Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Require a key attribute for the key_rsa resource #2891

Merged
merged 5 commits into from
Apr 12, 2018
Merged

Require a key attribute for the key_rsa resource #2891

merged 5 commits into from
Apr 12, 2018

Conversation

omar-irizarry
Copy link
Contributor

Checking that passphrase is not of type Attribute::DEFAULT_ATTRIBUTE before calling OpenSSL::PKey.read.
Also added a catch to exception OpenSSL::PKey::PKeyError to prevent a stack trace error if the passphrase was incorrect.

@omar-irizarry
Bug Fix inspec#2865
5d8a755 
Defining an attribute without a default value generates a stacktrace
Signed-off-by: Omar J Irizarry <[email protected]>
@omar-irizarry omar-irizarry requested a review from a team as a code owner March 28, 2018 04:08
@omar-irizarry
fix string quotes
e35276b 
Signed-off-by: Omar J. Irizarry <[email protected]>
jquick
jquick suggested changes Apr 3, 2018
View reviewed changes
Copy link
Contributor

@jquick jquick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @omar-irizarry ! This is a really nice addition. Do you mind adding a unit test for this case?

chris-rock
chris-rock reviewed Apr 3, 2018
View reviewed changes
lib/resources/key_rsa.rb Outdated
if @passphrase.is_a? Inspec::Attribute::DEFAULT_ATTRIBUTE
return fail_resource 'Please provide default value for attribute'
end
begin
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also consider moving the logic out of the initialize method, so that we make sure it is a control error and its not happening during initialization.

@omar-irizarry
Bug fix inspec#2865
591d724 
Moved logic out of the initilize method.
Signed-off-by: Omar Irizarry <[email protected]>
TrevorBramble
TrevorBramble suggested changes Apr 9, 2018
View reviewed changes
Copy link
Contributor

@TrevorBramble TrevorBramble left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! Have some small changes I'd like to see before merging. =^)

lib/utils/pkey_reader.rb Outdated
raise Inspec::Exceptions::ResourceFailed, 'passphrase Error'
end
key
end
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could restructure this to clarify the flow like this:

def read_pkey(filecontent, passphrase)
  default_attribute?(passphrase)

  OpenSSL::PKey.read(filecontent, passphrase)
rescue OpenSSL::PKey::PKeyError
  raise Inspec::Exceptions::ResourceFailed, 'passphrase error'
end

lib/utils/pkey_reader.rb Outdated
if passphrase.is_a? Inspec::Attribute::DEFAULT_ATTRIBUTE
raise Inspec::Exceptions::ResourceFailed, 'Please provide default value for attribute'
end
end
Copy link
Contributor

@TrevorBramble TrevorBramble Apr 9, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Predicate methods (foo?) are expected to return true/false. I think it's right to pull out the test and exception raising into another method that can be used as a guard statement in read_pkey(). So maybe this method could be renamed ensure_not_default or raise_if_default or similar instead?

@TrevorBramble TrevorBramble mentioned this pull request Apr 9, 2018
Merged
@omar-irizarry
Bug fix inspec#2865 inspec#2864
9cb966a 
refactoring for better clarity.
Signed-off-by: Omar J Irizarry <[email protected]>
@omar-irizarry
Bug fix inspec#2865 inspec#2864
a1b7c27 
fixing trailing white spaces
Signed-off-by: Omar J Irizarry <[email protected]>
TrevorBramble
TrevorBramble approved these changes Apr 12, 2018
View reviewed changes
Copy link
Contributor

@TrevorBramble TrevorBramble left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@jquick jquick changed the title Bug Fix #2865 Defining an attribute without a default value generates a stacktrace Require a key attribute for the key_rsa resource Apr 12, 2018
@jquick jquick added the Type: Enhancement Improves an existing feature label Apr 12, 2018
jquick
jquick approved these changes Apr 12, 2018
View reviewed changes
Copy link
Contributor

@jquick jquick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@jquick jquick merged commit a278ae9 into inspec:master Apr 12, 2018
@omar-irizarry omar-irizarry deleted the omar-irizarry/fix-issue-2865 branch April 26, 2018 19:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chris-rock chris-rock chris-rock left review comments

@TrevorBramble TrevorBramble TrevorBramble approved these changes

@jquick jquick jquick approved these changes

Assignees
No one assigned
Labels
Type: Enhancement Improves an existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@omar-irizarry @TrevorBramble @jquick @chris-rock