Skip to content

Commit 712c113

Browse files
haxorofjtopjian
authored andcommitted
clientconfig: Add support for SSL setting to disable verification (gophercloud#50)
* clientconfig: Add support for SSL setting to disable verification * Corrections after review
1 parent afce78e commit 712c113

File tree

6 files changed

+124
-20
lines changed

6 files changed

+124
-20
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
**/*.swp
22
.idea
33
.vscode
4+
debug.test

openstack/clientconfig/requests.go

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,14 +15,20 @@ import (
1515
type AuthType string
1616

1717
const (
18+
// AuthPassword defines an unknown version of the password
1819
AuthPassword AuthType = "password"
19-
AuthToken AuthType = "token"
20+
// AuthToken defined an unknown version of the token
21+
AuthToken AuthType = "token"
2022

23+
// AuthV2Password defines version 2 of the password
2124
AuthV2Password AuthType = "v2password"
22-
AuthV2Token AuthType = "v2token"
25+
// AuthV2Token defines version 2 of the token
26+
AuthV2Token AuthType = "v2token"
2327

28+
// AuthV3Password defines version 3 of the password
2429
AuthV3Password AuthType = "v3password"
25-
AuthV3Token AuthType = "v3token"
30+
// AuthV3Token defines version 3 of the token
31+
AuthV3Token AuthType = "v3token"
2632
)
2733

2834
// ClientOpts represents options to customize the way a client is
@@ -105,6 +111,12 @@ func GetCloudFromYAML(opts *ClientOpts) (*Cloud, error) {
105111
return nil, fmt.Errorf("Unable to determine a valid entry in clouds.yaml")
106112
}
107113

114+
// Default is to verify SSL API requests
115+
if cloud.Verify == nil {
116+
iTrue := true
117+
cloud.Verify = &iTrue
118+
}
119+
108120
return cloud, nil
109121
}
110122

openstack/clientconfig/results.go

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,24 @@ type Cloud struct {
1717
// API Version overrides.
1818
IdentityAPIVersion string `yaml:"identity_api_version"`
1919
VolumeAPIVersion string `yaml:"volume_api_version"`
20+
21+
// Verify whether or not SSL API requests should be verified.
22+
Verify *bool `yaml:"verify"`
23+
24+
// CACertFile a path to a CA Cert bundle that can be used as part of
25+
// verifying SSL API requests.
26+
CACertFile string `yaml:"cacert"`
27+
28+
// ClientCertFile a path to a client certificate to use as part of the SSL
29+
// transaction.
30+
ClientCertFile string `yaml:"cert"`
31+
32+
// ClientKeyFile a path to a client key to use as part of the SSL
33+
// transaction.
34+
ClientKeyFile string `yaml:"key"`
2035
}
2136

22-
// Auth represents the auth section of a cloud entry or
37+
// AuthInfo represents the auth section of a cloud entry or
2338
// auth options entered explicitly in ClientOpts.
2439
type AuthInfo struct {
2540
// AuthURL is the keystone/identity endpoint URL.

openstack/clientconfig/testing/clouds.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,3 +87,24 @@ clouds:
8787
token: "12345"
8888
project_name: "Some Project"
8989
region_name: "YXY"
90+
florida_insecure:
91+
profile: "Some profile"
92+
auth:
93+
auth_url: "https://fl.example.com:5000/v3"
94+
username: "jdoe"
95+
password: "password"
96+
project_id: "12345"
97+
user_domain_id: "abcde"
98+
region_name: "MIA"
99+
verify: False
100+
florida_secure:
101+
auth:
102+
auth_url: "https://fl.example.com:5000/v3"
103+
username: "jdoe"
104+
password: "password"
105+
project_id: "12345"
106+
user_domain_id: "abcde"
107+
region_name: "MIA"
108+
key: /home/myhome/client-cert.key
109+
cert: /home/myhome/client-cert.crt
110+
cacert: /home/myhome/ca.crt

openstack/clientconfig/testing/fixtures.go

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,9 @@ import (
55
"github.com/gophercloud/utils/openstack/clientconfig"
66
)
77

8+
var iTrue = true
9+
var iFalse = false
10+
811
var HawaiiCloudYAML = clientconfig.Cloud{
912
RegionName: "HNL",
1013
AuthInfo: &clientconfig.AuthInfo{
@@ -14,6 +17,7 @@ var HawaiiCloudYAML = clientconfig.Cloud{
1417
ProjectName: "Some Project",
1518
DomainName: "default",
1619
},
20+
Verify: &iTrue,
1721
}
1822

1923
var HawaiiClientOpts = &clientconfig.ClientOpts{
@@ -55,6 +59,37 @@ var FloridaCloudYAML = clientconfig.Cloud{
5559
ProjectID: "12345",
5660
UserDomainID: "abcde",
5761
},
62+
Verify: &iTrue,
63+
}
64+
65+
var InsecureFloridaCloudYAML = clientconfig.Cloud{
66+
RegionName: "MIA",
67+
AuthInfo: &clientconfig.AuthInfo{
68+
AuthURL: "https://fl.example.com:5000/v3",
69+
Username: "jdoe",
70+
Password: "password",
71+
ProjectID: "12345",
72+
UserDomainID: "abcde",
73+
},
74+
Verify: &iFalse,
75+
ClientKeyFile: "",
76+
ClientCertFile: "",
77+
CACertFile: "",
78+
}
79+
80+
var SecureFloridaCloudYAML = clientconfig.Cloud{
81+
RegionName: "MIA",
82+
AuthInfo: &clientconfig.AuthInfo{
83+
AuthURL: "https://fl.example.com:5000/v3",
84+
Username: "jdoe",
85+
Password: "password",
86+
ProjectID: "12345",
87+
UserDomainID: "abcde",
88+
},
89+
Verify: &iTrue,
90+
ClientKeyFile: "/home/myhome/client-cert.key",
91+
ClientCertFile: "/home/myhome/client-cert.crt",
92+
CACertFile: "/home/myhome/ca.crt",
5893
}
5994

