1019238693

Committed 28 Sep 2023 06:41AM UTC coverage: 77.563% (-0.5%) from 78.091%

Build # 1019238693

Build Type

push

gitlab-ci

Committed by

kacf

Commit Message

chore: Send 501 to client when server tries unsupported protocol switch.

Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>

Run Details

13 of 13 new or added lines in 1 file covered. (100.0%)

6696 of 8633 relevant lines covered (77.56%)

10658.93 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

44.07

/mender-auth/cli/actions.cpp

// Copyright 2023 Northern.tech AS
//
//    Licensed under the Apache License, Version 2.0 (the "License");
//    you may not use this file except in compliance with the License.
//    You may obtain a copy of the License at
//
//        http://www.apache.org/licenses/LICENSE-2.0
//
//    Unless required by applicable law or agreed to in writing, software
//    distributed under the License is distributed on an "AS IS" BASIS,
//    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//    See the License for the specific language governing permissions and
//    limitations under the License.

#include <mender-auth/cli/actions.hpp>

#include <string>
#include <memory>

#include <mender-auth/context.hpp>
#include <mender-auth/cli/keystore.hpp>

#include <common/conf.hpp>
#include <common/events.hpp>
#include <common/log.hpp>

#include <mender-auth/ipc/server.hpp>

namespace mender {
namespace auth {
namespace cli {

using namespace std;

namespace events = mender::common::events;
namespace log = mender::common::log;

namespace ipc = mender::auth::ipc;

shared_ptr<MenderKeyStore> KeystoreFromConfig(
        const conf::MenderConfig &config, const string &passphrase) {
        cli::StaticKey static_key = cli::StaticKey::No;
        string pem_file;
        string ssl_engine;

        // TODO: review and simplify logic as part of MEN-6668. See discussion at:
        // https://github.com/mendersoftware/mender/pull/1378#discussion_r1317185066
        if (config.https_client.key != "") {
                pem_file = config.https_client.key;
                ssl_engine = config.https_client.ssl_engine;
                static_key = cli::StaticKey::Yes;
        }
        if (config.security.auth_private_key != "") {
                pem_file = config.security.auth_private_key;
                ssl_engine = config.security.ssl_engine;
                static_key = cli::StaticKey::Yes;
        }
        if (config.https_client.key == "" && config.security.auth_private_key == "") {
                pem_file = config.paths.GetKeyFile();
                ssl_engine = config.https_client.ssl_engine;
                static_key = cli::StaticKey::No;
        }

        return make_shared<MenderKeyStore>(pem_file, ssl_engine, static_key, passphrase);
}

error::Error DoBootstrap(shared_ptr<MenderKeyStore> keystore, const bool force) {
        auto err = keystore->Load();
        if (err != error::NoError && err.code != MakeError(NoKeysError, "").code) {
                return err;
        }
        if (err.code == MakeError(NoKeysError, "").code || force) {
                log::Info("Generating new RSA key");
                err = keystore->Generate();
                if (err != error::NoError) {
                        return err;
                }
                err = keystore->Save();
                if (err != error::NoError) {
                        return err;
                }
        }
        return error::NoError;
}

DaemonAction::DaemonAction(shared_ptr<MenderKeyStore> keystore, const bool force_bootstrap) :
        keystore_(keystore),
        force_bootstrap_(force_bootstrap) {
}

ExpectedActionPtr DaemonAction::Create(
        const conf::MenderConfig &config, const string &passphrase, const bool force_bootstrap) {
        auto key_store = KeystoreFromConfig(config, passphrase);

        return make_shared<DaemonAction>(key_store, force_bootstrap);
}

error::Error DaemonAction::Execute(context::MenderContext &main_context) {
        auto err = DoBootstrap(keystore_, force_bootstrap_);
        if (err != error::NoError) {
                log::Error("Failed to bootstrap: " + err.String());
                return error::MakeError(error::ExitWithFailureError, "");
        }

        events::EventLoop loop {};

        auto ipc_server {ipc::Server(loop, main_context.GetConfig())};

        const string server_url {"http://127.0.0.1:8001"};

        err = ipc_server.Listen(server_url);
        if (err != error::NoError) {
                log::Error("Failed to start the listen loop");
                log::Error(err.String());
                return error::MakeError(error::ExitWithFailureError, "");
        }

        loop.Run();

        return error::NoError;
}

BootstrapAction::BootstrapAction(shared_ptr<MenderKeyStore> keystore, bool force_bootstrap) :
        keystore_(keystore),
        force_bootstrap_(force_bootstrap) {
}

ExpectedActionPtr BootstrapAction::Create(
        const conf::MenderConfig &config, const string &passphrase, bool force_bootstrap) {
        auto key_store = KeystoreFromConfig(config, passphrase);

        return make_shared<BootstrapAction>(key_store, force_bootstrap);
}

error::Error BootstrapAction::Execute(context::MenderContext &main_context) {
        return DoBootstrap(keystore_, force_bootstrap_);
}

