From 47166fc9cabe52d7ffcd107572a0794e9ab20592 Mon Sep 17 00:00:00 2001 From: Naoki Ainoya <2300438+ainoya@users.noreply.github.com> Date: Fri, 8 Feb 2019 12:41:38 +0900 Subject: [PATCH] add missing key `bound_cidrs` in pathCertRead Response (#6080) --- builtin/credential/cert/backend_test.go | 19 ++++++++++++++++++- builtin/credential/cert/path_certs.go | 1 + 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/builtin/credential/cert/backend_test.go b/builtin/credential/cert/backend_test.go index a6f3693be6..7a077a615b 100644 --- a/builtin/credential/cert/backend_test.go +++ b/builtin/credential/cert/backend_test.go @@ -3,6 +3,7 @@ package cert import ( "context" "crypto/rand" + "github.com/hashicorp/go-sockaddr" "net/http" "golang.org/x/net/http2" @@ -1200,6 +1201,7 @@ func TestBackend_validCIDR(t *testing.T) { } name := "web" + boundCIDRs := []string{"127.0.0.1", "128.252.0.0/16"} addCertReq := &logical.Request{ Operation: logical.UpdateOperation, @@ -1211,7 +1213,7 @@ func TestBackend_validCIDR(t *testing.T) { "allowed_names": "", "required_extensions": "", "lease": 1000, - "bound_cidrs": []string{"127.0.0.1/32", "128.252.0.0/16"}, + "bound_cidrs": boundCIDRs, }, Storage: storage, Connection: &logical.Connection{ConnState: &connState}, @@ -1222,6 +1224,21 @@ func TestBackend_validCIDR(t *testing.T) { t.Fatal(err) } + readCertReq := &logical.Request{ + Operation: logical.ReadOperation, + Path: "certs/" + name, + Storage: storage, + Connection: &logical.Connection{ConnState: &connState}, + } + + readResult, err := b.HandleRequest(context.Background(), readCertReq) + cidrsResult := readResult.Data["bound_cidrs"].([]*sockaddr.SockAddrMarshaler) + + if cidrsResult[0].String() != boundCIDRs[0] || + cidrsResult[1].String() != boundCIDRs[1] { + t.Fatalf("bound_cidrs couldn't be set correctly, EXPECTED: %v, ACTUAL: %v", boundCIDRs, cidrsResult) + } + loginReq := &logical.Request{ Operation: logical.UpdateOperation, Path: "login", diff --git a/builtin/credential/cert/path_certs.go b/builtin/credential/cert/path_certs.go index 292b3cedb6..36bf97181d 100644 --- a/builtin/credential/cert/path_certs.go +++ b/builtin/credential/cert/path_certs.go @@ -198,6 +198,7 @@ func (b *backend) pathCertRead(ctx context.Context, req *logical.Request, d *fra "allowed_uri_sans": cert.AllowedURISANs, "allowed_organizational_units": cert.AllowedOrganizationalUnits, "required_extensions": cert.RequiredExtensions, + "bound_cidrs": cert.BoundCIDRs, }, }, nil }