,9 +162,9 @@ func TestConfig_OutgoingTLS_VerifyHostname(t *testing.T) { func TestConfig_OutgoingTLS_WithKeyPair(t *testing.T) { conf := &Config{ VerifyOutgoing: true, - CAFile: "../test/ca/root.cer", - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CAFile: "./test/ca/root.cer", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", } tls, err := conf.OutgoingTLSConfig() if err != nil { @@ -222,9 +222,9 @@ func startTLSServer(config *Config) (net.Conn, chan error) { func TestConfig_outgoingWrapper_OK(t *testing.T) { config := &Config{ - CAFile: "../test/hostname/CertAuth.crt", - CertFile: "../test/hostname/Alice.crt", - KeyFile: "../test/hostname/Alice.key", + CAFile: "./test/hostname/CertAuth.crt", + CertFile: "./test/hostname/Alice.crt", + KeyFile: "./test/hostname/Alice.key", VerifyServerHostname: true, VerifyOutgoing: true, ServerName: "server.dc1.consul", @@ -259,9 +259,9 @@ func TestConfig_outgoingWrapper_BadCert(t *testing.T) { // TODO this test is currently hanging, need to investigate more. t.SkipNow() config := &Config{ - CAFile: "../test/ca/root.cer", - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CAFile: "./test/ca/root.cer", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", ServerName: "foo", VerifyServerHostname: true, VerifyOutgoing: true, @@ -293,9 +293,9 @@ func TestConfig_outgoingWrapper_BadCert(t *testing.T) { func TestConfig_wrapTLS_OK(t *testing.T) { config := &Config{ - CAFile: "../test/ca/root.cer", - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CAFile: "./test/ca/root.cer", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", VerifyOutgoing: true, } @@ -323,8 +323,8 @@ func TestConfig_wrapTLS_OK(t *testing.T) { func TestConfig_wrapTLS_BadCert(t *testing.T) { serverConfig := &Config{ - CertFile: "../test/key/ssl-cert-snakeoil.pem", - KeyFile: "../test/key/ssl-cert-snakeoil.key", + CertFile: "./test/key/ssl-cert-snakeoil.pem", + KeyFile: "./test/key/ssl-cert-snakeoil.key", } client, errc := startTLSServer(serverConfig) @@ -333,7 +333,7 @@ func TestConfig_wrapTLS_BadCert(t *testing.T) { } clientConfig := &Config{ - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", VerifyOutgoing: true, } @@ -359,9 +359,9 @@ func TestConfig_wrapTLS_BadCert(t *testing.T) { func TestConfig_IncomingTLS(t *testing.T) { conf := &Config{ VerifyIncoming: true, - CAFile: "../test/ca/root.cer", - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CAFile: "./test/ca/root.cer", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", } tlsC, err := conf.IncomingTLSConfig() if err != nil { @@ -384,8 +384,8 @@ func TestConfig_IncomingTLS(t *testing.T) { func TestConfig_IncomingTLS_MissingCA(t *testing.T) { conf := &Config{ VerifyIncoming: true, - CertFile: "../test/key/ourdomain.cer", - KeyFile: "../test/key/ourdomain.key", + CertFile: "./test/key/ourdomain.cer", + KeyFile: "./test/key/ourdomain.key", } _, err := conf.IncomingTLSConfig() if err == nil { @@ -396,7 +396,7 @@ func TestConfig_IncomingTLS_MissingCA(t *testing.T) { func TestConfig_IncomingTLS_MissingKey(t *testing.T) { conf := &Config{ VerifyIncoming: true, - CAFile: "../test/ca/root.cer", + CAFile: "./test/ca/root.cer", } _, err := conf.IncomingTLSConfig() if err == nil { diff --git a/test/ca/certindex b/tlsutil/test/ca/certindex similarity index 100% rename from test/ca/certindex rename to tlsutil/test/ca/certindex diff --git a/test/ca/myca.conf b/tlsutil/test/ca/myca.conf similarity index 100% rename from test/ca/myca.conf rename to tlsutil/test/ca/myca.conf diff --git a/test/ca/privkey.pem b/tlsutil/test/ca/privkey.pem similarity index 100% rename from test/ca/privkey.pem rename to tlsutil/test/ca/privkey.pem diff --git a/test/ca/root.cer b/tlsutil/test/ca/root.cer similarity index 100% rename from test/ca/root.cer rename to tlsutil/test/ca/root.cer diff --git a/test/ca/serialfile b/tlsutil/test/ca/serialfile similarity index 100% rename from test/ca/serialfile rename to tlsutil/test/ca/serialfile diff --git a/test/hostname/Alice.crt b/tlsutil/test/hostname/Alice.crt similarity index 100% rename from test/hostname/Alice.crt rename to tlsutil/test/hostname/Alice.crt diff --git a/test/hostname/Alice.key b/tlsutil/test/hostname/Alice.key similarity index 100% rename from test/hostname/Alice.key rename to tlsutil/test/hostname/Alice.key diff --git a/test/hostname/CertAuth.crt b/tlsutil/test/hostname/CertAuth.crt similarity index 100% rename from test/hostname/CertAuth.crt rename to tlsutil/test/hostname/CertAuth.crt diff --git a/test/key/ourdomain.cer b/tlsutil/test/key/ourdomain.cer similarity index 100% rename from test/key/ourdomain.cer rename to tlsutil/test/key/ourdomain.cer diff --git a/test/key/ourdomain.csr b/tlsutil/test/key/ourdomain.csr similarity index 100% rename from test/key/ourdomain.csr rename to tlsutil/test/key/ourdomain.csr diff --git a/test/key/ourdomain.key b/tlsutil/test/key/ourdomain.key similarity index 100% rename from test/key/ourdomain.key rename to tlsutil/test/key/ourdomain.key diff --git a/test/key/ssl-cert-snakeoil.key b/tlsutil/test/key/ssl-cert-snakeoil.key similarity index 100% rename from test/key/ssl-cert-snakeoil.key rename to tlsutil/test/key/ssl-cert-snakeoil.key diff --git a/test/key/ssl-cert-snakeoil.pem b/tlsutil/test/key/ssl-cert-snakeoil.pem similarity index 100% rename from test/key/ssl-cert-snakeoil.pem rename to tlsutil/test/key/ssl-cert-snakeoil.pem diff --git a/test/notes.txt b/tlsutil/test/notes.txt similarity index 100% rename from test/notes.txt rename to tlsutil/test/notes.txt