Skip to content
Snippets Groups Projects
Commit 3786a6d1 authored by Vincentius Raynaldi's avatar Vincentius Raynaldi
Browse files

changed getMotd function and added ca certificate openssl in makefile

parent 21ddd535
Branches
No related tags found
No related merge requests found
Pipeline #229650 failed
Stage: build
Stage: analyze
Hide whitespace changes
Inline Side-by-side
Makefile
+ 14
1
View file @ 3786a6d1
...@@ -51,10 +51,23 @@ lint: install-tools ...@@ -51,10 +51,23 @@ lint: install-tools
lint-fix: install-tools lint-fix: install-tools
./$(TOOLS_DIR)/golangci-lint run --config .golangci.yml --fix ./$(TOOLS_DIR)/golangci-lint run --config .golangci.yml --fix
generate-root-ca: pre
mkdir -p ./artifacts/ssl
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -subj '/C=DE/O=H_DA/CN=ROOT_CA' \
-keyout ./artifacts/ssl/ca.key -out ./artifacts/ssl/ca.crt; \
self-certs: self-certs:
mkdir -p ./artifacts/ssl/private mkdir -p ./artifacts/ssl/private
mkdir -p ./artifacts/ssl/certs mkdir -p ./artifacts/ssl/certs
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout ./artifacts/ssl/private/gnmi-target-selfsigned.key -out ./artifacts/ssl/certs/gnmi-target-selfsigned.crt openssl req -x509 -nodes -days 365 -newkey rsa:4096 \
-subj '/C=DE/O=H_DA/CN=TARGET' \
-keyout ./artifacts/ssl/private/gnmi-target-selfsigned.key \
-out ./artifacts/ssl/certs/gnmi-target-selfsigned.crt \
-CA ./artifacts/ssl/ca.crt \
-CAkey ./artifacts/ssl/ca.key
# openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout ./artifacts/ssl/private/gnmi-target-selfsigned.key -out ./artifacts/ssl/certs/gnmi-target-selfsigned.crt -CA ./artifacts/ssl/ca.key -CAkey ./artifacts/ssl/ca.key
# Warning: Depending on you go configuration might also clean caches, modules and docker containers from your other projects. # Warning: Depending on you go configuration might also clean caches, modules and docker containers from your other projects.
clean: clean:
......
examples/example01/osclient/additions/system_linux.go
+ 8
2
View file @ 3786a6d1
...@@ -2,6 +2,7 @@ package additions ...@@ -2,6 +2,7 @@ package additions
import ( import (
"bufio" "bufio"
// "fmt"
"os" "os"
"os/exec" "os/exec"
"strings" "strings"
...@@ -113,9 +114,14 @@ func (sys *system) GetSoftwareVersion() (string, error) { ...@@ -113,9 +114,14 @@ func (sys *system) GetSoftwareVersion() (string, error) {
} }
func (sys *system) GetMotd() (string, error) { func (sys *system) GetMotd() (string, error) {
motdMessage, err := os.ReadFile("/etc/motd")
if err == nil {
return string(motdMessage), nil
}
cmd := exec.Command("run-parts", "/etc/update-motd.d/") cmd := exec.Command("run-parts", "/etc/update-motd.d/")
motdMessage, err := cmd.Output() motdMessage, err = cmd.Output()
// motdMessage, err := os.ReadFile("/etc/motd")
if err != nil { if err != nil {
return "", err return "", err
} }
......
target.go
+ 28
26
View file @ 3786a6d1
package gnmitarget package gnmitarget
import ( import (
// "crypto/tls" "crypto/tls"
// "crypto/x509" "crypto/x509"
"net" "net"
// "os" "os"
"reflect" "reflect"
"code.fbi.h-da.de/danet/gnmi-target/handler" "code.fbi.h-da.de/danet/gnmi-target/handler"
server "code.fbi.h-da.de/danet/gnmi-target/internal/gnmiserver" server "code.fbi.h-da.de/danet/gnmi-target/internal/gnmiserver"
"google.golang.org/grpc" "google.golang.org/grpc"
// "google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials"
"google.golang.org/grpc/reflection" "google.golang.org/grpc/reflection"
not "code.fbi.h-da.de/danet/gnmi-target/internal/notifications" not "code.fbi.h-da.de/danet/gnmi-target/internal/notifications"
...@@ -93,35 +93,37 @@ func (gt *GnmiTarget) Start(bindAddress string, certFile string, keyFile string, ...@@ -93,35 +93,37 @@ func (gt *GnmiTarget) Start(bindAddress string, certFile string, keyFile string,
var grpcServer *grpc.Server var grpcServer *grpc.Server
// if insecure == false { if insecure == false {
// cert, err := tls.LoadX509KeyPair(certFile, keyFile) cert, err := tls.LoadX509KeyPair(certFile, keyFile)
// if err != nil { if err != nil {
// log.Fatalf("error in loading server certificate: %v", err) log.Fatalf("error in loading server certificate: %v", err)
// } }
// ca, err := os.ReadFile(caFile)
// pool := x509.NewCertPool() ca, err := os.ReadFile(caFile)
// if !pool.AppendCertsFromPEM(ca) { if err != nil {
// log.Fatalf("error in appending ca certificate: %v", err) log.Fatalf("error in loading ca certificate: %v %s", err, caFile)
// } }
pool := x509.NewCertPool()
if !pool.AppendCertsFromPEM(ca) {
log.Fatalf("error in appending ca certificate: %v", err)
}
// tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
// // activate mTLS // activate mTLS
// ClientAuth: tls.RequireAndVerifyClientCert, ClientAuth: tls.RequireAndVerifyClientCert,
// Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
// ClientCAs: pool, ClientCAs: pool,
// } }
// transportCredentials := credentials.NewTLS(tlsConfig) transportCredentials := credentials.NewTLS(tlsConfig)
// // Create new GRPC Server without service registered // Create new GRPC Server without service registered
// grpcServer = grpc.NewServer(grpc.Creds(transportCredentials)) grpcServer = grpc.NewServer(grpc.Creds(transportCredentials))
// } else { } else {
log.Infof("\n\n*****WARNING*********WARNING*****\nStarting without secured gnmi server!\nAll gnmi transmissions are unencrypted\n*****WARNING*********WARNING*****\n\n") log.Infof("\n\n*****WARNING*********WARNING*****\nStarting without secured gnmi server!\nAll gnmi transmissions are unencrypted\n*****WARNING*********WARNING*****\n\n")
// Create new GRPC Server without service registered // Create new GRPC Server without service registered
grpcServer = grpc.NewServer() grpcServer = grpc.NewServer()
// } }
// Register GNMI Server // Register GNMI Server
pbGNMI.RegisterGNMIServer(grpcServer, gnmiServer) pbGNMI.RegisterGNMIServer(grpcServer, gnmiServer)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment