mirror of
https://github.com/status-im/consul.git
synced 2025-01-11 22:34:55 +00:00
cd1b613352
* Update AWS SDK to use PCA features. * Add AWS PCA provider * Add plumbing for config, config validation tests, add test for inheriting existing CA resources created by user * Unparallel the tests so we don't exhaust PCA limits * Merge updates * More aggressive polling; rate limit pass through on sign; Timeout on Sign and CA create * Add AWS PCA docs * Fix Vault doc typo too * Doc typo * Apply suggestions from code review Co-Authored-By: R.B. Boyer <rb@hashicorp.com> Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com> * Doc fixes; tests for erroring if State is modified via API * More review cleanup * Uncomment tests! * Minor suggested clean ups
69 lines
1.5 KiB
Go
69 lines
1.5 KiB
Go
package protocol
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"github.com/aws/aws-sdk-go/aws/request"
|
|
)
|
|
|
|
// ValidateEndpointHostHandler is a request handler that will validate the
|
|
// request endpoint's hosts is a valid RFC 3986 host.
|
|
var ValidateEndpointHostHandler = request.NamedHandler{
|
|
Name: "awssdk.protocol.ValidateEndpointHostHandler",
|
|
Fn: func(r *request.Request) {
|
|
err := ValidateEndpointHost(r.Operation.Name, r.HTTPRequest.URL.Host)
|
|
if err != nil {
|
|
r.Error = err
|
|
}
|
|
},
|
|
}
|
|
|
|
// ValidateEndpointHost validates that the host string passed in is a valid RFC
|
|
// 3986 host. Returns error if the host is not valid.
|
|
func ValidateEndpointHost(opName, host string) error {
|
|
paramErrs := request.ErrInvalidParams{Context: opName}
|
|
labels := strings.Split(host, ".")
|
|
|
|
for i, label := range labels {
|
|
if i == len(labels)-1 && len(label) == 0 {
|
|
// Allow trailing dot for FQDN hosts.
|
|
continue
|
|
}
|
|
|
|
if !ValidHostLabel(label) {
|
|
paramErrs.Add(request.NewErrParamFormat(
|
|
"endpoint host label", "[a-zA-Z0-9-]{1,63}", label))
|
|
}
|
|
}
|
|
|
|
if len(host) > 255 {
|
|
paramErrs.Add(request.NewErrParamMaxLen(
|
|
"endpoint host", 255, host,
|
|
))
|
|
}
|
|
|
|
if paramErrs.Len() > 0 {
|
|
return paramErrs
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ValidHostLabel returns if the label is a valid RFC 3986 host label.
|
|
func ValidHostLabel(label string) bool {
|
|
if l := len(label); l == 0 || l > 63 {
|
|
return false
|
|
}
|
|
for _, r := range label {
|
|
switch {
|
|
case r >= '0' && r <= '9':
|
|
case r >= 'A' && r <= 'Z':
|
|
case r >= 'a' && r <= 'z':
|
|
case r == '-':
|
|
default:
|
|
return false
|
|
}
|
|
}
|
|
|
|
return true
|
|
}
|