Only parse certificate blocks in x509_cert input (#6893)

This commit is contained in:
Benjamin Schweizer 2020-01-13 19:49:14 +01:00 committed by Daniel Nelson
parent a93eda95e1
commit 875bd7743b
3 changed files with 8 additions and 4 deletions

View File

@ -32,6 +32,7 @@
## v1.13.2 [unreleased] ## v1.13.2 [unreleased]
#### Bugfixes #### Bugfixes
- [#6890](https://github.com/influxdata/telegraf/issues/6890): Fix local certificate parsing in x509_certs input.
- [#2652](https://github.com/influxdata/telegraf/issues/2652): Warn without error when processes input is started on Windows. - [#2652](https://github.com/influxdata/telegraf/issues/2652): Warn without error when processes input is started on Windows.

View File

@ -103,11 +103,13 @@ func (c *X509Cert) getCert(u *url.URL, timeout time.Duration) ([]*x509.Certifica
return nil, fmt.Errorf("failed to parse certificate PEM") return nil, fmt.Errorf("failed to parse certificate PEM")
} }
cert, err := x509.ParseCertificate(block.Bytes) if block.Type == "CERTIFICATE" {
if err != nil { cert, err := x509.ParseCertificate(block.Bytes)
return nil, err if err != nil {
return nil, err
}
certs = append(certs, cert)
} }
certs = append(certs, cert)
if rest == nil || len(rest) == 0 { if rest == nil || len(rest) == 0 {
break break
} }

View File

@ -145,6 +145,7 @@ func TestGatherLocal(t *testing.T) {
{name: "correct certificate and extra trailing space", mode: 0640, content: pki.ReadServerCert() + " "}, {name: "correct certificate and extra trailing space", mode: 0640, content: pki.ReadServerCert() + " "},
{name: "correct certificate and extra leading space", mode: 0640, content: " " + pki.ReadServerCert()}, {name: "correct certificate and extra leading space", mode: 0640, content: " " + pki.ReadServerCert()},
{name: "correct multiple certificates", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert()}, {name: "correct multiple certificates", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert()},
{name: "correct multiple certificates and key", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert() + pki.ReadServerKey()},
{name: "correct certificate and wrong certificate", mode: 0640, content: pki.ReadServerCert() + "\n" + wrongCert, error: true}, {name: "correct certificate and wrong certificate", mode: 0640, content: pki.ReadServerCert() + "\n" + wrongCert, error: true},
{name: "correct certificate and not a certificate", mode: 0640, content: pki.ReadServerCert() + "\ntest", error: true}, {name: "correct certificate and not a certificate", mode: 0640, content: pki.ReadServerCert() + "\ntest", error: true},
{name: "correct multiple certificates and extra trailing space", mode: 0640, content: pki.ReadServerCert() + pki.ReadServerCert() + " "}, {name: "correct multiple certificates and extra trailing space", mode: 0640, content: pki.ReadServerCert() + pki.ReadServerCert() + " "},