@@ -53,7 +53,8 @@ static inline void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
5353#endif
5454
5555static int is_test_mode (void );
56- static flb_sds_t mock_imds_request (struct flb_oci_logan * ctx , const char * path );
56+ static flb_sds_t mock_imds_request (struct flb_oci_logan * ctx ,
57+ const char * path );
5758static flb_sds_t mock_federation_response (struct flb_oci_logan * ctx );
5859
5960static int create_pk_context (flb_sds_t filepath , const char * key_passphrase ,
@@ -358,7 +359,8 @@ static flb_sds_t make_imds_request(struct flb_oci_logan *ctx,
358359 if (is_test_mode ()) {
359360 if (getenv ("TEST_IMDS_SUCCESS" )) {
360361 return mock_imds_request (ctx , path );
361- } else if (getenv ("TEST_IMDS_FAILURE" )) {
362+ }
363+ else if (getenv ("TEST_IMDS_FAILURE" )) {
362364 return NULL ;
363365 }
364366 }
@@ -487,7 +489,9 @@ flb_sds_t calculate_certificate_fingerprint(struct flb_oci_logan *ctx,
487489 flb_sds_t fingerprint = NULL ;
488490
489491 if (is_test_mode () && getenv ("TEST_IMDS_SUCCESS" )) {
490- return flb_sds_create ("AA:BB:CC:DD:EE:FF:00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD" );
492+ return
493+ flb_sds_create
494+ ("AA:BB:CC:DD:EE:FF:00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD" );
491495 }
492496
493497 bio = BIO_new_mem_buf (cert_pem , -1 );
@@ -576,11 +580,14 @@ bool extract_tenancy_ocid(struct flb_oci_logan *ctx, const char *cert_pem)
576580 const char * prefix = "opc-tenant:ocid1.tenancy" ;
577581 size_t prefix_len = strlen (prefix );
578582
579- if (ou && ou_len > (int ) prefix_len && memcmp (ou , prefix , prefix_len ) == 0 ) {
583+ if (ou && ou_len > (int ) prefix_len
584+ && memcmp (ou , prefix , prefix_len ) == 0 ) {
580585 const unsigned char * colon = memchr (ou , ':' , ou_len );
581586 if (colon && (colon + 1 ) < (ou + ou_len )) {
582587 size_t ocid_len = (ou + ou_len ) - (colon + 1 );
583- tenancy_ocid = flb_sds_create_len ((const char * ) (colon + 1 ), ocid_len );
588+ tenancy_ocid =
589+ flb_sds_create_len ((const char * ) (colon + 1 ),
590+ ocid_len );
584591 break ;
585592 }
586593 }
@@ -609,22 +616,30 @@ int get_keys_and_certs(struct flb_oci_logan *ctx, struct flb_config *config)
609616
610617 if (is_test_mode () && getenv ("TEST_IMDS_SUCCESS" )) {
611618 ctx -> imds .region = flb_sds_create ("us-phoenix-1" );
612- ctx -> imds .leaf_cert = flb_sds_create ("-----BEGIN CERTIFICATE-----\ntest\n-----END CERTIFICATE-----" );
619+ ctx -> imds .leaf_cert =
620+ flb_sds_create
621+ ("-----BEGIN CERTIFICATE-----\ntest\n-----END CERTIFICATE-----" );
613622 ctx -> imds .intermediate_cert = flb_sds_create ("" );
614- ctx -> imds .leaf_key = flb_sds_create ("-----BEGIN RSA PRIVATE KEY-----\ntest\n-----END RSA PRIVATE KEY-----" );
623+ ctx -> imds .leaf_key =
624+ flb_sds_create
625+ ("-----BEGIN RSA PRIVATE KEY-----\ntest\n-----END RSA PRIVATE KEY-----" );
615626 ctx -> imds .tenancy_ocid = flb_sds_create ("ocid1.tenancy.oc1.phx.test" );
616- ctx -> imds .fingerprint = flb_sds_create ("AA:BB:CC:DD:EE:FF:00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD" );
627+ ctx -> imds .fingerprint =
628+ flb_sds_create
629+ ("AA:BB:CC:DD:EE:FF:00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD" );
