func TestMakeProxySpec(t *testing.T) { badTests := [...]url.URL{ {Scheme: "http"}, {Scheme: "http", Host: ":"}, {Scheme: "http", Host: "localhost"}, {Scheme: "http", Host: "localhost:"}, {Scheme: "http", Host: ":8080"}, {Scheme: "http", Host: "localhost:https"}, {Scheme: "http", Host: "localhost:8080", User: url.User("username")}, {Scheme: "http", Host: "localhost:8080", User: url.UserPassword("username", "password")}, {Scheme: "http", User: url.User("username"), Host: "localhost:8080"}, {Scheme: "http", User: url.UserPassword("username", "password"), Host: "localhost:8080"}, {Scheme: "http", Host: "localhost:-1"}, {Scheme: "http", Host: "localhost:65536"}, {Scheme: "socks5", Host: ":"}, {Scheme: "socks4a", Host: ":"}, // "socks" and "socks4" are unknown types. {Scheme: "socks", Host: "localhost:1080"}, {Scheme: "socks4", Host: "localhost:1080"}, {Scheme: "unknown", Host: "localhost:9999"}, } goodTests := [...]struct { input url.URL expected ProxySpec }{ { url.URL{Scheme: "http", Host: "localhost:8080"}, ProxySpec{"http", "localhost", 8080}, }, { url.URL{Scheme: "socks5", Host: "localhost:1080"}, ProxySpec{"socks5", "localhost", 1080}, }, { url.URL{Scheme: "socks4a", Host: "localhost:1080"}, ProxySpec{"socks4a", "localhost", 1080}, }, } for _, input := range badTests { _, err := makeProxySpec(&input) if err == nil { t.Errorf("%q unexpectedly succeeded", input) } } for _, test := range goodTests { spec, err := makeProxySpec(&test.input) if err != nil { t.Fatalf("%q unexpectedly returned an error: %s", test.input, err) } if *spec != test.expected { t.Errorf("%q → %q (expected %q)", test.input, spec, test.expected) } } }
func (config Config) ToURL() *url.URL { ret := &url.URL{} hostPort := []string{} user, pass := "", "" hasUser, hasPass := false, false params := &url.Values{} hasParams := false for k, v := range config { var val string switch t := v.(type) { case string: val = t case interface { String() string }: val = t.String() case nil: val = "" default: val = fmt.Sprintf("%v", v) } switch k { case "adapter": ret.Scheme = mappedAdapter(val) case "host", "hostname": hostPort = append([]string{val}, hostPort...) case "port": hostPort = append(hostPort, val) case "database": ret.Path = fmt.Sprintf("/%s", val) case "user", "username": user = val hasUser = true case "pass", "password": pass = val hasPass = true default: params.Add(k, val) hasParams = true } } if len(hostPort) != 0 { ret.Host = strings.Join(hostPort, ":") } if hasPass { ret.User = url.UserPassword(user, pass) } else if hasUser { ret.User = url.User(user) } if hasParams { ret.RawQuery = params.Encode() } return ret }
func openMongo(c *MongoConfig) (b Backend, err error) { //build a url for connecting based on the config u := &url.URL{ Scheme: "mongodb", Host: c.Host, } //only add credentials and database in the url if they're specified if c.Username != "" && c.Password == "" { u.User = url.User(c.Username) u.Path = "/" + c.Database } if c.Username != "" && c.Password != "" { u.User = url.UserPassword(c.Username, c.Password) u.Path = "/" + c.Database } s, err := mgo.Dial(u.String()) if err != nil { err = fmt.Errorf("dial %s: %s", u, err) return } b = &mongoBackend{ tasks: s.DB(c.Database).C("tasks"), startlog: s.DB(c.Database).C("startlog"), } return }
func makeSQLClient() (*sql.DB, string) { sqlURL := connURL if len(connURL) == 0 { options := url.Values{} if context.Insecure { options.Add("sslmode", "disable") } else { options.Add("sslmode", "verify-full") options.Add("sslcert", security.ClientCertPath(context.Certs, connUser)) options.Add("sslkey", security.ClientKeyPath(context.Certs, connUser)) options.Add("sslrootcert", security.CACertPath(context.Certs)) } pgURL := url.URL{ Scheme: "postgresql", User: url.User(connUser), Host: net.JoinHostPort(connHost, connPGPort), Path: connDBName, RawQuery: options.Encode(), } sqlURL = pgURL.String() } db, err := sql.Open("postgres", sqlURL) if err != nil { panicf("failed to initialize SQL client: %s", err) } return db, sqlURL }
