From b6938a5888d7f53b4ca2aaad680c2eacbb105394 Mon Sep 17 00:00:00 2001 From: Lenin Alevski Date: Sat, 27 Mar 2021 15:35:45 -0700 Subject: [PATCH] Check xcerts.Manager is initialized before adding certificates (#673) --- cmd/console/server.go | 14 +++++++------- pkg/certs/certs.go | 11 +++++++++++ .../Console/Buckets/ViewBucket/ViewBucket.tsx | 4 +--- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/cmd/console/server.go b/cmd/console/server.go index fb7433b1a..b8e169a62 100644 --- a/cmd/console/server.go +++ b/cmd/console/server.go @@ -17,6 +17,7 @@ package main import ( + "context" "fmt" "io/ioutil" "log" @@ -146,15 +147,14 @@ func startServer(ctx *cli.Context) error { SwaggerServerCACertificate := ctx.String("tls-ca") // load tls cert and key from swagger server tls-certificate and tls-key flags if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" { - if errAddCert := restapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); errAddCert == nil { - if x509Certs, errParseCert := config.ParsePublicCertFile(swaggerServerCertificate); errParseCert == nil && len(x509Certs) > 0 { - restapi.GlobalPublicCerts = append(restapi.GlobalPublicCerts, x509Certs[0]) - } else { - log.Println(errParseCert) - } - } else { + if errAddCert := certs.AddCertificate(context.Background(), restapi.GlobalTLSCertsManager, swaggerServerCertificate, swaggerServerCertificateKey); errAddCert != nil { log.Println(errAddCert) } + if x509Certs, errParseCert := config.ParsePublicCertFile(swaggerServerCertificate); errParseCert == nil { + if len(x509Certs) > 0 { + restapi.GlobalPublicCerts = append(restapi.GlobalPublicCerts, x509Certs[0]) + } + } } // load ca cert from swagger server tls-ca flag if SwaggerServerCACertificate != "" { diff --git a/pkg/certs/certs.go b/pkg/certs/certs.go index 840474d79..effcc4c43 100644 --- a/pkg/certs/certs.go +++ b/pkg/certs/certs.go @@ -228,3 +228,14 @@ func GetAllCertificatesAndCAs() (*x509.CertPool, []*x509.Certificate, *xcerts.Ma logger.FatalIf(err, "Unable to load the TLS configuration") return GlobalRootCAs, globalPublicCerts, globalTLSCertsManager } + +// AddCertificate check if Manager is initialized and then append a new certificate to it +func AddCertificate(ctx context.Context, manager *xcerts.Manager, publicKey, privateKey string) (err error) { + // If Cert Manager is not nil add more certificates + if manager != nil { + return manager.AddCertificate(publicKey, privateKey) + } + // Initialize cert manager + manager, err = xcerts.NewManager(ctx, publicKey, privateKey, config.LoadX509KeyPair) + return err +} diff --git a/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx b/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx index 2bceac454..23c0337f3 100644 --- a/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx +++ b/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx @@ -557,9 +557,7 @@ const ViewBucket = ({ setPolicyEdit(row); }; - const PolicyActions = [ - { type: "view", onClick: viewAction }, - ]; + const PolicyActions = [{ type: "view", onClick: viewAction }]; return (