refactor: set app version when enabling remote tls issue reporting

2020-04-24 16:00:12 +02:00 · 2020-04-24 16:00:12 +02:00 · e9735c6110
parent 0fd5ca3a24
commit e9735c6110
4 changed files with 11 additions and 11 deletions
--- a/pkg/config/pmapi_prod.go
+++ b/pkg/config/pmapi_prod.go
@ -44,11 +44,11 @@ func (c *Config) GetRoundTripper(cm *pmapi.ClientManager, listener listener.List
 	basicDialer := pmapi.NewBasicTLSDialer()

 	// We wrap the TLS dialer in a layer which enforces connections to trusted servers.
-	pinningDialer := pmapi.NewPinningTLSDialer(basicDialer, c.GetAPIConfig().AppVersion)
+	pinningDialer := pmapi.NewPinningTLSDialer(basicDialer)

 	// We want any pin mismatches to be communicated back to bridge GUI and reported.
 	pinningDialer.SetTLSIssueNotifier(func() { listener.Emit(events.TLSCertIssue, "") })
-	pinningDialer.SetRemoteTLSIssueReporting(true)
+	pinningDialer.EnableRemoteTLSIssueReporting(c.GetAPIConfig().AppVersion)

 	// We wrap the pinning dialer in a layer which adds "alternative routing" feature.
 	proxyDialer := pmapi.NewProxyTLSDialer(pinningDialer, cm)
--- a/pkg/pmapi/dialer_pinning.go
+++ b/pkg/pmapi/dialer_pinning.go
@ -33,12 +33,12 @@ type PinningTLSDialer struct {
 	// pinChecker is used to check TLS keys of connections.
 	pinChecker PinChecker

-	// appVersion is supplied if there is a TLS mismatch.
-	appVersion string
-
 	// tlsIssueNotifier is used to notify something when there is a TLS issue.
 	tlsIssueNotifier func()

+	// appVersion is needed to report TLS mismatches.
+	appVersion string
+
 	// enableRemoteReporting instructs the dialer to report TLS mismatches.
 	enableRemoteReporting bool

@ -49,11 +49,10 @@ type PinningTLSDialer struct {
 // NewPinningTLSDialer constructs a new dialer which only returns tcp connections to servers
 // which present known certificates.
 // If enabled, it reports any invalid certificates it finds.
-func NewPinningTLSDialer(dialer TLSDialer, appVersion string) *PinningTLSDialer {
+func NewPinningTLSDialer(dialer TLSDialer) *PinningTLSDialer {
 	return &PinningTLSDialer{
 		dialer:     dialer,
 		pinChecker: NewPinChecker(TrustedAPIPins),
-		appVersion: appVersion,
 		log:        logrus.WithField("pkg", "pmapi/tls-pinning"),
 	}
 }
@ -62,8 +61,9 @@ func (p *PinningTLSDialer) SetTLSIssueNotifier(notifier func()) {
 	p.tlsIssueNotifier = notifier
 }

-func (p *PinningTLSDialer) SetRemoteTLSIssueReporting(enabled bool) {
-	p.enableRemoteReporting = enabled
+func (p *PinningTLSDialer) EnableRemoteTLSIssueReporting(appVersion string) {
+	p.enableRemoteReporting = true
+	p.appVersion = appVersion
 }

 // DialTLS dials the given network/address, returning an error if the certificates don't match the trusted pins.
--- a/pkg/pmapi/dialer_pinning_test.go
+++ b/pkg/pmapi/dialer_pinning_test.go
@ -33,7 +33,7 @@ var testLiveConfig = &ClientConfig{
 func createAndSetPinningDialer(cm *ClientManager) (*int, *PinningTLSDialer) {
 	called := 0

-	dialer := NewPinningTLSDialer(NewBasicTLSDialer(), testLiveConfig.AppVersion)
+	dialer := NewPinningTLSDialer(NewBasicTLSDialer())
 	dialer.SetTLSIssueNotifier(func() { called++ })
 	cm.SetRoundTripper(CreateTransportWithDialer(dialer))

--- a/pkg/pmapi/proxy.go
+++ b/pkg/pmapi/proxy.go
@ -144,7 +144,7 @@ func (p *proxyProvider) canReach(url string) bool {
 		url = "https://" + url
 	}

-	pinningDialer := NewPinningTLSDialer(NewBasicTLSDialer(), "")
+	pinningDialer := NewPinningTLSDialer(NewBasicTLSDialer())

 	pinger := resty.New().
 		SetHostURL(url).