// Handle implements an http.Handler interface for the bundle handler. func (h *Handler) Handle(w http.ResponseWriter, r *http.Request) error { blob, matched, err := api.ProcessRequestFirstMatchOf(r, [][]string{ {"certificate"}, {"domain"}, }) if err != nil { log.Warningf("invalid request: %v", err) return err } flavor := blob["flavor"] bf := bundler.Ubiquitous if flavor != "" { bf = bundler.BundleFlavor(flavor) } log.Infof("request for flavor %v", bf) var result *bundler.Bundle switch matched[0] { case "domain": bundle, err := h.bundler.BundleFromRemote(blob["domain"], blob["ip"], bf) if err != nil { log.Warningf("couldn't bundle from remote: %v", err) return err } result = bundle case "certificate": bundle, err := h.bundler.BundleFromPEMorDER([]byte(blob["certificate"]), []byte(blob["private_key"]), bf, "") if err != nil { log.Warning("bad PEM certifcate or private key") return err } serverName := blob["domain"] ip := blob["ip"] if serverName != "" { err := bundle.Cert.VerifyHostname(serverName) if err != nil { return errors.Wrap(errors.CertificateError, errors.VerifyFailed, err) } } if ip != "" { err := bundle.Cert.VerifyHostname(ip) if err != nil { return errors.Wrap(errors.CertificateError, errors.VerifyFailed, err) } } result = bundle } log.Info("wrote response") return api.SendResponse(w, result) }
// bundlerMain is the main CLI of bundler functionality. func bundlerMain(args []string, c cli.Config) (err error) { bundler.IntermediateStash = c.IntDir ubiquity.LoadPlatforms(c.Metadata) flavor := bundler.BundleFlavor(c.Flavor) var b *bundler.Bundler // If it is a force bundle, don't require ca bundle and intermediate bundle // Otherwise, initialize a bundler with CA bundle and intermediate bundle. if flavor == bundler.Force { b = &bundler.Bundler{} } else { b, err = bundler.NewBundler(c.CABundleFile, c.IntBundleFile) if err != nil { return } } var bundle *bundler.Bundle if c.CertFile != "" { if c.CertFile == "-" { var certPEM, keyPEM []byte certPEM, err = cli.ReadStdin(c.CertFile) if err != nil { return } if c.KeyFile != "" { keyPEM, err = cli.ReadStdin(c.KeyFile) if err != nil { return } } bundle, err = b.BundleFromPEMorDER(certPEM, keyPEM, flavor, "") if err != nil { return } } else { // Bundle the client cert bundle, err = b.BundleFromFile(c.CertFile, c.KeyFile, flavor, c.Password) if err != nil { return } } } else if c.Domain != "" { bundle, err = b.BundleFromRemote(c.Domain, c.IP, flavor) if err != nil { return } } else { return errors.New("Must specify bundle target through -cert or -domain") } marshaled, err := bundle.MarshalJSON() if err != nil { return } fmt.Printf("%s", marshaled) return }
func (h *BundlerHandler) Handle(w http.ResponseWriter, r *http.Request) error { blob, matched, err := processRequestOneOf(r, [][]string{ {"domain"}, {"certificate"}, }) if err != nil { log.Warningf("invalid request: %v", err) return err } var result *bundler.Bundle switch matched[0] { case "domain": bundle, err := h.bundler.BundleFromRemote(blob["domain"], blob["ip"]) if err != nil { log.Warningf("couldn't bundle from remote: %v", err) return errors.NewBadRequest(err) } result = bundle case "certificate": flavor := blob["flavor"] var bf bundler.BundleFlavor = bundler.Ubiquitous if flavor != "" { bf = bundler.BundleFlavor(flavor) } bundle, err := h.bundler.BundleFromPEM([]byte(blob["certificate"]), []byte(blob["private_key"]), bf) if err != nil { log.Warning("bad PEM certifcate or private key") return errors.NewBadRequest(err) } log.Infof("request for flavour %v", flavor) result = bundle } response := newSuccessResponse(result) w.Header().Set("Content-Type", "application/json") enc := json.NewEncoder(w) err = enc.Encode(response) return err }
// bundlerMain is the main CLI of bundler functionality. // TODO(zi): Decide whether to drop the argument list and only use flags to specify all the inputs. // There are debates on whether flag or arg is more appropriate for required parameters. func bundlerMain(args []string) (err error) { // Grab cert file through args only if flag values for cert and domain are absent if Config.certFile == "" && Config.domain == "" { Config.certFile, args, err = popFirstArgument(args) if err != nil { return } } ubiquity.LoadPlatforms(Config.metadata) flavor := bundler.BundleFlavor(Config.flavor) // Initialize a bundler with CA bundle and intermediate bundle. b, err := bundler.NewBundler(Config.caBundleFile, Config.intBundleFile) if err != nil { return } var bundle *bundler.Bundle if Config.certFile != "" { // Bundle the client cert bundle, err = b.BundleFromFile(Config.certFile, Config.keyFile, flavor) if err != nil { return } } else if Config.domain != "" { bundle, err = b.BundleFromRemote(Config.domain, Config.ip) if err != nil { return } } marshaled, err := bundle.MarshalJSON() if err != nil { return } fmt.Printf("%s", marshaled) return }