telegraf/testutil/tls.go

package testutil

import (
	"fmt"
	"io"
	"os"
	"path"

	"github.com/influxdata/telegraf/plugins/common/tls"
)

type pki struct {
	keyPath string
}

func NewPKI(keyPath string) *pki {
	return &pki{keyPath: keyPath}
}

func (p *pki) TLSClientConfig() *tls.ClientConfig {
	return &tls.ClientConfig{
		TLSCA:   p.CACertPath(),
		TLSCert: p.ClientCertPath(),
		TLSKey:  p.ClientKeyPath(),
	}
}

func (p *pki) TLSServerConfig() *tls.ServerConfig {
	return &tls.ServerConfig{
		TLSAllowedCACerts: []string{p.CACertPath()},
		TLSCert:           p.ServerCertPath(),
		TLSKey:            p.ServerKeyPath(),
		TLSCipherSuites:   []string{p.CipherSuite()},
		TLSMinVersion:     p.TLSMinVersion(),
		TLSMaxVersion:     p.TLSMaxVersion(),
	}
}

func (p *pki) ReadCACert() string {
	return readCertificate(p.CACertPath())
}

func (p *pki) CACertPath() string {
	return path.Join(p.keyPath, "cacert.pem")
}

func (p *pki) CipherSuite() string {
	return "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}

func (p *pki) TLSMinVersion() string {
	return "TLS11"
}

func (p *pki) TLSMaxVersion() string {
	return "TLS12"
}

func (p *pki) ReadClientCert() string {
	return readCertificate(p.ClientCertPath())
}

func (p *pki) ClientCertPath() string {
	return path.Join(p.keyPath, "clientcert.pem")
}

func (p *pki) ReadClientKey() string {
	return readCertificate(p.ClientKeyPath())
}

func (p *pki) ClientKeyPath() string {
	return path.Join(p.keyPath, "clientkey.pem")
}

func (p *pki) ClientCertAndKeyPath() string {
	return path.Join(p.keyPath, "client.pem")
}

func (p *pki) ClientEncKeyPath() string {
	return path.Join(p.keyPath, "clientenckey.pem")
}

func (p *pki) ClientPKCS8KeyPath() string {
	return path.Join(p.keyPath, "clientkey.pkcs8.pem")
}

func (p *pki) ClientEncPKCS8KeyPath() string {
	return path.Join(p.keyPath, "clientenckey.pkcs8.pem")
}

func (p *pki) ClientCertAndEncKeyPath() string {
	return path.Join(p.keyPath, "clientenc.pem")
}

func (p *pki) ReadServerCert() string {
	return readCertificate(p.ServerCertPath())
}

func (p *pki) ServerCertPath() string {
	return path.Join(p.keyPath, "servercert.pem")
}

func (p *pki) ReadServerKey() string {
	return readCertificate(p.ServerKeyPath())
}

func (p *pki) ServerKeyPath() string {
	return path.Join(p.keyPath, "serverkey.pem")
}

func (p *pki) ServerCertAndKeyPath() string {
	return path.Join(p.keyPath, "server.pem")
}

func readCertificate(filename string) string {
	file, err := os.Open(filename)
	if err != nil {
		panic(fmt.Sprintf("opening %q: %v", filename, err))
	}
	octets, err := io.ReadAll(file)
	if err != nil {
		panic(fmt.Sprintf("reading %q: %v", filename, err))
	}
	return string(octets)
}
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`package testutil`

			`import (`
			`"fmt"`
refactor: move from io/ioutil to io and os package (#9811) 2021-09-29 05:16:32 +08:00			`"io"`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`"os"`
			`"path"`

Export internal/tls package for use in execd plugins (#7697) 2020-06-26 02:44:22 +08:00			`"github.com/influxdata/telegraf/plugins/common/tls"`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`)`

			`type pki struct {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`keyPath string`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`func NewPKI(keyPath string) *pki {`
			`return &pki{keyPath: keyPath}`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

