From 715ff4f5efb7e15652c630066bc0d7c33a7555a3 Mon Sep 17 00:00:00 2001 From: Paulo Pires Date: Tue, 6 Sep 2016 11:03:35 +0100 Subject: [PATCH] NATS output plug-in use internal.GetTLSConfig to instrument TLS configuration. --- plugins/outputs/nats/nats.go | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) diff --git a/plugins/outputs/nats/nats.go b/plugins/outputs/nats/nats.go index 64ed4c556..4b0b94d7a 100644 --- a/plugins/outputs/nats/nats.go +++ b/plugins/outputs/nats/nats.go @@ -1,14 +1,12 @@ package nats import ( - "crypto/tls" - "crypto/x509" "fmt" - "io/ioutil" nats_client "github.com/nats-io/nats" "github.com/influxdata/telegraf" + "github.com/influxdata/telegraf/internal" "github.com/influxdata/telegraf/plugins/outputs" "github.com/influxdata/telegraf/plugins/serializers" ) @@ -58,6 +56,7 @@ func (n *NATS) SetSerializer(serializer serializers.Serializer) { } func (n *NATS) Connect() error { + var err error // set NATS connection options opts := nats_client.DefaultOptions opts.Servers = n.Servers @@ -67,27 +66,18 @@ func (n *NATS) Connect() error { } // is TLS enabled? - var tlsConfig tls.Config - tlsConfig.InsecureSkipVerify = n.InsecureSkipVerify - if n.CAFile != "" { - rootPEM, err := ioutil.ReadFile(n.CAFile) - if err != nil || rootPEM == nil { - return fmt.Errorf("FAILED to connect to NATS (can't read root certificate): %s", err) - } - pool := x509.NewCertPool() - ok := pool.AppendCertsFromPEM([]byte(rootPEM)) - if !ok { - return fmt.Errorf("FAILED to connect to NATS (can't parse root certificate): %s", err) - } - tlsConfig.RootCAs = pool - + tlsConfig, err := internal.GetTLSConfig( + "", "", n.CAFile, n.InsecureSkipVerify) + if err != nil { + return err + } + if tlsConfig != nil { // set NATS connection TLS options opts.Secure = true - opts.TLSConfig = &tlsConfig + opts.TLSConfig = tlsConfig } // try and connect - var err error n.conn, err = opts.Connect() return err