Skip to content

Commit

Permalink
fix: addwifisettings - track added certs to prevent duplicates error
Browse files Browse the repository at this point in the history
  • Loading branch information
@tim-shockley
tim-shockley committed Sep 6, 2023
1 parent 06b67ec commit a19e722
Show file tree
Hide file tree
Showing 2 changed files with 60 additions and 25 deletions.
51 changes: 42 additions & 9 deletions internal/local/configure.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,20 +96,24 @@ func (service *ProvisioningService) GetWifiIeee8021xCerts() (certHandles []strin
if resultCode != utils.Success {
return certHandles, keyPairHandles
}
certHandleMap := make(map[string]bool)
for i := range credentials {
inParams := &credentials[i].ElementInContext.ReferenceParameters
providesPrams := &credentials[i].ElementProvidingContext.ReferenceParameters
if providesPrams.ResourceURI == `http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_IEEE8021xSettings` {
handle := inParams.GetSelectorValue("InstanceID")
if handle != "" {
certHandles = append(certHandles, handle)
}
certHandleMap[inParams.GetSelectorValue("InstanceID")] = true
}
}
for k := range certHandleMap {
if k != "" {
certHandles = append(certHandles, k)
}
}
if len(certHandles) == 0 {
return certHandles, keyPairHandles
}

keyPairHandleMap := make(map[string]bool)
dependencies, _ := service.GetConcreteDependencies()
for i := range dependencies {
antecedent := &dependencies[i].Antecedent.ReferenceParameters
Expand All @@ -122,11 +126,16 @@ func (service *ProvisioningService) GetWifiIeee8021xCerts() (certHandles []strin
continue
}
if dependent.ResourceURI == `http://intel.com/wbem/wscim/1/amt-schema/1/AMT_PublicPrivateKeyPair` {
handle := dependent.GetSelectorValue("InstanceID")
keyPairHandles = append(keyPairHandles, handle)
keyPairHandleMap[dependent.GetSelectorValue("InstanceID")] = true
}
}
}
for k := range keyPairHandleMap {
if k != "" {
keyPairHandles = append(keyPairHandles, k)
}
}

return certHandles, keyPairHandles
}

Expand Down Expand Up @@ -212,13 +221,16 @@ func (service *ProvisioningService) ProcessWifiConfig(wifiCfg *config.WifiConfig
func (service *ProvisioningService) ProcessIeee8012xConfig(profileName string, settings *models.IEEE8021xSettings, handles *Handles) int {

// find the matching configuration
var ieee8021xConfig *config.Ieee8021xConfig
var ieee8021xConfig config.Ieee8021xConfig
var found bool
for _, curCfg := range service.flags.LocalConfig.Ieee8021xConfigs {
if curCfg.ProfileName == profileName {
ieee8021xConfig = &curCfg
ieee8021xConfig = curCfg
found = true
break
}
}
if ieee8021xConfig == nil {
if !found {
log.Errorf("missing Ieee8021xConfig %s", profileName)
return utils.MissingIeee8021xConfiguration
}
Expand Down Expand Up @@ -332,6 +344,12 @@ func (service *ProvisioningService) RollbackAddedItems(handles *Handles) {
}

func (service *ProvisioningService) AddTrustedRootCert(caCert string) (string, int) {
// check if this has been added already
for k, v := range service.handlesWithCerts {
if v == caCert {
return k, utils.Success
}

Check warning on line 351 in internal/local/configure.go

View check run for this annotation

Codecov / codecov/patch

internal/local/configure.go#L350-L351 

Added lines #L350 - L351 were not covered by tests
}
xmlMsg := service.amtMessages.PublicKeyManagementService.AddTrustedRootCertificate(caCert)
var rspEnv publickey.Response
resultCode := service.PostAndUnmarshal(xmlMsg, &rspEnv)
Expand All @@ -346,10 +364,17 @@ func (service *ProvisioningService) AddTrustedRootCert(caCert string) (string, i
if len(rspEnv.Body.AddTrustedRootCertificate_OUTPUT.CreatedCertificate.ReferenceParameters.SelectorSet.Selector) > 0 {
handle = rspEnv.Body.AddTrustedRootCertificate_OUTPUT.CreatedCertificate.ReferenceParameters.SelectorSet.Selector[0].Value
}
service.handlesWithCerts[handle] = caCert
return handle, utils.Success
}

func (service *ProvisioningService) AddClientCert(clientCert string) (string, int) {
// check if this has been added already
for k, v := range service.handlesWithCerts {
if v == clientCert {
return k, utils.Success
}

