IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-14 01:23:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

Return error if datasource TLS CA not parsed

Browse Source
This commit is contained in:
Matt Bostock 2017-09-28 14:55:32 +01:00
parent e23c678df9
commit f6aa0e41e5
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/models/datasource_cache.go
View File

@ -3,6 +3,7 @@ package models
import ( import (
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"errors"
"net" "net"
"net/http" "net/http"
"sync" "sync"
@ -71,13 +72,13 @@ func (ds *DataSource) GetHttpTransport() (*http.Transport, error) {
if tlsClientAuth || tlsAuthWithCACert { if tlsClientAuth || tlsAuthWithCACert {
decrypted := ds.SecureJsonData.Decrypt() decrypted := ds.SecureJsonData.Decrypt()
if tlsAuthWithCACert && len(decrypted["tlsCACert"]) > 0 { if tlsAuthWithCACert && len(decrypted["tlsCACert"]) > 0 {
caPool := x509.NewCertPool() caPool := x509.NewCertPool()
ok := caPool.AppendCertsFromPEM([]byte(decrypted["tlsCACert"])) ok := caPool.AppendCertsFromPEM([]byte(decrypted["tlsCACert"]))
if ok { if !ok {
transport.TLSClientConfig.RootCAs = caPool return nil, errors.New("Failed to parse TLS CA PEM certificate")
} }
transport.TLSClientConfig.RootCAs = caPool
} }
if tlsClientAuth { if tlsClientAuth {