func processOverride(u *url.URL) { envUsername := os.Getenv(envUserName) envPassword := os.Getenv(envPassword) // Override username if provided if envUsername != "" { var password string var ok bool if u.User != nil { password, ok = u.User.Password() } if ok { u.User = url.UserPassword(envUsername, password) } else { u.User = url.User(envUsername) } } // Override password if provided if envPassword != "" { var username string if u.User != nil { username = u.User.Username() } u.User = url.UserPassword(username, envPassword) } }
func (flag *ClientFlag) Process() error { if flag.url == nil { return errors.New("specify an " + cDescr) } // Override username if set if flag.username != "" { var password string var ok bool if flag.url.User != nil { password, ok = flag.url.User.Password() } if ok { flag.url.User = url.UserPassword(flag.username, password) } else { flag.url.User = url.User(flag.username) } } // Override password if set if flag.password != "" { var username string if flag.url.User != nil { username = flag.url.User.Username() } flag.url.User = url.UserPassword(username, flag.password) } return nil }
func TestPGWireDBName(t *testing.T) { defer leaktest.AfterTest(t)() s, _, _ := serverutils.StartServer(t, base.TestServerArgs{}) defer s.Stopper().Stop() pgURL, cleanupFn := sqlutils.PGUrl(t, s.ServingAddr(), "TestPGWireDBName", url.User(security.RootUser)) pgURL.Path = "foo" defer cleanupFn() { db, err := gosql.Open("postgres", pgURL.String()) if err != nil { t.Fatal(err) } defer db.Close() if _, err := db.Exec(`CREATE DATABASE foo`); err != nil { t.Fatal(err) } if _, err := db.Exec(`CREATE TABLE bar (i INT PRIMARY KEY)`); err != nil { t.Fatal(err) } } db, err := gosql.Open("postgres", pgURL.String()) if err != nil { t.Fatal(err) } defer db.Close() if _, err := db.Exec(`INSERT INTO bar VALUES ($1)`, 1); err != nil { t.Fatal(err) } }
// PGUrl returns a postgres connection url which connects to this server with // the given user. Returns a connection string and a cleanup function which must // be called after any connection created using the string has been closed. // // In order to connect securely using postgres, this method will create // temporary on-disk copies of certain embedded security certificates. The // certificates will be created as temporary files in the provided directory, // and their filenames will have the provided prefix. The returned cleanup // function will delete these temporary files. func PGUrl(t util.Tester, ts *server.TestServer, user, tempDir, prefix string) (url.URL, func()) { host, port, err := net.SplitHostPort(ts.PGAddr()) if err != nil { t.Fatal(err) } caPath := filepath.Join(security.EmbeddedCertsDir, "ca.crt") certPath := security.ClientCertPath(security.EmbeddedCertsDir, user) keyPath := security.ClientKeyPath(security.EmbeddedCertsDir, user) // Copy these assets to disk from embedded strings, so this test can // run from a standalone binary. tempCAPath, tempCACleanup := securitytest.TempRestrictedCopy(t, caPath, tempDir, "TestLogic_ca") tempCertPath, tempCertCleanup := securitytest.TempRestrictedCopy(t, certPath, tempDir, "TestLogic_cert") tempKeyPath, tempKeyCleanup := securitytest.TempRestrictedCopy(t, keyPath, tempDir, "TestLogic_key") return url.URL{ Scheme: "postgres", User: url.User(user), Host: net.JoinHostPort(host, port), RawQuery: fmt.Sprintf("sslmode=verify-full&sslrootcert=%s&sslcert=%s&sslkey=%s", url.QueryEscape(tempCAPath), url.QueryEscape(tempCertPath), url.QueryEscape(tempKeyPath), ), }, func() { tempCACleanup() tempCertCleanup() tempKeyCleanup() } }
func TestEmptyPasswordAuth(t *testing.T) { defer afterTest(t) gopher := "gopher" ts := httptest.NewServer(HandlerFunc(func(w ResponseWriter, r *Request) { auth := r.Header.Get("Authorization") if strings.HasPrefix(auth, "Basic ") { encoded := auth[6:] decoded, err := base64.StdEncoding.DecodeString(encoded) if err != nil { t.Fatal(err) } expected := gopher + ":" s := string(decoded) if expected != s { t.Errorf("Invalid Authorization header. Got %q, wanted %q", s, expected) } } else { t.Errorf("Invalid auth %q", auth) } })) defer ts.Close() c := &Client{} req, err := NewRequest("GET", ts.URL, nil) if err != nil { t.Fatal(err) } req.URL.User = url.User(gopher) resp, err := c.Do(req) if err != nil { t.Fatal(err) } defer resp.Body.Close() }
// sanitizeHTTP cleans up repository URL and converts to https format // if currently in ssh format. // Returns sanitized url, hostName (e.g. github.com, bitbucket.com) // and possible error func sanitizeHTTP(repoURL string) (string, string, error) { u, err := url.Parse(repoURL) if err != nil { return "", "", err } // ensure the url is not ssh if u.Scheme == "ssh" { u.Scheme = "https" } // convert to http format if in ssh format if strings.Contains(u.Host, ":") { s := strings.SplitN(u.Host, ":", 2) // alter path and host if we're sure its not a port if _, err := strconv.Atoi(s[1]); err != nil { u.Host = s[0] u.Path = path.Join(s[1], u.Path) } } // Bitbucket require the user to be set into the HTTP URL if u.Host == "bitbucket.org" && u.User == nil { segments := strings.Split(u.Path, "/") u.User = url.User(segments[1]) } return u.String(), u.Host, nil }
// SetURLUser set the user credentials in the given URL. If the username or // password is not set in the URL then the default is used (if provided). func SetURLUser(u *url.URL, defaultUser, defaultPass string) { var user, pass string var userIsSet, passIsSet bool if u.User != nil { user = u.User.Username() if user != "" { userIsSet = true } pass, passIsSet = u.User.Password() } if !userIsSet && defaultUser != "" { userIsSet = true user = defaultUser } if !passIsSet && defaultPass != "" { passIsSet = true pass = defaultPass } if userIsSet && passIsSet { u.User = url.UserPassword(user, pass) } else if userIsSet { u.User = url.User(user) } }
func TestWriteLog(t *testing.T) { loc, err := time.LoadLocation("Europe/Warsaw") if err != nil { panic(err) } ts := time.Date(1983, 05, 26, 3, 30, 45, 0, loc) // A typical request with an OK response req := newRequest("GET", "http://example.com") req.RemoteAddr = "192.168.100.5" buf := new(bytes.Buffer) writeLog(buf, req, ts, http.StatusOK, 100) log := buf.String() expected := "192.168.100.5 - - [26/May/1983:03:30:45 +0200] \"GET HTTP/1.1\" 200 100\n" if log != expected { t.Fatalf("wrong log, got %q want %q", log, expected) } // Request with an unauthorized user req.URL.User = url.User("kamil") buf.Reset() writeLog(buf, req, ts, http.StatusUnauthorized, 500) log = buf.String() expected = "192.168.100.5 - kamil [26/May/1983:03:30:45 +0200] \"GET HTTP/1.1\" 401 500\n" if log != expected { t.Fatalf("wrong log, got %q want %q", log, expected) } }
// PGURL returns the URL for the postgres endpoint. func (ctx *Context) PGURL(user string) *url.URL { // Try to convert path to an absolute path. Failing to do so return path // unchanged. absPath := func(path string) string { r, err := filepath.Abs(path) if err != nil { return path } return r } options := url.Values{} if ctx.Insecure { options.Add("sslmode", "disable") } else { options.Add("sslmode", "verify-full") options.Add("sslcert", absPath(ctx.SSLCert)) options.Add("sslkey", absPath(ctx.SSLCertKey)) options.Add("sslrootcert", absPath(ctx.SSLCA)) } return &url.URL{ Scheme: "postgresql", User: url.User(user), Host: ctx.Addr, RawQuery: options.Encode(), } }