			`func (p pki) TLSClientConfig() tls.ClientConfig {`
			`return &tls.ClientConfig{`
			`TLSCA: p.CACertPath(),`
			`TLSCert: p.ClientCertPath(),`
			`TLSKey: p.ClientKeyPath(),`
			`}`
			`}`

			`func (p pki) TLSServerConfig() tls.ServerConfig {`
			`return &tls.ServerConfig{`
			`TLSAllowedCACerts: []string{p.CACertPath()},`
			`TLSCert: p.ServerCertPath(),`
			`TLSKey: p.ServerKeyPath(),`
Add capability to limit TLS versions and cipher suites (#6246) 2019-08-20 07:01:01 +08:00			`TLSCipherSuites: []string{p.CipherSuite()},`
			`TLSMinVersion: p.TLSMinVersion(),`
			`TLSMaxVersion: p.TLSMaxVersion(),`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`
			`}`

			`func (p *pki) ReadCACert() string {`
			`return readCertificate(p.CACertPath())`
			`}`

			`func (p *pki) CACertPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "cacert.pem")`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

Add capability to limit TLS versions and cipher suites (#6246) 2019-08-20 07:01:01 +08:00			`func (p *pki) CipherSuite() string {`
			`return "TLS_RSA_WITH_3DES_EDE_CBC_SHA"`
			`}`

			`func (p *pki) TLSMinVersion() string {`
			`return "TLS11"`
			`}`

			`func (p *pki) TLSMaxVersion() string {`
			`return "TLS12"`
			`}`

Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`func (p *pki) ReadClientCert() string {`
			`return readCertificate(p.ClientCertPath())`
			`}`

			`func (p *pki) ClientCertPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "clientcert.pem")`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

			`func (p *pki) ReadClientKey() string {`
			`return readCertificate(p.ClientKeyPath())`
			`}`

			`func (p *pki) ClientKeyPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "clientkey.pem")`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`func (p *pki) ClientCertAndKeyPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "client.pem")`
feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`}`

			`func (p *pki) ClientEncKeyPath() string {`
feat(common.tls): Add support for passphrase-protected private key (#13262) 2023-06-01 16:04:59 +08:00			`return path.Join(p.keyPath, "clientenckey.pem")`
			`}`

			`func (p *pki) ClientPKCS8KeyPath() string {`
			`return path.Join(p.keyPath, "clientkey.pkcs8.pem")`
			`}`

			`func (p *pki) ClientEncPKCS8KeyPath() string {`
			`return path.Join(p.keyPath, "clientenckey.pkcs8.pem")`
feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`}`

			`func (p *pki) ClientCertAndEncKeyPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "clientenc.pem")`
feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`}`

Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`func (p *pki) ReadServerCert() string {`
			`return readCertificate(p.ServerCertPath())`
			`}`

			`func (p *pki) ServerCertPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "servercert.pem")`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

			`func (p *pki) ReadServerKey() string {`
			`return readCertificate(p.ServerKeyPath())`
			`}`

			`func (p *pki) ServerKeyPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "serverkey.pem")`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`}`

feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`func (p *pki) ServerCertAndKeyPath() string {`
fix: linter fixes for "import-shadowing: The name '...' shadows an import name" (#10689) 2022-02-22 23:11:30 +08:00			`return path.Join(p.keyPath, "server.pem")`
feat: add mongodb output plugin (#9923) 2021-10-29 04:42:49 +08:00			`}`

Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`func readCertificate(filename string) string {`
			`file, err := os.Open(filename)`
			`if err != nil {`
			`panic(fmt.Sprintf("opening %q: %v", filename, err))`
			`}`
refactor: move from io/ioutil to io and os package (#9811) 2021-09-29 05:16:32 +08:00			`octets, err := io.ReadAll(file)`
Simplify testing with TLS (#4095) 2018-05-05 07:33:23 +08:00			`if err != nil {`
			`panic(fmt.Sprintf("reading %q: %v", filename, err))`
			`}`
			`return string(octets)`
			`}`