Check warning on line 376 in internal/local/configure.go

View check run for this annotation

Codecov / codecov/patch

internal/local/configure.go#L375-L376 

Added lines #L375 - L376 were not covered by tests
}
xmlMsg := service.amtMessages.PublicKeyManagementService.AddCertificate(clientCert)
var rspEnv publickey.Response
resultCode := service.PostAndUnmarshal(xmlMsg, &rspEnv)
Expand All @@ -364,10 +389,17 @@ func (service *ProvisioningService) AddClientCert(clientCert string) (string, in
if len(rspEnv.Body.AddTrustedCertificate_OUTPUT.CreatedCertificate.ReferenceParameters.SelectorSet.Selector) > 0 {
handle = rspEnv.Body.AddTrustedCertificate_OUTPUT.CreatedCertificate.ReferenceParameters.SelectorSet.Selector[0].Value
}
service.handlesWithCerts[handle] = clientCert
return handle, utils.Success
}

func (service *ProvisioningService) AddPrivateKey(privateKey string) (string, int) {
// check if this has been added already
for k, v := range service.handlesWithCerts {
if v == privateKey {
return k, utils.Success
}

Check warning on line 401 in internal/local/configure.go

View check run for this annotation

Codecov / codecov/patch

internal/local/configure.go#L399-L401 

Added lines #L399 - L401 were not covered by tests
}
xmlMsg := service.amtMessages.PublicKeyManagementService.AddKey([]byte(privateKey))
var rspEnv publickey.Response
resultCode := service.PostAndUnmarshal(xmlMsg, &rspEnv)
Expand All @@ -382,6 +414,7 @@ func (service *ProvisioningService) AddPrivateKey(privateKey string) (string, in
if len(rspEnv.Body.AddKey_OUTPUT.CreatedKey.ReferenceParameters.SelectorSet.Selector) > 0 {
handle = rspEnv.Body.AddKey_OUTPUT.CreatedKey.ReferenceParameters.SelectorSet.Selector[0].Value
}
service.handlesWithCerts[handle] = privateKey
return handle, utils.Success
}

Expand Down
34 changes: 18 additions & 16 deletions internal/local/lps.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,28 +12,30 @@ import (
)

type ProvisioningService struct {
flags *flags.Flags
serverURL string
client *wsman.Client
config *config.Config
amtCommand internalAMT.Interface
amtMessages amt.Messages
cimMessages cim.Messages
ipsMessages ips.Messages
flags *flags.Flags
serverURL string
client *wsman.Client
config *config.Config
amtCommand internalAMT.Interface
amtMessages amt.Messages
cimMessages cim.Messages
ipsMessages ips.Messages
handlesWithCerts map[string]string
}

func NewProvisioningService(flags *flags.Flags) ProvisioningService {
// supports unit testing
serverURL := "http://" + utils.LMSAddress + ":" + utils.LMSPort + "/wsman"
return ProvisioningService{
flags: flags,
client: nil,
serverURL: serverURL,
config: &flags.LocalConfig,
amtCommand: internalAMT.NewAMTCommand(),
amtMessages: amt.NewMessages(),
cimMessages: cim.NewMessages(),
ipsMessages: ips.NewMessages(),
flags: flags,
client: nil,
serverURL: serverURL,
config: &flags.LocalConfig,
amtCommand: internalAMT.NewAMTCommand(),
amtMessages: amt.NewMessages(),
cimMessages: cim.NewMessages(),
ipsMessages: ips.NewMessages(),
handlesWithCerts: make(map[string]string),
}
}

Expand Down

0 comments on commit a19e722

Please sign in to comment.