Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #2889 by supporting CRLF and LF X.509 certificates #2890

Merged
merged 2 commits into from
Mar 17, 2020
Merged

Fixes #2889 by supporting CRLF and LF X.509 certificates #2890

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
90ccbd0
Fixes #2889 by supporting CRLF and LF certificates and adding logging…
pbudner Mar 16, 2020
dac4931
Added test for CRLF certificates
pbudner Mar 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 4 additions & 1 deletion lib/fluent/plugin_helper/cert_option.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -171,9 +171,12 @@ def cert_option_generate_server_pair_self_signed(generate_opts)

def cert_option_certificates_from_file(path)
data = File.read(path)
pattern = Regexp.compile('-+BEGIN CERTIFICATE-+\n(?:[^-]*\n)+-+END CERTIFICATE-+\n?', Regexp::MULTILINE)
pattern = Regexp.compile('-+BEGIN CERTIFICATE-+\r?\n(?:[^-]*\r?\n)+-+END CERTIFICATE-+\r?\n?', Regexp::MULTILINE)
list = []
data.scan(pattern){|match| list << OpenSSL::X509::Certificate.new(match) }
if list.length == 0
log.warn "cert_path does not contain a valid certificate"
end
list
end
end
Expand Down
19 changes: 19 additions & 0 deletions test/plugin_helper/data/cert/cert-with-CRLF.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDLDCCAhSgAwIBAgIIEJHFsHrKBGYwDQYJKoZIhvcNAQELBQAwJjEQMA4GA1UE
ChMHRmx1ZW50ZDESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTE5MDYxOTA1MTM0NVoX
DTE5MDkxODExMTg0NVowJjEQMA4GA1UEChMHRmx1ZW50ZDESMBAGA1UEAxMJbG9j
YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbUTk5n5RruI
QGhK1T8g/emKonlfWNMSj/J/f/U9NJ14ugIxyHBMqx4WaTyA4zjT2VJO5tRBe385
zlIUf8i+x7Ovt/MgsjiwXyKv7qdsE5KHLq+VXJfA+s5vAAyzBHY/BA7xxh/QqCI8
a/a1OyHyaQ9pFRFXtQBlTH7Fc1qSw5Yg0EXofa6YIBQuDjfqa7FRPj+bEWDO5PUq
OMzH5XKBUPS9GLHOqia0CnzF2a51TArC0Dl1oNFa7myVmjBuNtkG88Fkd7YNzGa+
sNBJPmuGvFXuU3XPEnrtARO/SG4g9/MQUvfMI3jFFOJAMmEKd8QXxO5FgIuEnaNO
hVRVH/e9wwIDAQABo14wXDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFPLdOVnVWuuB
7Pnvpgte4BHitzFYMA0GCSqGSIb3DQEBCwUAA4IBAQBp8LAzjWIJapwTBnnivwZk
D6Lr028mZIacbBZKsmmPi0VvDFqCvUAbHN8ytPlRBWnvvkihDkZs1TwcDCXGsWYs
dNNwsYGpk3mQxsHQ9atvy0mQGLDlfaSs/329bfVCw1cPFo9n+MeivSBoE6asdIbH
tOW3kk1XtJZ2qQJJRvexFImZc0z8c2cG0+eR5hQxQd9bLnAczi/8mZ8VzaU/O3UU
OJoVuyp0AA8f2f0f1QDaeH9stWZtJQj3ZX1DWHRE3OmVkoBdlt8EHYGggtvQaLIF
XbHigLHzYztMjmDt4fmRczu/Fu6M4xNro8jLgjiIjqlLBjDZiKrSbOwgyebwFDlv
-----END CERTIFICATE-----
2 changes: 2 additions & 0 deletions test/plugin_helper/test_cert_option.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,7 @@ class Dummy < Fluent::Plugin::TestBase
assert_equal(1, certs.length)
certs = d.cert_option_certificates_from_file("test/plugin_helper/data/cert/cert-with-no-newline.pem")
assert_equal(1, certs.length)
certs = d.cert_option_certificates_from_file("test/plugin_helper/data/cert/cert-with-CRLF.pem")
assert_equal(1, certs.length)
end
end