-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wazuh-certs-tool.sh support for multiple IPs in server nodes #1770
Conversation
elif [ "${isDNS}" ]; then | ||
printf '%s\n' " DNS.${j} = ${!i}" >> "${cert_tmp_path}/${1}.conf" | ||
else | ||
common_logger -e "Invalid IP or DNS ${!i}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why use 2 different messages for the same error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done 4ea226d
|
||
if [ "${#@}" -gt 2 ]; then | ||
sed -i '/IP.1/d' "${cert_tmp_path}/${1}.conf" | ||
for (( i=2; i<=${#@}; i++ )); do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couldn't you use this same loop for all cases instead of testing it separately when there is only one IP.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done 4ea226d
@@ -168,29 +188,122 @@ function cert_generateRootCAcertificate() { | |||
|
|||
} | |||
|
|||
function cert_parseYaml() { | |||
function cert_parseYaml { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
GJ, could you add the result of the new function when evaluating a config.yml?
Also maintain the style of the script function declarations must end with ()
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done 4ea226d
TESTS |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Description
We could only have one IP per node, in order to allow multiple IPs I had to change the
cert_parseYaml
function. This function treated every server IP as if it were from the same node. Changing this function also meant changing the way the variables were generated. Once this was completed I made the changes necessary to allow the wazuh-certs-tool.sh script to create certificates with multiple IPs in a server node.Logs example
Certificates generated with this
config.yml
file.