Skip to content

Commit

Permalink
Merge pull request #55 from OpenCHAMI/cacert-hotfix
Browse files Browse the repository at this point in the history
Fix panic caused when setting '--cacert' flag from invalid client
  • Loading branch information
davidallendj authored Aug 28, 2024
2 parents 057ff7b + 874d750 commit 6d61511
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 13 deletions.
32 changes: 28 additions & 4 deletions internal/collect.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,12 @@
package magellan

import (
"crypto/tls"
"crypto/x509"
"encoding/json"
"fmt"
"net"
"net/http"
"os"
"path"
"sync"
Expand Down Expand Up @@ -58,12 +62,32 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams) error {
done = make(chan struct{}, params.Concurrency+1)
chanAssets = make(chan RemoteAsset, params.Concurrency+1)
outputPath = path.Clean(params.OutputPath)
smdClient = client.NewClient(
client.WithSecureTLS[client.SmdClient](params.CaCertPath),
)
smdClient = &client.SmdClient{Client: &http.Client{}}
)
// set the client's host from the CLI param
// set the client's params from CLI
// NOTE: temporary solution until client.NewClient() is fixed
smdClient.URI = params.URI
if params.CaCertPath != "" {
cacert, err := os.ReadFile(params.CaCertPath)
if err != nil {
return fmt.Errorf("failed to read CA cert path: %w", err)
}
certPool := x509.NewCertPool()
certPool.AppendCertsFromPEM(cacert)
smdClient.Client.Transport = &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: certPool,
InsecureSkipVerify: true,
},
DisableKeepAlives: true,
Dial: (&net.Dialer{
Timeout: 120 * time.Second,
KeepAlive: 120 * time.Second,
}).Dial,
TLSHandshakeTimeout: 120 * time.Second,
ResponseHeaderTimeout: 120 * time.Second,
}
}
wg.Add(params.Concurrency)
for i := 0; i < params.Concurrency; i++ {
go func() {
Expand Down
15 changes: 12 additions & 3 deletions pkg/client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,20 @@ import (
"net/http"
"os"
"time"

"github.com/rs/zerolog/log"
)

type Option[T Client] func(client T)
type Option[T Client] func(client *T)

// The 'Client' struct is a wrapper around the default http.Client
// that provides an extended API to work with functional options.
// It also provides functions that work with `collect` data.
type Client interface {
Init()
Name() string
GetClient() *http.Client
RootEndpoint(endpoint string) string
GetInternalClient() *http.Client

// functions needed to make request
Add(data HTTPBody, headers HTTPHeader) error
Expand All @@ -36,11 +39,17 @@ func NewClient[T Client](opts ...func(T)) T {
}

func WithCertPool[T Client](certPool *x509.CertPool) func(T) {
// make sure we have a valid cert pool
if certPool == nil {
return func(client T) {}
}
return func(client T) {
client.GetClient().Transport = &http.Transport{
// make sure that we can access the internal client
if client.GetInternalClient() == nil {
log.Warn().Any("client", client.GetInternalClient()).Msg("invalid internal HTTP client ()")
return
}
client.GetInternalClient().Transport = &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: certPool,
InsecureSkipVerify: true,
Expand Down
14 changes: 9 additions & 5 deletions pkg/client/smd.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,22 +16,26 @@ type SmdClient struct {
Xname string
}

func (c SmdClient) Name() string {
func (c *SmdClient) Init() {
c.Client = &http.Client{}
}

func (c *SmdClient) Name() string {
return "smd"
}

func (c SmdClient) RootEndpoint(endpoint string) string {
func (c *SmdClient) RootEndpoint(endpoint string) string {
return fmt.Sprintf("%s/hsm/v2%s", c.URI, endpoint)
}

func (c SmdClient) GetClient() *http.Client {
func (c *SmdClient) GetInternalClient() *http.Client {
return c.Client
}

// Add() has a similar function definition to that of the default implementation,
// but also allows further customization and data/header manipulation that would
// be specific and/or unique to SMD's API.
func (c SmdClient) Add(data HTTPBody, headers HTTPHeader) error {
func (c *SmdClient) Add(data HTTPBody, headers HTTPHeader) error {
if data == nil {
return fmt.Errorf("failed to add redfish endpoint: no data found")
}
Expand All @@ -53,7 +57,7 @@ func (c SmdClient) Add(data HTTPBody, headers HTTPHeader) error {
return err
}

func (c SmdClient) Update(data HTTPBody, headers HTTPHeader) error {
func (c *SmdClient) Update(data HTTPBody, headers HTTPHeader) error {
if data == nil {
return fmt.Errorf("failed to add redfish endpoint: no data found")
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/crawler/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ type InventoryDetail struct {
URI string `json:"uri,omitempty"` // URI of the BMC
UUID string `json:"uuid,omitempty"` // UUID of Node
Manufacturer string `json:"manufacturer,omitempty"` // Manufacturer of the Node
SystemType string `json:"system_type,omitempty` // System type of the Node
SystemType string `json:"system_type,omitempty"` // System type of the Node
Name string `json:"name,omitempty"` // Name of the Node
Model string `json:"model,omitempty"` // Model of the Node
Serial string `json:"serial,omitempty"` // Serial number of the Node
Expand Down

0 comments on commit 6d61511

Please sign in to comment.