Merge pull request #40 from getsumio/develop

buraksarac · web-flow · commit f2ecb607cdb5 · 2019-11-04T15:49:35.000+01:00
Develop
diff --git a/Dockerfile b/Dockerfile
@@ -6,8 +6,12 @@ RUN apt install openssl
 RUN update-ca-certificates --fresh
 ARG listen=0.0.0.0
 ARG port=8088
+ARG tlskey=""
+ARG tlscert=""
 ENV listen=$listen
 ENV port=$port
+ENV tlskey=$tlskey
+ENV tlscert=$tlscert
 COPY builds/linux/amd64/getsum ./ 
-CMD /app/getsum -s -l $listen -p $port -dir /tmp
+CMD ls -laZ && /app/getsum -s -l $listen -p $port -dir /tmp -tk ""$tlskey -tc ""$tlscert
 EXPOSE $port
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v2.0.2
+v2.0.3
diff --git a/internal/config/config.go b/internal/config/config.go
@@ -2,26 +2,27 @@ package config
 
 //config dto
 type Config struct {
-	File         *string `json:"file"`
-	LocalOnly    *bool
-	Proxy        *string  `json:"proxy"`
-	Algorithm    []string `json:"algorithm"`
-	Cheksum      *string  `json:"cheksum"`
-	RemoteOnly   *bool
-	LogLevel     *string
-	Timeout      *int    `json:"timeout"`
-	All          *bool   `json:"all"`
-	Key          *string `json:"key"`
-	Supplier     *string `json:"supplier"`
-	Serve        *bool
-	Listen       *string
-	Port         *int
-	Servers      ServerConfigs
-	Dir          *string
-	TLSKey       *string
-	TLSCert      *string
-	ServerConfig *string
-	Keep         *bool
+	File               *string `json:"file"`
+	LocalOnly          *bool
+	Proxy              *string  `json:"proxy"`
+	Algorithm          []string `json:"algorithm"`
+	Cheksum            *string  `json:"cheksum"`
+	RemoteOnly         *bool
+	LogLevel           *string
+	Timeout            *int    `json:"timeout"`
+	All                *bool   `json:"all"`
+	Key                *string `json:"key"`
+	Supplier           *string `json:"supplier"`
+	Serve              *bool
+	Listen             *string
+	Port               *int
+	Servers            ServerConfigs
+	Dir                *string
+	TLSKey             *string
+	TLSCert            *string
+	ServerConfig       *string
+	Keep               *bool
+	InsecureSkipVerify *bool
 }
 
 //this is for collecting server info from yaml files
diff --git a/internal/config/parser.go b/internal/config/parser.go
@@ -76,6 +76,8 @@ func parseYaml(config *Config) error {
 func ParseConfig() (*Config, error) {
 	c := new(Config)
 	var algo *string
+	c.InsecureSkipVerify = flag.Bool("insecureSkipVerify", false, "Skip TLS verification,will be used to reaching out to servers. If set TRUE and if remote servers are present servers also will skip verification while reaching out to file only for this process. So in case of file or server located behind custom certificate that can not be verified set this parameter true.")
+	flag.BoolVar(c.InsecureSkipVerify, "skipVerify", false, "shorthand for -insecureSkipVerify")
 	c.ServerConfig = flag.String("serverconfig", "", "config file location for remote servers")
 	flag.StringVar(c.ServerConfig, "sc", "", "shorthand for -serverconfig")
 	c.Serve = flag.Bool("serve", defaultServe, "Run in server mode default address 127.0.0.1:8088 otherwise set -listen and -port params")
diff --git a/internal/file/file.go b/internal/file/file.go
@@ -1,6 +1,7 @@
 package file
 
 import (
+	"crypto/tls"
 	"errors"
 	"io"
 	"io/ioutil"
@@ -35,6 +36,7 @@ type File struct {
 	Size        int64
 	Proxy       string
 	StoragePath string
+	SkipVerify  bool
 }
 
 //file location on local host
@@ -213,7 +215,8 @@ func getHttpClient(f *File, timeout int) *http.Client {
 		proxyUrl = http.ProxyURL(proxy)
 	}
 	tr := &http.Transport{
-		Proxy: proxyUrl,
+		Proxy:           proxyUrl,
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: f.SkipVerify},
 	}
 	client := &http.Client{
 		Transport: tr,
diff --git a/internal/provider/providerfactory.go b/internal/provider/providerfactory.go
@@ -1,6 +1,7 @@
 package providers
 