func (c *SSHCmd) URL(path string) *url.URL { return &url.URL{ User: url.User(c.config.User), Host: c.host, Path: path, } }
// ParseLocal parses rawurl into a URL object with a "file" // scheme. This will effectively never return an error. func ParseLocal(rawurl string) (u *url.URL, err error) { u = new(url.URL) u.Scheme = "file" u.User = url.User("") u.Host = "" u.Path = rawurl return u, err }
func TestMySQLDatabaseExists_Error(t *testing.T) { drv := MySQLDriver{} u := mySQLTestURL(t) u.User = url.User("invalid") exists, err := drv.DatabaseExists(u) require.Regexp(t, "Access denied for user 'invalid'@", err.Error()) require.Equal(t, false, exists) }
// URLWithoutPassword returns the URL stripped of password func (t *Target) URLWithoutPassword() *url.URL { if t.URL == nil { return nil } withoutCredentials := *t.URL withoutCredentials.User = url.User(t.URL.User.Username()) return &withoutCredentials }
func TestPostgresDatabaseExists_Error(t *testing.T) { drv := PostgresDriver{} u := postgresTestURL(t) u.User = url.User("invalid") exists, err := drv.DatabaseExists(u) require.Equal(t, "pq: role \"invalid\" does not exist", err.Error()) require.Equal(t, false, exists) }
// redactPassword returns the URL as a string with the password redacted. func redactPassword(u url.URL) string { if u.User == nil { return u.String() } u.User = url.User(u.User.Username()) return u.String() }
func (flag *ClientFlag) URLWithoutPassword() *url.URL { if flag.url == nil { return nil } withoutCredentials := *flag.url withoutCredentials.User = url.User(flag.url.User.Username()) return &withoutCredentials }
// Test that abruptly closing a pgwire connection releases all leases held by // that session. func TestPGWireConnectionCloseReleasesLeases(t *testing.T) { defer leaktest.AfterTest(t)() s, _, kvDB := serverutils.StartServer(t, base.TestServerArgs{}) defer s.Stopper().Stop() url, cleanupConn := sqlutils.PGUrl(t, s.ServingAddr(), "SetupServer", url.User(security.RootUser)) defer cleanupConn() conn, err := pq.Open(url.String()) if err != nil { t.Fatal(err) } ex := conn.(driver.Execer) if _, err := ex.Exec("CREATE DATABASE test", nil); err != nil { t.Fatal(err) } if _, err := ex.Exec("CREATE TABLE test.t (i INT PRIMARY KEY)", nil); err != nil { t.Fatal(err) } // Start a txn so leases are accumulated by queries. if _, err := ex.Exec("BEGIN", nil); err != nil { t.Fatal(err) } // Get a table lease. if _, err := ex.Exec("SELECT * FROM test.t", nil); err != nil { t.Fatal(err) } // Abruptly close the connection. if err := conn.Close(); err != nil { t.Fatal(err) } // Verify that there are no leases held. tableDesc := sqlbase.GetTableDescriptor(kvDB, "test", "t") lm := s.LeaseManager().(*LeaseManager) // Looking for a table state validates that there used to be a lease on the // table. ts := lm.findTableState(tableDesc.ID, false /* create */) if ts == nil { t.Fatal("table state not found") } ts.mu.Lock() leases := ts.active.data ts.mu.Unlock() if len(leases) != 1 { t.Fatalf("expected one lease, found: %d", len(leases)) } // Wait for the lease to be released. util.SucceedsSoon(t, func() error { ts.mu.Lock() refcount := ts.active.data[0].refcount ts.mu.Unlock() if refcount != 0 { return errors.Errorf( "expected lease to be unused, found refcount: %d", refcount) } return nil }) }
func comp_v1_Text(ctx *EngineContext, scope *Scope, ins protoface.Instruction, args []interface{}) (returnValue interface{}) { component := args[0].(string) u := scope.Value.(*url.URL) ns := &Scope{} switch component { case "scheme": ns.Value = u.Scheme case "host": ns.Value = u.Host case "path": ns.Value = u.Path case "fragment": ns.Value = u.Fragment case "userinfo": if u.User != nil { ns.Value = u.User.String() } else { ns.Value = "" } } if ns.Value != nil { for i := 0; i < ins.INumChildren(); i++ { child := ins.IGetNthChild(i) ctx.RunInstruction(ns, child) } // write value back to URL (as long as it's a string) if newVal, ok := ns.Value.(string); ok { switch component { case "scheme": u.Scheme = newVal case "host": u.Host = newVal case "path": u.Path = newVal case "fragment": u.Fragment = newVal case "userinfo": if newVal == "" { // remove the userinfo u.User = nil } else { info := strings.Split(newVal, ":") newUserinfo := url.User(info[0]) if len(info) == 2 { newUserinfo = url.UserPassword(info[0], info[1]) } u.User = newUserinfo } } returnValue = newVal } } return }
func BenchmarkPgbenchExec_Cockroach(b *testing.B) { defer tracing.Disable()() s, _, _ := serverutils.StartServer(b, base.TestServerArgs{Insecure: true}) defer s.Stopper().Stop() pgUrl, cleanupFn := sqlutils.PGUrl( b, s.ServingAddr(), "benchmarkCockroach", url.User(security.RootUser)) pgUrl.RawQuery = "sslmode=disable" defer cleanupFn() execPgbench(b, pgUrl) }
func TestDumpBytes(t *testing.T) { defer leaktest.AfterTest(t)() c, err := newCLITest(t, false) if err != nil { t.Fatal(err) } defer c.stop(true) url, cleanup := sqlutils.PGUrl(t, c.ServingAddr(), "TestDumpBytes", url.User(security.RootUser)) defer cleanup() conn := makeSQLConn(url.String()) defer conn.Close() if err := conn.Exec(` CREATE DATABASE d; SET DATABASE = d; CREATE TABLE t (b BYTES PRIMARY KEY); `, nil); err != nil { t.Fatal(err) } for i := int64(0); i < 256; i++ { if err := conn.Exec("INSERT INTO t VALUES ($1)", []driver.Value{[]byte{byte(i)}}); err != nil { t.Fatal(err) } } var b bytes.Buffer if err := DumpTable(&b, conn, "d", "t"); err != nil { t.Fatal(err) } dump := b.String() b.Reset() if err := conn.Exec(` CREATE DATABASE o; SET DATABASE = o; `, nil); err != nil { t.Fatal(err) } if err := conn.Exec(dump, nil); err != nil { t.Fatal(err) } if err := DumpTable(&b, conn, "o", "t"); err != nil { t.Fatal(err) } dump2 := b.String() if dump != dump2 { t.Fatalf("unmatching dumps:\n%s\n%s", dump, dump2) } }
// The string representation of a Node is a URL. // Please see ParseNode for a description of the format. func (n *Node) String() string { addr := net.TCPAddr{IP: n.IP, Port: int(n.TCP)} u := url.URL{ Scheme: "enode", User: url.User(fmt.Sprintf("%x", n.ID[:])), Host: addr.String(), } if n.UDP != n.TCP { u.RawQuery = "discport=" + strconv.Itoa(int(n.UDP)) } return u.String() }
// NewTestServer creates a new TestServer, but does not start it. // The cockroach binary for your OS and ARCH is downloaded automatically. // If the download fails, we attempt just call "cockroach", hoping it is // found in your path. func NewTestServer() (*TestServer, error) { cockroachBinary, err := downloadLatestBinary() if err == nil { log.Printf("Using automatically-downloaded binary: %s", cockroachBinary) } else { log.Printf("Attempting to use cockroach binary from your PATH") cockroachBinary = "cockroach" } // Force "/tmp/" so avoid OSX's really long temp directory names // which get us over the socket filename length limit. baseDir, err := ioutil.TempDir("/tmp", "cockroach-testserver") if err != nil { return nil, fmt.Errorf("could not create temp directory: %s", err) } logDir := filepath.Join(baseDir, "logs") if err := os.MkdirAll(logDir, 0755); err != nil { return nil, fmt.Errorf("could not create logs directory: %s: %s", logDir, err) } options := url.Values{ "host": []string{baseDir}, } pgurl := &url.URL{ Scheme: "postgres", User: url.User("root"), Host: fmt.Sprintf(":%d", socketPort), RawQuery: options.Encode(), } socketPath := filepath.Join(baseDir, fmt.Sprintf("%s.%d", socketFileBase, socketPort)) args := []string{ cockroachBinary, "start", "--logtostderr", "--insecure", "--port=0", "--http-port=0", "--socket=" + socketPath, "--store=" + baseDir, } ts := &TestServer{ baseDir: baseDir, pgURL: pgurl, args: args, stdout: filepath.Join(logDir, "cockroach.stdout"), stderr: filepath.Join(logDir, "cockroach.stderr"), } return ts, nil }
func getRoot() string { content := getEnv("CONTENT_URL") u, err := url.Parse(content) if err != nil { log.Fatalln("getContent: ", err) } // https://<token>@github.com/username/repo.git u.User = url.User(getEnv("TOKEN")) base := filepath.Base(u.Path) return strings.TrimSuffix(base, filepath.Ext(base)) }
// runSetUser prompts for a password, then inserts the user and hash // into the system.users table. // TODO(marc): once we have more fields in the user, we will need // to allow changing just some of them (eg: change email, but leave password). func runSetUser(cmd *cobra.Command, args []string) error { if len(args) != 1 { return usageAndError(cmd) } var err error var hashed []byte switch password { case "": hashed, err = security.PromptForPasswordAndHash() if err != nil { return err } case "-": scanner := bufio.NewScanner(os.Stdin) if scanner.Scan() { hashed, err = security.HashPassword(scanner.Text()) if err != nil { return err } if scanner.Scan() { return errors.New("multiline passwords are not permitted") } if err := scanner.Err(); err != nil { return err } } else { if err := scanner.Err(); err != nil { return err } } default: hashed, err = security.HashPassword(password) if err != nil { return err } } // Only security.RootUser can set passwords. // TODO(asubiotto): Implement appropriate server-side authorization rules // for users to be able to change their own passwords. if connUser != security.RootUser { return fmt.Errorf("only %s is allowed to set passwords", security.RootUser) } conn, err := makeSQLClient(url.User(security.RootUser)) if err != nil { return err } defer conn.Close() return runQueryAndFormatResults(conn, os.Stdout, makeQuery(`UPSERT INTO system.users VALUES ($1, $2)`, args[0], hashed), cliCtx.prettyFmt) }
// setUser sets the DB client to the specified user. // It returns a cleanup function to be run when the credentials // are no longer needed. func (t *logicTest) setUser(user string) func() { var outDBName string if t.db != nil { var inDBName string if err := t.db.QueryRow("SHOW DATABASE").Scan(&inDBName); err != nil { t.Fatal(err) } defer func() { if inDBName != outDBName { // Propagate the DATABASE setting to the newly-live connection. if _, err := t.db.Exec(fmt.Sprintf("SET DATABASE = %s", inDBName)); err != nil { t.Fatal(err) } } }() } if t.clients == nil { t.clients = map[string]*gosql.DB{} } if db, ok := t.clients[user]; ok { t.db = db t.user = user if err := t.db.QueryRow("SHOW DATABASE").Scan(&outDBName); err != nil { t.Fatal(err) } // No cleanup necessary, but return a no-op func to avoid nil pointer dereference. return func() {} } pgURL, cleanupFunc := sqlutils.PGUrl(t.T, t.srv.ServingAddr(), "TestLogic", url.User(user)) db, err := gosql.Open("postgres", pgURL.String()) if err != nil { t.Fatal(err) } t.clients[user] = db t.db = db t.user = user if t.verbose { fmt.Printf("--- new user: %s\n", user) } return cleanupFunc }
// The string representation of a Node is a URL. // Please see ParseNode for a description of the format. func (n *Node) String() string { u := url.URL{Scheme: "enode"} if n.Incomplete() { u.Host = fmt.Sprintf("%x", n.ID[:]) } else { addr := net.TCPAddr{IP: n.IP, Port: int(n.TCP)} u.User = url.User(fmt.Sprintf("%x", n.ID[:])) u.Host = addr.String() if n.UDP != n.TCP { u.RawQuery = "discport=" + strconv.Itoa(int(n.UDP)) } } return u.String() }