* tlsConfigStatus.usable is public, renamed ("ValidPair") and is exported to json ("valid_pair")

This commit is contained in:
Simon Zolin 2019-02-27 17:36:02 +03:00
parent f4a6ca726c
commit 5ad9f8ead2
5 changed files with 8 additions and 4 deletions

2
app.go
View File

@ -179,7 +179,7 @@ func run(args options) {
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS)) address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
// validate current TLS config and update warnings (it could have been loaded from file) // validate current TLS config and update warnings (it could have been loaded from file)
data := validateCertificates(config.TLS.CertificateChain, config.TLS.PrivateKey, config.TLS.ServerName) data := validateCertificates(config.TLS.CertificateChain, config.TLS.PrivateKey, config.TLS.ServerName)
if !data.usable { if !data.ValidPair {
log.Fatal(data.WarningValidation) log.Fatal(data.WarningValidation)
os.Exit(1) os.Exit(1)
} }

View File

@ -87,7 +87,7 @@ type tlsConfigStatus struct {
KeyType string `yaml:"-" json:"key_type,omitempty"` // KeyType is one of RSA or ECDSA KeyType string `yaml:"-" json:"key_type,omitempty"` // KeyType is one of RSA or ECDSA
// is usable? set by validator // is usable? set by validator
usable bool ValidPair bool `yaml:"-" json:"valid_pair"` // ValidPair is true if both certificate and private key are correct
// warnings // warnings
WarningValidation string `yaml:"-" json:"warning_validation,omitempty"` // WarningValidation is a validation warning message with the issue description WarningValidation string `yaml:"-" json:"warning_validation,omitempty"` // WarningValidation is a validation warning message with the issue description

View File

@ -1227,7 +1227,7 @@ func validateCertificates(certChain, pkey, serverName string) tlsConfigStatus {
data.WarningValidation = fmt.Sprintf("Invalid certificate or key: %s", err) data.WarningValidation = fmt.Sprintf("Invalid certificate or key: %s", err)
return data return data
} }
data.usable = true data.ValidPair = true
} }
return data return data

View File

@ -71,7 +71,7 @@ kXS9jgARhhiWXJrk
data.NotBefore == notBefore && data.NotBefore == notBefore &&
data.NotAfter == notAfter && data.NotAfter == notAfter &&
// data.DNSNames[0] == && // data.DNSNames[0] == &&
data.usable) { data.ValidPair) {
t.Fatalf("valid cert & priv key: validateCertificates(): %v", data) t.Fatalf("valid cert & priv key: validateCertificates(): %v", data)
} }
} }

View File

@ -1247,6 +1247,10 @@ definitions:
type: "string" type: "string"
example: "You have specified an empty certificate" example: "You have specified an empty certificate"
description: "warning_validation is a validation warning message with the issue description" description: "warning_validation is a validation warning message with the issue description"
valid_pair:
type: "boolean"
example: "true"
description: "valid_pair is true if both certificate and private key are correct"
NetInterface: NetInterface:
type: "object" type: "object"
description: "Network interface info" description: "Network interface info"