CL-Softwares
/
telegraf
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow any key usage type on x509 certificate (#7760)

This commit is contained in:
Daniel Nelson 2020-06-30 00:31:07 -07:00 committed by GitHub
parent b6560c8b01
commit 1adc4f0f2a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
plugins/inputs/x509_cert/x509_cert.go
View File

@ -211,6 +211,7 @@ func (c *X509Cert) Gather(acc telegraf.Accumulator) error {
// name validation against the URL hostname.
opts := x509.VerifyOptions{
Intermediates: x509.NewCertPool(),
KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny},
}
if i == 0 {
if c.ServerName == "" {

1
plugins/inputs/x509_cert/x509_cert_test.go
View File

@ -142,6 +142,7 @@ func TestGatherLocal(t *testing.T) {
{name: "not a certificate", mode: 0640, content: "test", error: true},
{name: "wrong certificate", mode: 0640, content: wrongCert, error: true},
{name: "correct certificate", mode: 0640, content: pki.ReadServerCert()},
{name: "correct client certificate", mode: 0640, content: pki.ReadClientCert()},
{name: "correct certificate and extra trailing space", mode: 0640, content: pki.ReadServerCert() + " "},
{name: "correct certificate and extra leading space", mode: 0640, content: " " + pki.ReadServerCert()},
{name: "correct multiple certificates", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert()},