617630 return 1 ;
618631 }
619632
620633 if (!is_test_mode ()) {
621634 ctx -> u =
622- flb_upstream_create (config , ORACLE_IMDS_HOST , 80 , FLB_IO_TCP , NULL );
635+ flb_upstream_create (config , ORACLE_IMDS_HOST , 80 , FLB_IO_TCP ,
636+ NULL );
623637 if (!ctx -> u ) {
624- flb_plg_error (ctx -> ins , "failed to create imds upstream connection" );
638+ flb_plg_error (ctx -> ins ,
639+ "failed to create imds upstream connection" );
625640 return 0 ;
626641 }
627-
642+
628643 u_conn = flb_upstream_conn_get (ctx -> u );
629644 if (!u_conn ) {
630645 flb_plg_error (ctx -> ins , "failed to get imds upstream connection" );
@@ -696,7 +711,7 @@ int get_keys_and_certs(struct flb_oci_logan *ctx, struct flb_config *config)
696711 flb_plg_error (ctx -> ins , "calculate_certificate_fingerprint failed" );
697712 goto error ;
698713 }
699-
714+
700715 if (!is_test_mode ()) {
701716 flb_upstream_conn_release (u_conn );
702717 flb_upstream_destroy (ctx -> u );
@@ -1775,7 +1790,12 @@ int flb_oci_logan_conf_destroy(struct flb_oci_logan *ctx)
17751790 flb_sds_destroy (ctx -> imds .tenancy_ocid );
17761791 }
17771792 if (ctx -> imds .leaf_cert ) {
1778- flb_sds_destroy (ctx -> imds .leaf_cert );
1793+ if (is_test_mode ()) {
1794+ flb_sds_destroy (ctx -> imds .leaf_cert );
1795+ }
1796+ else {
1797+ flb_free (ctx -> imds .leaf_cert );
1798+ }
17791799 }
17801800 if (ctx -> imds .session_pubkey ) {
17811801 free (ctx -> imds .session_pubkey );
@@ -1786,7 +1806,7 @@ int flb_oci_logan_conf_destroy(struct flb_oci_logan *ctx)
17861806 if (ctx -> session_key_pair ) {
17871807 EVP_PKEY_free (ctx -> session_key_pair );
17881808 }
1789-
1809+
17901810 if (ctx -> security_token .token ) {
17911811 flb_sds_destroy (ctx -> security_token .token );
17921812 }
@@ -1828,114 +1848,114 @@ int flb_oci_logan_conf_destroy(struct flb_oci_logan *ctx)
18281848 return 0 ;
18291849}
18301850
1831- static int is_test_mode (void ) {
1851+ static int is_test_mode (void )
1852+ {
18321853 return getenv ("FLB_OCI_PLUGIN_UNDER_TEST" ) != NULL ;
18331854}
18341855
1835- static flb_sds_t mock_imds_request (struct flb_oci_logan * ctx , const char * path ) {
1856+ static flb_sds_t mock_imds_request (struct flb_oci_logan * ctx ,
1857+ const char * path )
1858+ {
18361859 if (strstr (path , "/instance/region" )) {
18371860 return flb_sds_create ("us-phoenix-1" );
18381861 }
1839-
1840- else if (strstr (path , "/identity/cert.pem" ))
1841- {
1842- return flb_sds_create (
1843- "-----BEGIN CERTIFICATE-----\n"
1844- "MIIC0TCCAbmgAwIBAgIJAKxHjMcXpyEUMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV\n"
1845- "BAoMCW9yYWNsZS5jb20wHhcNMjMwMTAxMDAwMDAwWhcNMjQwMTAxMDAwMDAwWjBc\n"
1846- "MRIwEAYDVQQKDAlvcmFjbGUuY29tMUYwRAYDVQQLDD1vcGMtdGVuYW50Om9jaWQx\n"
1847- "LnRlbmFuY3kub2MxLnBoeC50ZXN0YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh\n"
1848- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Dbv8prpJ/0kKhlGeJY\n"
1849- "ozo2t60EG8L0561g13R29LvMR5hyvGZlGJpmn65+A4xHXWUId1eJsCMFtgKhXFMS\n"
1850- "p6/8RkLcYMrFoAWKpILYdSrvJ0R66u+zR1EpqQvk8TDrNMVzfv/jDPPG2BHYkp7R\n"
1851- "WE7pWQv8vZGnU6p3SJGvTwKdgnjGjNvCsXI8Dx7ePLxLZhX0Vg8bqXFfVVN3FlWK\n"
