(TK-179) Remove unused ssl config functions
These functions were previously used for initializing an ssl context for the clojure http client. However, with the clojure client initialization now just wrapping the java code, these are no longer needed.
This commit is contained in:
Ruth Linehan
parent
80ed08e75b
commit
4176251521
2 changed files with 2 additions and 93 deletions
|
|
@ -14,53 +14,11 @@
|
|||
(ns puppetlabs.http.client.async
|
||||
(:import (com.puppetlabs.http.client ClientOptions RequestOptions ResponseBodyType HttpMethod)
|
||||
(org.apache.http.client.utils URIBuilder)
|
||||
(com.puppetlabs.http.client.impl JavaClient ResponseDeliveryDelegate SslUtils)))
|
||||
(:require [puppetlabs.ssl-utils.core :as ssl]
|
||||
[puppetlabs.http.client.common :as common]
|
||||
(com.puppetlabs.http.client.impl JavaClient ResponseDeliveryDelegate SslUtils))
|
||||
(:require [puppetlabs.http.client.common :as common]
|
||||
[schema.core :as schema])
|
||||
(:refer-clojure :exclude (get)))
|
||||
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||
;;; Private SSL configuration functions
|
||||
|
||||
(defn- initialize-ssl-context-from-pems
|
||||
[req]
|
||||
(-> req
|
||||
(assoc :ssl-context (ssl/pems->ssl-context
|
||||
(:ssl-cert req)
|
||||
(:ssl-key req)
|
||||
(:ssl-ca-cert req)))
|
||||
(dissoc :ssl-cert :ssl-key :ssl-ca-cert)))
|
||||
|
||||
(defn- initialize-ssl-context-from-ca-pem
|
||||
[req]
|
||||
(-> req
|
||||
(assoc :ssl-context (ssl/ca-cert-pem->ssl-context
|
||||
(:ssl-ca-cert req)))
|
||||
(dissoc :ssl-ca-cert)))
|
||||
|
||||
(defn- configure-ssl-from-pems
|
||||
"Configures an SSLEngine in the request starting from a set of PEM files"
|
||||
[req]
|
||||
(initialize-ssl-context-from-pems req))
|
||||
|
||||
(defn- configure-ssl-from-ca-pem
|
||||
"Configures an SSLEngine in the request starting from a CA PEM file"
|
||||
[req]
|
||||
(initialize-ssl-context-from-ca-pem req))
|
||||
|
||||
(schema/defn configure-ssl-ctxt :- (schema/either {} common/SslContextOptions)
|
||||
"Configures a request map to have an SSLContext. It will use an existing one
|
||||
(stored in :ssl-context) if already present, and will fall back to a set of
|
||||
PEM files (stored in :ssl-cert, :ssl-key, and :ssl-ca-cert) if those are present.
|
||||
If none of these are present this does not modify the request map."
|
||||
[opts :- common/SslOptions]
|
||||
(cond
|
||||
(:ssl-context opts) opts
|
||||
(every? opts [:ssl-cert :ssl-key :ssl-ca-cert]) (configure-ssl-from-pems opts)
|
||||
(:ssl-ca-cert opts) (configure-ssl-from-ca-pem opts)
|
||||
:else opts))
|
||||
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||
;;; Private utility functions
|
||||
|
||||
|
|
|
|||
|
|
@ -1,49 +0,0 @@
|
|||
(ns puppetlabs.http.client.async-ssl-config-test
|
||||
(:require [clojure.test :refer :all]
|
||||
[clojure.java.io :refer [resource]]
|
||||
[puppetlabs.ssl-utils.core :as ssl]
|
||||
[puppetlabs.http.client.async :as http]
|
||||
[schema.test :as schema-test])
|
||||
(:import [javax.net.ssl SSLContext]))
|
||||
|
||||
(use-fixtures :once schema-test/validate-schemas)
|
||||
|
||||
(deftest ssl-config-with-files
|
||||
(let [opts {:ssl-cert (resource "ssl/cert.pem")
|
||||
:ssl-key (resource "ssl/key.pem")
|
||||
:ssl-ca-cert (resource "ssl/ca.pem")}
|
||||
configured-opts (http/configure-ssl-ctxt opts)]
|
||||
|
||||
(testing "configure-ssl-ctxt sets up an SSLContext when given cert, key, ca-cert"
|
||||
(is (instance? SSLContext (:ssl-context configured-opts))))
|
||||
|
||||
(testing "removes ssl-cert, ssl-key, ssl-ca-cert"
|
||||
(is (not (:ssl-cert configured-opts)))
|
||||
(is (not (:ssl-key configured-opts)))
|
||||
(is (not (:ssl-ca-cert configured-opts))))))
|
||||
|
||||
(deftest ssl-config-with-ca-file
|
||||
(let [opts {:ssl-ca-cert (resource "ssl/ca.pem")}
|
||||
configured-opts (http/configure-ssl-ctxt opts)]
|
||||
|
||||
(testing "configure-ssl-ctxt sets up an SSLContext when given ca-cert"
|
||||
(is (instance? SSLContext (:ssl-context configured-opts))))
|
||||
|
||||
(testing "removes ssl-ca-cert"
|
||||
(is (not (:ssl-ca-cert configured-opts))))))
|
||||
|
||||
(deftest ssl-config-without-ssl-params
|
||||
(let [configured-opts (http/configure-ssl-ctxt {})]
|
||||
|
||||
(testing "configure-ssl-ctxt does nothing when given no ssl parameters"
|
||||
(is (= {} configured-opts)))))
|
||||
|
||||
(deftest ssl-config-with-context
|
||||
(let [opts {:ssl-context (ssl/pems->ssl-context
|
||||
(resource "ssl/cert.pem")
|
||||
(resource "ssl/key.pem")
|
||||
(resource "ssl/ca.pem"))}
|
||||
configured-opts (http/configure-ssl-ctxt opts)]
|
||||
|
||||
(testing "configure-ssl-ctxt uses an existing ssl context"
|
||||
(is (instance? SSLContext (:ssl-context configured-opts))))))
|
||||
Loading…
Reference in a new issue