Skip to content

Commit

Permalink
Improve hostname validation in provider
Browse files Browse the repository at this point in the history
In addition, allow specifying https schema in host.
  • Loading branch information
annakhm committed Aug 4, 2020
1 parent 19937e9 commit e75e180
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 5 deletions.
13 changes: 10 additions & 3 deletions nsxt/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,10 @@ func configureNsxtClient(d *schema.ResourceData, clients *nsxtClients) error {
}

host := d.Get("host").(string)
// Remove schema
if strings.HasPrefix(host, "https://") {
host = host[len("https://"):]
}

if host == "" {
return fmt.Errorf("host must be provided")
Expand Down Expand Up @@ -445,7 +449,7 @@ func getConnectorTLSConfig(insecure bool, clientCertFile string, clientKeyFile s
}

func configurePolicyConnectorData(d *schema.ResourceData, clients *nsxtClients) error {
hostIP := d.Get("host").(string)
host := d.Get("host").(string)
username := d.Get("username").(string)
password := d.Get("password").(string)
vmcAccessToken := d.Get("vmc_token").(string)
Expand All @@ -457,11 +461,14 @@ func configurePolicyConnectorData(d *schema.ResourceData, clients *nsxtClients)
policyEnforcementPoint := d.Get("enforcement_point").(string)
policyGlobalManager := d.Get("global_manager").(bool)

if hostIP == "" {
if host == "" {
return fmt.Errorf("host must be provided")
}

host := fmt.Sprintf("https://%s", hostIP)
if !strings.HasPrefix(host, "https://") {
host = fmt.Sprintf("https://%s", host)
}

securityCtx := core.NewSecurityContextImpl()
securityContextNeeded := true
if len(clientAuthCertFile) > 0 && !clients.CommonConfig.RemoteAuth {
Expand Down
7 changes: 5 additions & 2 deletions nsxt/validators.go
Original file line number Diff line number Diff line change
Expand Up @@ -459,10 +459,13 @@ func validateNsxtProviderHostFormat() schema.SchemaValidateFunc {
return
}

if strings.HasPrefix(v, "https://") || strings.HasPrefix(v, "http://") {
es = append(es, fmt.Errorf("not expecting http:// or https:// in the host, but got %s", v))
withSchema := v
if !strings.HasPrefix(v, "https://") {
// Add schema for validation
withSchema = fmt.Sprintf("https://%s", v)
}

s, es = validation.IsURLWithHTTPS(withSchema, k)
return
}
}
Expand Down

0 comments on commit e75e180

Please sign in to comment.