1852- "VfPy4jLQfQhWVx7dL1EfJL2YiEXI1Oj2DQKLVxPHHcNRVJKXhUHJ2F6PVYqMfAJ9\n"
1853- "bJnTHhOGZfYWO7pQQQv2eFaInp6s6LfDZ/P9l5T7PiNJvWNGnJZpVQqEXdqTxXrC\n"
1854- "MQIDAQABoyMwITAfBgNVHSMEGDAWgBQxFw2xL6XqYqJSKhyAC/8qBkRCLTANBgkq\n"
1855- "hkiG9w0BAQsFAAOCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxe\n"
1856- "nIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1857- "-----END CERTIFICATE-----"
1858- );
1859- }
1860-
1861-
1862- else if (strstr (path , "/identity/key.pem" ))
1863- {
1862+
1863+ else if (strstr (path , "/identity/cert.pem" )) {
1864+ return flb_sds_create ("-----BEGIN CERTIFICATE-----\n"
1865+ "MIIC0TCCAbmgAwIBAgIJAKxHjMcXpyEUMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV\n"
1866+ "BAoMCW9yYWNsZS5jb20wHhcNMjMwMTAxMDAwMDAwWhcNMjQwMTAxMDAwMDAwWjBc\n"
1867+ "MRIwEAYDVQQKDAlvcmFjbGUuY29tMUYwRAYDVQQLDD1vcGMtdGVuYW50Om9jaWQx\n"
1868+ "LnRlbmFuY3kub2MxLnBoeC50ZXN0YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh\n"
1869+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Dbv8prpJ/0kKhlGeJY\n"
1870+ "ozo2t60EG8L0561g13R29LvMR5hyvGZlGJpmn65+A4xHXWUId1eJsCMFtgKhXFMS\n"
1871+ "p6/8RkLcYMrFoAWKpILYdSrvJ0R66u+zR1EpqQvk8TDrNMVzfv/jDPPG2BHYkp7R\n"
1872+ "WE7pWQv8vZGnU6p3SJGvTwKdgnjGjNvCsXI8Dx7ePLxLZhX0Vg8bqXFfVVN3FlWK\n"
1873+ "VfPy4jLQfQhWVx7dL1EfJL2YiEXI1Oj2DQKLVxPHHcNRVJKXhUHJ2F6PVYqMfAJ9\n"
1874+ "bJnTHhOGZfYWO7pQQQv2eFaInp6s6LfDZ/P9l5T7PiNJvWNGnJZpVQqEXdqTxXrC\n"
1875+ "MQIDAQABoyMwITAfBgNVHSMEGDAWgBQxFw2xL6XqYqJSKhyAC/8qBkRCLTANBgkq\n"
1876+ "hkiG9w0BAQsFAAOCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxe\n"
1877+ "nIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1878+ "-----END CERTIFICATE-----" );
1879+ }
1880+
1881+
1882+ else if (strstr (path , "/identity/key.pem" )) {
18641883 return flb_sds_create ("-----BEGIN RSA PRIVATE KEY-----\n"
1865- "MIIEpAIBAAKCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1866- "r3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3Ee\n"
1867- "MxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQQIDAQAB\n"
1868- "AoIBAEr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenI\n"
1869- "RQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3\n"
1870- "-----END RSA PRIVATE KEY-----" );
1871- }
1872-
1884+ "MIIEpAIBAAKCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1885+ "r3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3Ee\n"
1886+ "MxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQQIDAQAB\n"
1887+ "AoIBAEr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenI\n"
1888+ "RQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3\n"
1889+ "-----END RSA PRIVATE KEY-----" );
1890+ }
1891+
18731892 else if (strstr (path , "/identity/intermediate.pem" )) {
18741893 return flb_sds_create ("-----BEGIN CERTIFICATE-----\n"
1875- "MIIDHTCCAgWgAwIBAgIJAKxHjMcXpyE1MA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV\n"
1876- "BAoMCW9yYWNsZS5jb20wHhcNMjMwMTAxMDAwMDAwWhcNMjQwMTAxMDAwMDAwWjAU\n"
1877- "MRIwEAYDVQQKDAlvcmFjbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
1878- "CgKCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxe\n"
1879- "nIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1880- "QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCvMR4zHF6chFCvMR4zHF6chFCvMR4z\n"
1881- "-----END CERTIFICATE-----" );
1894+ "MIIDHTCCAgWgAwIBAgIJAKxHjMcXpyE1MA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV\n"
1895+ "BAoMCW9yYWNsZS5jb20wHhcNMjMwMTAxMDAwMDAwWhcNMjQwMTAxMDAwMDAwWjAU\n"
1896+ "MRIwEAYDVQQKDAlvcmFjbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
1897+ "CgKCAQEAr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxe\n"
1898+ "nIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQr3EeMxxenIRQ\n"
1899+ "QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCvMR4zHF6chFCvMR4zHF6chFCvMR4z\n"
1900+ "-----END CERTIFICATE-----" );
18821901 }
18831902 return NULL ;
18841903}
18851904
1886- static flb_sds_t mock_federation_response (struct flb_oci_logan * ctx ) {
1905+ static flb_sds_t mock_federation_response (struct flb_oci_logan * ctx )
1906+ {
18871907 const char * header = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9" ;
1888-
1908+
18891909 time_t now = time (NULL );
18901910 time_t exp = now + 3600 ;
1891-
1911+
18921912 char payload_json [512 ];
18931913 snprintf (payload_json , sizeof (payload_json ),
18941914 "{\"sub\":\"ocid1.instance.oc1.phx.test\","
18951915 "\"opc-instance\":\"ocid1.instance.oc1.phx.test\","
18961916 "\"exp\":%ld,"
1897- "\"iat\":%ld,"
1898- "\"jti\":\"test-token-id\"}" ,
1899- exp , now );
1900-
1917+ "\"iat\":%ld," "\"jti\":\"test-token-id\"}" , exp , now );
1918+
19011919
19021920 unsigned char b64_payload [1024 ];
19031921 size_t b64_len = sizeof (b64_payload );
19041922 flb_base64_encode (b64_payload , sizeof (b64_payload ), & b64_len ,
1905- (unsigned char * )payload_json , strlen (payload_json ));
1923+ (unsigned char * ) payload_json , strlen (payload_json ));
19061924 b64_payload [b64_len ] = '\0' ;
1907-
1925+
19081926 int i ;
19091927 for (i = 0 ; i < b64_len ; i ++ ) {
1910- if (b64_payload [i ] == '+' ) b64_payload [i ] = '-' ;
1911- if (b64_payload [i ] == '/' ) b64_payload [i ] = '_' ;
1928+ if (b64_payload [i ] == '+' )
1929+ b64_payload [i ] = '-' ;
1930+ if (b64_payload [i ] == '/' )
1931+ b64_payload [i ] = '_' ;
19121932 if (b64_payload [i ] == '=' ) {
19131933 b64_payload [i ] = '\0' ;
19141934 break ;
19151935 }
19161936 }
1917-
1937+
19181938 const char * signature = "ths_signature_is_for_test" ;
1919-
1939+
19201940 flb_sds_t jwt = flb_sds_create_size (1024 );
19211941 flb_sds_printf (& jwt , "%s.%s.%s" , header , b64_payload , signature );
1922-
1942+
19231943 flb_sds_t response = flb_sds_create_size (2048 );
19241944 flb_sds_printf (& response , "{\"token\":\"%s\"}" , jwt );
1925-
1945+
19261946 flb_sds_destroy (jwt );
1927-
1947+
19281948 flb_plg_info (ctx -> ins , "[mock]created federation response" );
1929-
1949+
19301950 if (parse_federation_response (response , & ctx -> security_token ) < 0 ) {
19311951 flb_plg_error (ctx -> ins , "failed to parse mock federation response" );
19321952 flb_sds_destroy (response );
19331953 return NULL ;
19341954 }
1935-
1955+
19361956 ctx -> security_token .expires_at = exp ;
1937-
1957+
19381958 flb_plg_info (ctx -> ins , "security token expir e in %ld" , exp );
1939-
1959+
19401960 return response ;
1941- }
1961+ }
0 commit comments