Esempio n. 1
0
// metaDiscoverPubKeyLocations discovers the locations of public keys through ACDiscovery by applying prefix as an ACApp
func (m *Manager) metaDiscoverPubKeyLocations(prefix string) ([]string, error) {
	app, err := discovery.NewAppFromString(prefix)
	if err != nil {
		return nil, err
	}

	hostHeaders := config.ResolveAuthPerHost(m.AuthPerHost)
	insecure := discovery.InsecureNone
	if m.InsecureAllowHTTP {
		insecure = insecure | discovery.InsecureHttp
	}
	if m.InsecureSkipTLSCheck {
		insecure = insecure | discovery.InsecureTls
	}
	ep, attempts, err := discovery.DiscoverPublicKeys(*app, hostHeaders, insecure)
	if err != nil {
		return nil, err
	}

	if m.Debug {
		for _, a := range attempts {
			log.PrintE(fmt.Sprintf("meta tag 'ac-discovery-pubkeys' not found on %s", a.Prefix), a.Error)
		}
	}

	return ep.Keys, nil
}
Esempio n. 2
0
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
	// TODO(krnowak): Instead of hardcoding InsecureHttp, we probably
	// should use f.InsecureFlags.AllowHttp and
	// f.InsecureFlags.AllowHttpCredentials (if they are
	// introduced) on it. Needs some work first on appc/spec side.
	// https://github.com/appc/spec/issues/545
	// https://github.com/coreos/rkt/issues/1836
	insecure := discovery.InsecureHttp
	if f.InsecureFlags.SkipTlsCheck() {
		insecure = insecure | discovery.InsecureTls
	}
	hostHeaders := config.ResolveAuthPerHost(f.Headers)
	ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
	if f.Debug {
		for _, a := range attempts {
			stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
		}
	}
	if err != nil {
		return nil, err
	}
	if len(ep.ACIEndpoints) == 0 {
		return nil, fmt.Errorf("no endpoints discovered")
	}
	return ep, nil
}
Esempio n. 3
0
func discoverApp(app *discovery.App, headers map[string]config.Headerer, insecure bool) (*discovery.Endpoints, error) {
	hostHeaders := config.ResolveAuthPerHost(headers)
	ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
	if globalFlags.Debug {
		for _, a := range attempts {
			stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
		}
	}
	if err != nil {
		return nil, err
	}
	if len(ep.ACIEndpoints) == 0 {
		return nil, fmt.Errorf("no endpoints discovered")
	}
	return ep, nil
}
Esempio n. 4
0
// metaDiscoverPubKeyLocations discovers the public key through ACDiscovery by applying prefix as an ACApp
func (m *Manager) metaDiscoverPubKeyLocations(prefix string) ([]string, error) {
	app, err := discovery.NewAppFromString(prefix)
	if err != nil {
		return nil, err
	}

	hostHeaders := config.ResolveAuthPerHost(m.AuthPerHost)
	ep, attempts, err := discovery.DiscoverPublicKeys(*app, hostHeaders, m.InsecureAllowHttp)
	if err != nil {
		return nil, err
	}

	if m.Debug {
		for _, a := range attempts {
			stderr("meta tag 'ac-discovery-pubkeys' not found on %s: %v", a.Prefix, a.Error)
		}
	}

	return ep.Keys, nil
}
Esempio n. 5
0
func (f *nameFetcher) discoverApp(app *discovery.App) (discovery.ACIEndpoints, error) {
	insecure := discovery.InsecureNone
	if f.InsecureFlags.SkipTLSCheck() {
		insecure = insecure | discovery.InsecureTLS
	}
	if f.InsecureFlags.AllowHTTP() {
		insecure = insecure | discovery.InsecureHTTP
	}
	hostHeaders := config.ResolveAuthPerHost(f.Headers)
	ep, attempts, err := discovery.DiscoverACIEndpoints(*app, hostHeaders, insecure, 0)
	if f.Debug {
		for _, a := range attempts {
			log.PrintE(fmt.Sprintf("meta tag 'ac-discovery' not found on %s", a.Prefix), a.Error)
		}
	}
	if err != nil {
		return nil, err
	}
	if len(ep) == 0 {
		return nil, fmt.Errorf("no endpoints discovered")
	}
	return ep, nil
}
Esempio n. 6
0
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
	insecure := discovery.InsecureNone
	if f.InsecureFlags.SkipTlsCheck() {
		insecure = insecure | discovery.InsecureTls
	}
	if f.InsecureFlags.AllowHTTP() {
		insecure = insecure | discovery.InsecureHttp
	}
	hostHeaders := config.ResolveAuthPerHost(f.Headers)
	ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
	if f.Debug {
		for _, a := range attempts {
			stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
		}
	}
	if err != nil {
		return nil, err
	}
	if len(ep.ACIEndpoints) == 0 {
		return nil, fmt.Errorf("no endpoints discovered")
	}
	return ep, nil
}