} // namespace cli
} // namespace auth
} // namespace mender

1	// Copyright 2023 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	#include <mender-auth/cli/actions.hpp>
16
17	#include <string>
18	#include <memory>
19
20	#include <mender-auth/context.hpp>
21	#include <mender-auth/cli/keystore.hpp>
22
23	#include <common/conf.hpp>
24	#include <common/events.hpp>
25	#include <common/log.hpp>
26
27	#include <mender-auth/ipc/server.hpp>
28
29	namespace mender {
30	namespace auth {
31	namespace cli {
32
33	using namespace std;
34
35	namespace events = mender::common::events;
36	namespace log = mender::common::log;
37
38	namespace ipc = mender::auth::ipc;
39
40	shared_ptr<MenderKeyStore> KeystoreFromConfig(	3✔
41	const conf::MenderConfig &config, const string &passphrase) {
42	cli::StaticKey static_key = cli::StaticKey::No;	3✔
43	string pem_file;	6✔
44	string ssl_engine;	6✔
45
46	// TODO: review and simplify logic as part of MEN-6668. See discussion at:
47	// https://github.com/mendersoftware/mender/pull/1378#discussion_r1317185066
48	if (config.https_client.key != "") {	3✔
49	pem_file = config.https_client.key;	×
50	ssl_engine = config.https_client.ssl_engine;	×
51	static_key = cli::StaticKey::Yes;	×
52	}
53	if (config.security.auth_private_key != "") {	3✔
54	pem_file = config.security.auth_private_key;	×
55	ssl_engine = config.security.ssl_engine;	×
56	static_key = cli::StaticKey::Yes;	×
57	}
58	if (config.https_client.key == "" && config.security.auth_private_key == "") {	3✔
59	pem_file = config.paths.GetKeyFile();	3✔
60	ssl_engine = config.https_client.ssl_engine;	3✔
61	static_key = cli::StaticKey::No;	3✔
62	}
63
64	return make_shared<MenderKeyStore>(pem_file, ssl_engine, static_key, passphrase);	6✔
65	}
66
67	error::Error DoBootstrap(shared_ptr<MenderKeyStore> keystore, const bool force) {	3✔
68	auto err = keystore->Load();	6✔
69	if (err != error::NoError && err.code != MakeError(NoKeysError, "").code) {	4✔
70	return err;	×
71	}
72	if (err.code == MakeError(NoKeysError, "").code \|\| force) {	6✔
73	log::Info("Generating new RSA key");	2✔
74	err = keystore->Generate();	2✔
75	if (err != error::NoError) {	2✔
76	return err;	×
77	}
78	err = keystore->Save();	2✔
79	if (err != error::NoError) {	2✔
80	return err;	×
81	}
82	}
83	return error::NoError;	3✔
84	}
85
86	DaemonAction::DaemonAction(shared_ptr<MenderKeyStore> keystore, const bool force_bootstrap) :	×
87	keystore_(keystore),
88	force_bootstrap_(force_bootstrap) {	×
89	}	×
90
91	ExpectedActionPtr DaemonAction::Create(	×
92	const conf::MenderConfig &config, const string &passphrase, const bool force_bootstrap) {
93	auto key_store = KeystoreFromConfig(config, passphrase);	×
94
95	return make_shared<DaemonAction>(key_store, force_bootstrap);	×
96	}
97
98	error::Error DaemonAction::Execute(context::MenderContext &main_context) {	×
99	auto err = DoBootstrap(keystore_, force_bootstrap_);	×
100	if (err != error::NoError) {	×
101	log::Error("Failed to bootstrap: " + err.String());	×
102	return error::MakeError(error::ExitWithFailureError, "");	×
103	}
104
105	events::EventLoop loop {};	×
106
107	auto ipc_server {ipc::Server(loop, main_context.GetConfig())};	×
108
109	const string server_url {"http://127.0.0.1:8001"};	×
110
111	err = ipc_server.Listen(server_url);	×
112	if (err != error::NoError) {	×
113	log::Error("Failed to start the listen loop");	×
114	log::Error(err.String());	×
115	return error::MakeError(error::ExitWithFailureError, "");	×
116	}
117
118	loop.Run();	×
119
120	return error::NoError;	×
121	}
122
123	BootstrapAction::BootstrapAction(shared_ptr<MenderKeyStore> keystore, bool force_bootstrap) :	×
124	keystore_(keystore),
125	force_bootstrap_(force_bootstrap) {	×
126	}	×
127
128	ExpectedActionPtr BootstrapAction::Create(	3✔
129	const conf::MenderConfig &config, const string &passphrase, bool force_bootstrap) {
130	auto key_store = KeystoreFromConfig(config, passphrase);	3✔
131
132	return make_shared<BootstrapAction>(key_store, force_bootstrap);	9✔
133	}
134
135	error::Error BootstrapAction::Execute(context::MenderContext &main_context) {	3✔
136	return DoBootstrap(keystore_, force_bootstrap_);	3✔
137	}
138
139	} // namespace cli
140	} // namespace auth
141	} // namespace mender

mendersoftware / mender / 1019238693

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous