當前位置: 首頁>>代碼示例>>Golang>>正文

Golang security.RunCreateNodeCert函數代碼示例

本文整理匯總了Golang中github.com/cockroachdb/cockroach/security.RunCreateNodeCert函數的典型用法代碼示例。如果您正苦於以下問題:Golang RunCreateNodeCert函數的具體用法?Golang RunCreateNodeCert怎麽用?Golang RunCreateNodeCert使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。


在下文中一共展示了RunCreateNodeCert函數的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。

示例1: TestGenerateCerts

// This is just the mechanics of certs generation.
func TestGenerateCerts(t *testing.T) {
	defer leaktest.AfterTest(t)()
	// Do not mock cert access for this test.
	security.ResetReadFileFn()
	defer ResetTest()

	certsDir := util.CreateTempDir(t, "certs_test")
	defer util.CleanupDir(certsDir)

	// Try certs generation with empty Certs dir argument.
	err := security.RunCreateCACert("", "", 512)
	if err == nil {
		t.Fatalf("Expected error, but got none")
	}
	err = security.RunCreateNodeCert(
		"", "", "", "",
		512, []string{"localhost"})
	if err == nil {
		t.Fatalf("Expected error, but got none")
	}

	// Try generating node certs without CA certs present.
	err = security.RunCreateNodeCert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		filepath.Join(certsDir, security.EmbeddedNodeCert),
		filepath.Join(certsDir, security.EmbeddedNodeKey),
		512, []string{"localhost"})
	if err == nil {
		t.Fatalf("Expected error, but got none")
	}

	// Now try in the proper order.
	err = security.RunCreateCACert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		512)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	err = security.RunCreateNodeCert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		filepath.Join(certsDir, security.EmbeddedNodeCert),
		filepath.Join(certsDir, security.EmbeddedNodeKey),
		512, []string{"localhost"})
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
}
開發者ID:CubeLite,項目名稱:cockroach,代碼行數:52,代碼來源:certs_test.go

示例2: createNodeCerts

func (l *LocalCluster) createNodeCerts() {
	nodes := []string{dockerIP().String()}
	for i := 0; i < l.numLocal; i++ {
		nodes = append(nodes, nodeStr(i))
	}
	maybePanic(security.RunCreateNodeCert(l.CertsDir, keyLen, nodes))
}
開發者ID:duguruiyuan,項目名稱:cockroach,代碼行數:7,代碼來源:localcluster.go

示例3: createNodeCerts

func (l *LocalCluster) createNodeCerts() {
	nodes := []string{dockerIP().String()}
	for _, node := range l.Nodes {
		nodes = append(nodes, node.nodeStr)
	}
	maybePanic(security.RunCreateNodeCert(l.CertsDir, keyLen, nodes))
}
開發者ID:liugangnhm,項目名稱:cockroach,代碼行數:7,代碼來源:localcluster.go

示例4: createNodeCerts

func (l *LocalCluster) createNodeCerts() {
	log.Infof("creating node (%dbit) certs in: %s", keyLen, l.CertsDir)
	nodes := []string{dockerIP().String()}
	for i := 0; i < l.numLocal; i++ {
		nodes = append(nodes, nodeStr(i))
	}
	maybePanic(security.RunCreateNodeCert(l.CertsDir, keyLen, nodes))
}
開發者ID:danieldeb,項目名稱:cockroach,代碼行數:8,代碼來源:localcluster.go

示例5: createNodeCerts

func (l *Cluster) createNodeCerts() {
	log.Infof("creating node certs")
	nodes := []string{dockerIP().String()}
	for i := range l.Nodes {
		nodes = append(nodes, node(i))
	}
	maybePanic(security.RunCreateNodeCert(l.CertsDir, 512, nodes))
}
開發者ID:ruo91,項目名稱:cockroach,代碼行數:8,代碼來源:localcluster.go

示例6: runCreateNodeCert

// runCreateNodeCert generates key pair and CA certificate and writes them
// to their corresponding files.
func runCreateNodeCert(cmd *cobra.Command, args []string) {
	err := security.RunCreateNodeCert(Context.Certs, keySize, args)
	if err != nil {
		fmt.Fprintf(osStderr, "failed to generate node certificate: %s\n", err)
		osExit(1)
		return
	}
}
開發者ID:Hellblazer,項目名稱:cockroach,代碼行數:10,代碼來源:cert.go

示例7: createNodeCerts

func (l *LocalCluster) createNodeCerts() {
	nodes := []string{dockerIP().String()}
	for _, node := range l.Nodes {
		nodes = append(nodes, node.nodeStr)
	}
	maybePanic(security.RunCreateNodeCert(
		filepath.Join(l.CertsDir, security.EmbeddedCACert),
		filepath.Join(l.CertsDir, security.EmbeddedCAKey),
		filepath.Join(l.CertsDir, security.EmbeddedNodeCert),
		filepath.Join(l.CertsDir, security.EmbeddedNodeKey),
		keyLen, nodes))
}
開發者ID:csdigi,項目名稱:cockroach,代碼行數:12,代碼來源:localcluster.go

示例8: runCreateNodeCert

// runCreateNodeCert generates key pair and CA certificate and writes them
// to their corresponding files.
func runCreateNodeCert(cmd *cobra.Command, args []string) error {
	if len(baseCtx.SSLCA) == 0 || len(baseCtx.SSLCAKey) == 0 ||
		len(baseCtx.SSLCert) == 0 || len(baseCtx.SSLCertKey) == 0 {
		mustUsage(cmd)
		return errMissingParams
	}
	if err := security.RunCreateNodeCert(baseCtx.SSLCA, baseCtx.SSLCAKey,
		baseCtx.SSLCert, baseCtx.SSLCertKey, keySize, args); err != nil {
		return fmt.Errorf("failed to generate node certificate: %s", err)
	}
	return nil
}
開發者ID:yangxuanjia,項目名稱:cockroach,代碼行數:14,代碼來源:cert.go

示例9: TestUseCerts

// This is a fairly high-level test of CA and node certificates.
// We construct SSL server and clients and use the generated certs.
func TestUseCerts(t *testing.T) {
	defer leaktest.AfterTest(t)()
	// Do not mock cert access for this test.
	security.ResetReadFileFn()
	defer ResetTest()
	certsDir := util.CreateTempDir(t, "certs_test")
	defer util.CleanupDir(certsDir)

	err := security.RunCreateCACert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		512)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	err = security.RunCreateNodeCert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		filepath.Join(certsDir, security.EmbeddedNodeCert),
		filepath.Join(certsDir, security.EmbeddedNodeKey),
		512, []string{"127.0.0.1"})
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	err = security.RunCreateClientCert(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedCAKey),
		filepath.Join(certsDir, security.EmbeddedRootCert),
		filepath.Join(certsDir, security.EmbeddedRootKey),
		512, security.RootUser)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	// Load TLS Configs. This is what TestServer and HTTPClient do internally.
	_, err = security.LoadServerTLSConfig(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedNodeCert),
		filepath.Join(certsDir, security.EmbeddedNodeKey))
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
	_, err = security.LoadClientTLSConfig(
		filepath.Join(certsDir, security.EmbeddedCACert),
		filepath.Join(certsDir, security.EmbeddedNodeCert),
		filepath.Join(certsDir, security.EmbeddedNodeKey))
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	// Start a test server and override certs.
	// We use a real context since we want generated certs.
	params := base.TestServerArgs{
		SSLCA:      filepath.Join(certsDir, security.EmbeddedCACert),
		SSLCert:    filepath.Join(certsDir, security.EmbeddedNodeCert),
		SSLCertKey: filepath.Join(certsDir, security.EmbeddedNodeKey),
	}
	s, _, _ := serverutils.StartServer(t, params)
	defer s.Stopper().Stop()

	// Insecure mode.
	clientContext := testutils.NewNodeTestBaseContext()
	clientContext.Insecure = true
	httpClient, err := clientContext.GetHTTPClient()
	if err != nil {
		t.Fatal(err)
	}
	req, err := http.NewRequest("GET", s.AdminURL()+"/_admin/v1/health", nil)
	if err != nil {
		t.Fatalf("could not create request: %v", err)
	}
	resp, err := httpClient.Do(req)
	if err == nil {
		resp.Body.Close()
		t.Fatalf("Expected SSL error, got success")
	}

	// Secure mode but no Certs: permissive config.
	clientContext = testutils.NewNodeTestBaseContext()
	clientContext.Insecure = false
	clientContext.SSLCert = ""
	httpClient, err = clientContext.GetHTTPClient()
	if err != nil {
		t.Fatal(err)
	}
	// Endpoint that does not enforce client auth (see: server/authentication_test.go)
	req, err = http.NewRequest("GET", s.AdminURL()+"/_admin/v1/health", nil)
	if err != nil {
		t.Fatalf("could not create request: %v", err)
	}
	resp, err = httpClient.Do(req)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
	resp.Body.Close()
	if resp.StatusCode != http.StatusOK {
//.........這裏部分代碼省略.........
開發者ID:CubeLite,項目名稱:cockroach,代碼行數:101,代碼來源:certs_test.go

示例10: runCreateNodeCert

// runCreateNodeCert generates key pair and CA certificate and writes them
// to their corresponding files.
func runCreateNodeCert(cmd *cobra.Command, args []string) error {
	if err := security.RunCreateNodeCert(context.Certs, keySize, args); err != nil {
		return fmt.Errorf("failed to generate node certificate: %s", err)
	}
	return nil
}
開發者ID:danieldeb,項目名稱:cockroach,代碼行數:8,代碼來源:cert.go

示例11: TestUseCerts

// This is a fairly high-level test of CA and node certificates.
// We construct SSL server and clients and use the generated certs.
func TestUseCerts(t *testing.T) {
	defer leaktest.AfterTest(t)
	// Do not mock cert access for this test.
	security.ResetReadFileFn()
	defer ResetTest()
	certsDir := util.CreateTempDir(t, "certs_test")
	defer util.CleanupDir(certsDir)

	err := security.RunCreateCACert(certsDir, 512)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	err = security.RunCreateNodeCert(certsDir, 512, []string{"127.0.0.1"})
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	err = security.RunCreateClientCert(certsDir, 512, security.RootUser)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	// Load TLS Configs. This is what TestServer and HTTPClient do internally.
	_, err = security.LoadServerTLSConfig(certsDir, "node")
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
	_, err = security.LoadClientTLSConfig(certsDir, security.NodeUser)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}

	// Start a test server and override certs.
	// We use a real context since we want generated certs.
	testCtx := server.NewContext()
	testCtx.Certs = certsDir
	testCtx.User = security.NodeUser
	testCtx.Addr = "127.0.0.1:0"
	testCtx.PGAddr = "127.0.0.1:0"
	s := &server.TestServer{Ctx: testCtx}
	if err := s.Start(); err != nil {
		t.Fatal(err)
	}
	defer s.Stop()

	// Insecure mode.
	clientContext := testutils.NewNodeTestBaseContext()
	clientContext.Insecure = true
	httpClient, err := clientContext.GetHTTPClient()
	if err != nil {
		t.Fatal(err)
	}
	req, err := http.NewRequest("GET", "https://"+s.ServingAddr()+"/_admin/health", nil)
	if err != nil {
		t.Fatalf("could not create request: %v", err)
	}
	resp, err := httpClient.Do(req)
	if err == nil {
		resp.Body.Close()
		t.Fatalf("Expected SSL error, got success")
	}

	// Secure mode but no Certs directory: permissive config.
	clientContext = testutils.NewNodeTestBaseContext()
	clientContext.Certs = ""
	httpClient, err = clientContext.GetHTTPClient()
	if err != nil {
		t.Fatal(err)
	}
	// Endpoint that does not enforce client auth (see: server/authentication_test.go)
	req, err = http.NewRequest("GET", "https://"+s.ServingAddr()+"/_admin/health", nil)
	if err != nil {
		t.Fatalf("could not create request: %v", err)
	}
	resp, err = httpClient.Do(req)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
	resp.Body.Close()
	if resp.StatusCode != http.StatusOK {
		t.Fatalf("Expected OK, got: %d", resp.StatusCode)
	}

	// Endpoint that enforces client auth (see: server/authentication_test.go)
	req, err = http.NewRequest("GET", "https://"+s.ServingAddr()+driver.Endpoint, nil)
	if err != nil {
		t.Fatalf("could not create request: %v", err)
	}
	resp, err = httpClient.Do(req)
	if err != nil {
		t.Fatalf("Expected success, got %v", err)
	}
	resp.Body.Close()
	if resp.StatusCode != http.StatusUnauthorized {
		t.Fatalf("Expected status code %d, got: %d", http.StatusUnauthorized, resp.StatusCode)
	}

//.........這裏部分代碼省略.........
開發者ID:kaustubhkurve,項目名稱:cockroach,代碼行數:101,代碼來源:certs_test.go


注:本文中的github.com/cockroachdb/cockroach/security.RunCreateNodeCert函數示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。