6095
var FloridaClientOpts = &clientconfig.ClientOpts{
@@ -99,6 +134,7 @@ var CaliforniaCloudYAML = clientconfig.Cloud{
99134
ProjectDomainName: "default",
100135
UserDomainName: "default",
101136
},
137+
Verify: &iTrue,
102138
}
103139

104140
var CaliforniaClientOpts = &clientconfig.ClientOpts{
@@ -142,6 +178,7 @@ var ArizonaCloudYAML = clientconfig.Cloud{
142178
ProjectName: "Some Project",
143179
DomainName: "default",
144180
},
181+
Verify: &iTrue,
145182
}
146183

147184
var ArizonaClientOpts = &clientconfig.ClientOpts{
@@ -182,6 +219,7 @@ var NewMexicoCloudYAML = clientconfig.Cloud{
182219
UserDomainName: "Some OtherDomain",
183220
DomainName: "default",
184221
},
222+
Verify: &iTrue,
185223
}
186224

187225
var NewMexicoClientOpts = &clientconfig.ClientOpts{
@@ -227,6 +265,7 @@ var NevadaCloudYAML = clientconfig.Cloud{
227265
ProjectName: "Some Project",
228266
ProjectDomainName: "Some Domain",
229267
},
268+
Verify: &iTrue,
230269
}
231270

232271
var NevadaClientOpts = &clientconfig.ClientOpts{
@@ -268,6 +307,7 @@ var TexasCloudYAML = clientconfig.Cloud{
268307
UserDomainName: "Some Domain",
269308
DefaultDomain: "default",
270309
},
310+
Verify: &iTrue,
271311
}
272312

273313
var TexasClientOpts = &clientconfig.ClientOpts{
@@ -323,6 +363,7 @@ var AlbertaCloudYAML = clientconfig.Cloud{
323363
Password: "password",
324364
ProjectName: "Some Project",
325365
},
366+
Verify: &iTrue,
326367
}
327368

328369
var AlbertaClientOpts = &clientconfig.ClientOpts{
@@ -357,6 +398,7 @@ var YukonCloudYAML = clientconfig.Cloud{
357398
Token: "12345",
358399
ProjectName: "Some Project",
359400
},
401+
Verify: &iTrue,
360402
}
361403

362404
var YukonClientOpts = &clientconfig.ClientOpts{

openstack/clientconfig/testing/requests_test.go

Lines changed: 29 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -11,23 +11,36 @@ import (
1111
)
1212

1313
func TestGetCloudFromYAML(t *testing.T) {
14-
clientOpts := &clientconfig.ClientOpts{
15-
Cloud: "hawaii",
16-
EnvPrefix: "FOO",
17-
}
1814

19-
actual, err := clientconfig.GetCloudFromYAML(clientOpts)
20-
th.AssertNoErr(t, err)
21-
th.AssertDeepEquals(t, &HawaiiCloudYAML, actual)
22-
23-
clientOpts = &clientconfig.ClientOpts{
24-
Cloud: "california",
25-
EnvPrefix: "FOO",
15+
allClientOpts := map[string]*clientconfig.ClientOpts{
16+
"hawaii": &clientconfig.ClientOpts{
17+
Cloud: "hawaii",
18+
EnvPrefix: "FOO",
19+
},
20+
"california": &clientconfig.ClientOpts{
21+
Cloud: "california",
22+
EnvPrefix: "FOO",
23+
},
24+
"florida_insecure": &clientconfig.ClientOpts{
25+
Cloud: "florida_insecure",
26+
},
27+
"florida_secure": &clientconfig.ClientOpts{
28+
Cloud: "florida_secure",
29+
},
30+
}
31+
32+
expectedClouds := map[string]*clientconfig.Cloud{
33+
"hawaii": &HawaiiCloudYAML,
34+
"california": &CaliforniaCloudYAML,
35+
"florida_insecure": &InsecureFloridaCloudYAML,
36+
"florida_secure": &SecureFloridaCloudYAML,
2637
}
2738

28-
actual, err = clientconfig.GetCloudFromYAML(clientOpts)
29-
th.AssertNoErr(t, err)
30-
th.AssertDeepEquals(t, &CaliforniaCloudYAML, actual)
39+
for cloud, clientOpts := range allClientOpts {
40+
actual, err := clientconfig.GetCloudFromYAML(clientOpts)
41+
th.AssertNoErr(t, err)
42+
th.AssertDeepEquals(t, expectedClouds[cloud], actual)
43+
}
3144
}
3245

3346
func TestAuthOptionsExplicitCloud(t *testing.T) {
@@ -196,7 +209,7 @@ func TestAuthOptionsCreationFromEnv(t *testing.T) {
196209
th.AssertNoErr(t, err)
197210
th.AssertDeepEquals(t, expectedAuthOpts[cloud], actualAuthOpts)
198211

199-
for k, _ := range envVars {
212+
for k := range envVars {
200213
os.Unsetenv(k)
201214
}
202215
}
@@ -224,7 +237,7 @@ func TestAuthOptionsCreationFromLegacyEnv(t *testing.T) {
224237
th.AssertNoErr(t, err)
225238
th.AssertDeepEquals(t, expectedAuthOpts[cloud], actualAuthOpts)
226239

227-
for k, _ := range envVars {
240+
for k := range envVars {
228241
os.Unsetenv(k)
229242
}
230243
}

0 commit comments

Comments
 (0)