Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

pkg/transport: check nil logger

Browse Source 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
This commit is contained in:
Gyuho Lee 2018-04-16 10:11:45 -07:00
parent f34c5dc902
commit 2bd88e378c
1 changed files with 63 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
pkg/transport/listener.go
View File

@ -116,10 +116,12 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string) (info TLSInfo, err
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
if err != nil { if err != nil {
info.Logger.Warn( if info.Logger != nil {
"cannot generate random number", info.Logger.Warn(
zap.Error(err), "cannot generate random number",
) zap.Error(err),
)
}
return return
} }
@ -145,19 +147,23 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string) (info TLSInfo, err
priv, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader) priv, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
if err != nil { if err != nil {
info.Logger.Warn( if info.Logger != nil {
"cannot generate ECDSA key", info.Logger.Warn(
zap.Error(err), "cannot generate ECDSA key",
) zap.Error(err),
)
}
return return
} }
derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, &priv.PublicKey, priv) derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, &priv.PublicKey, priv)
if err != nil { if err != nil {
info.Logger.Warn( if info.Logger != nil {
"cannot generate x509 certificate", info.Logger.Warn(
zap.Error(err), "cannot generate x509 certificate",
) zap.Error(err),
)
}
return return
} }
@ -172,7 +178,9 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string) (info TLSInfo, err
} }
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
certOut.Close() certOut.Close()
info.Logger.Debug("created cert file", zap.String("path", certPath)) if info.Logger != nil {
info.Logger.Info("created cert file", zap.String("path", certPath))
}
b, err := x509.MarshalECPrivateKey(priv) b, err := x509.MarshalECPrivateKey(priv)
if err != nil { if err != nil {
@ -180,17 +188,20 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string) (info TLSInfo, err
} }
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil { if err != nil {
info.Logger.Warn( if info.Logger != nil {
"cannot key file", info.Logger.Warn(
zap.String("path", keyPath), "cannot key file",
zap.Error(err), zap.String("path", keyPath),
) zap.Error(err),
)
}
return return
} }
pem.Encode(keyOut, &pem.Block{Type: "EC PRIVATE KEY", Bytes: b}) pem.Encode(keyOut, &pem.Block{Type: "EC PRIVATE KEY", Bytes: b})
keyOut.Close() keyOut.Close()
info.Logger.Debug("created key file", zap.String("path", keyPath)) if info.Logger != nil {
info.Logger.Info("created key file", zap.String("path", keyPath))
}
return SelfCert(lg, dirpath, hosts) return SelfCert(lg, dirpath, hosts)
} }
@ -250,38 +261,46 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) {
cfg.GetCertificate = func(clientHello *tls.ClientHelloInfo) (cert *tls.Certificate, err error) { cfg.GetCertificate = func(clientHello *tls.ClientHelloInfo) (cert *tls.Certificate, err error) {
cert, err = tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc) cert, err = tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc)
if os.IsNotExist(err) { if os.IsNotExist(err) {
info.Logger.Warn( if info.Logger != nil {
"failed to find peer cert files", info.Logger.Warn(
zap.String("cert-file", info.CertFile), "failed to find peer cert files",
zap.String("key-file", info.KeyFile), zap.String("cert-file", info.CertFile),
zap.Error(err), zap.String("key-file", info.KeyFile),
) zap.Error(err),
)
}
} else if err != nil { } else if err != nil {
info.Logger.Warn( if info.Logger != nil {
"failed to create peer certificate", info.Logger.Warn(
zap.String("cert-file", info.CertFile), "failed to create peer certificate",
zap.String("key-file", info.KeyFile), zap.String("cert-file", info.CertFile),
zap.Error(err), zap.String("key-file", info.KeyFile),
) zap.Error(err),
)
}
} }
return cert, err return cert, err
} }
cfg.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (cert *tls.Certificate, err error) { cfg.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (cert *tls.Certificate, err error) {
cert, err = tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc) cert, err = tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc)
if os.IsNotExist(err) { if os.IsNotExist(err) {
info.Logger.Warn( if info.Logger != nil {
"failed to find client cert files", info.Logger.Warn(
zap.String("cert-file", info.CertFile), "failed to find client cert files",
zap.String("key-file", info.KeyFile), zap.String("cert-file", info.CertFile),
zap.Error(err), zap.String("key-file", info.KeyFile),
) zap.Error(err),
)
}
} else if err != nil { } else if err != nil {
info.Logger.Warn( if info.Logger != nil {
"failed to create client certificate", info.Logger.Warn(
zap.String("cert-file", info.CertFile), "failed to create client certificate",
zap.String("key-file", info.KeyFile), zap.String("cert-file", info.CertFile),
zap.Error(err), zap.String("key-file", info.KeyFile),
) zap.Error(err),
)
}
} }
return cert, err return cert, err
} }