Make TLS mandatory by default when unmarshalling remote wallet options (#8133)

Co-authored-by: Raul Jordan <raul@prysmaticlabs.com>
Co-authored-by: Nishant Das <nishdas93@gmail.com>
This commit is contained in:
Radosław Kapka 2020-12-17 17:59:27 +01:00 committed by GitHub
parent f75b8a3be1
commit 25b151ab78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 1 deletions

View File

@ -137,7 +137,9 @@ func UnmarshalOptionsFile(r io.ReadCloser) (*KeymanagerOpts, error) {
log.Errorf("Could not close keymanager config file: %v", err)
}
}()
opts := &KeymanagerOpts{}
opts := &KeymanagerOpts{
RemoteCertificate: &CertificateConfig{RequireTls: true},
}
if err := json.Unmarshal(enc, opts); err != nil {
return nil, errors.Wrap(err, "could not JSON unmarshal")
}

View File

@ -1,7 +1,9 @@
package remote
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"io/ioutil"
@ -306,3 +308,23 @@ func TestRemoteKeymanager_FetchValidatingPublicKeys(t *testing.T) {
}
assert.DeepEqual(t, pubKeys, rawKeys)
}
func TestUnmarshalOptionsFile_DefaultRequireTls(t *testing.T) {
optsWithoutTls := struct {
RemoteCertificate struct {
ClientCertPath string
ClientKeyPath string
CACertPath string
}
}{}
var buffer bytes.Buffer
b, err := json.Marshal(optsWithoutTls)
require.NoError(t, err)
_, err = buffer.Write(b)
require.NoError(t, err)
r := ioutil.NopCloser(&buffer)
opts, err := UnmarshalOptionsFile(r)
assert.NoError(t, err)
assert.Equal(t, true, opts.RemoteCertificate.RequireTls)
}