 import (
+	"crypto/tls"
 	"net/http"
 	"net/url"
 	"strings"
@@ -71,7 +72,8 @@ func getHttpClient(config *Config) *http.Client {
 		proxyUrl = http.ProxyURL(proxy)
 	}
 	tr := &http.Transport{
-		Proxy: proxyUrl,
+		Proxy:           proxyUrl,
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: *config.InsecureSkipVerify},
 	}
 	client := &http.Client{
 		Transport: tr,
diff --git a/internal/supplier/supplierfactory.go b/internal/supplier/supplierfactory.go
@@ -86,6 +86,7 @@ func setFields(base *BaseSupplier, algo Algorithm, config *Config) {
 	base.File.Status = base.status
 	base.File.Proxy = *config.Proxy
 	base.File.StoragePath = *config.Dir
+	base.File.SkipVerify = *config.InsecureSkipVerify
 
 	base.TimeOut = *config.Timeout
 }
diff --git a/tests/blackbox_test.go b/tests/blackbox_test.go
@@ -27,6 +27,7 @@ const (
 	validDir            = "-dir /tmp "
 	keep                = "-keep "
 	serve               = "-s " + validDir
+	tlsServe            = "-logLevel TRACE -tk ./server.key -tc ./server.crt " + validDir
 
 	MD4        = "bb137fd4893ab9d85906257ede37dfaf"
 	MD5        = "22e38a8a7d90c088064a0bbc882a69e5"
@@ -217,6 +218,18 @@ func TestServeAlgoFail(t *testing.T) {
 	execForError(commandStr, fileName, false, t, "you can only run single algorithm")
 }
 
+func TestTLS(t *testing.T) {
+	commandStr := serve + tlsServe
+	cmd := getCommand(commandStr)
+	err := cmd.Start()
+	defer killServer(cmd, t)
+	if err != nil {
+		t.Errorf("Can not start server instance! %s", err.Error())
+	}
+	commandStr = "-a MD5 -sc tlsservers.yml -skipVerify " + geturl + " " + MD5
+	execCommand(commandStr, fileName, true, t, "VALIDATED")
+}
+
 func killServer(cmd *exec.Cmd, t *testing.T) {
 	if cmd != nil && cmd.Process != nil {
 		err := cmd.Process.Kill()
diff --git a/tests/server.crt b/tests/server.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFjCCAZygAwIBAgIUMP5SAlK1s2pdtYMMPT9PybMaoR0wCgYIKoZIzj0EAwIw
+QjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UECgwT
+RGVmYXVsdCBDb21wYW55IEx0ZDAeFw0xOTExMDQxMjQ1MzJaFw0yOTExMDExMjQ1
+MzJaMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNV
+BAoME0RlZmF1bHQgQ29tcGFueSBMdGQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARm
+emzoxVgWAuBCLAHwyNZi7hdbKCZ5ZglFCLW4VhufpUg4eEK7qNsDNj6soOvTIbGL
+OfHF8MJm7dRuxCurLwfTD+JKm2giNMNDL9yonyNA/Dp+9YYEEJUaxZ2k6jttX2+j
+UzBRMB0GA1UdDgQWBBR/RaSQ6Y1RvWaC4M7BtClhq6hE1jAfBgNVHSMEGDAWgBR/
+RaSQ6Y1RvWaC4M7BtClhq6hE1jAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMC
+A2gAMGUCMCKFQ8MCrG0tdhtxNTtmXhn+pQ0kugI0JKdlcdUnOYz2G6vSIaKGGWwb
+JnDV856eAAIxAM/tbgFfoqBgfo0OOmqZft84svZANugQWeUt/+6/wAqRUcr1kDhj
+bAxQd4UfArXINg==
+-----END CERTIFICATE-----
diff --git a/tests/server.key b/tests/server.key
@@ -0,0 +1,9 @@
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDBwXz8RTNm1ZwzWc39g+7jbjVn672EofECAR47mF0LtxcSxT6p83mEm
++gSS4x6fwD2gBwYFK4EEACKhZANiAARmemzoxVgWAuBCLAHwyNZi7hdbKCZ5ZglF
+CLW4VhufpUg4eEK7qNsDNj6soOvTIbGLOfHF8MJm7dRuxCurLwfTD+JKm2giNMND
+L9yonyNA/Dp+9YYEEJUaxZ2k6jttX28=
+-----END EC PRIVATE KEY-----
diff --git a/tests/tlsservers.yml b/tests/tlsservers.yml
@@ -0,0 +1,3 @@
+servers:
+  - name: server1
+    address: https://127.0.0.1:8088

Original file line number	Diff line number	Diff line change
`@@ -86,6 +86,7 @@ func setFields(base BaseSupplier, algo Algorithm, config Config) {`
`86`	`86`	`base.File.Status = base.status`
`87`	`87`	`base.File.Proxy = *config.Proxy`
`88`	`88`	`base.File.StoragePath = *config.Dir`
	`89`	`+ base.File.SkipVerify = *config.InsecureSkipVerify`
`89`	`90`
`90`	`91`	`base.TimeOut = *config.Timeout`
`91`	`92`	`}`