enable to specify agent connection to insert cert to (#231)

* enable to specify agent connection to insert cert to * add api * bump version --------- Co-authored-by: Dušan Klinec <dklinec@purestorage.com>
Cloud-Foundations · Jun 3, 2024 · efb227d · efb227d
1 parent f88e2e0
commit efb227d
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 9 deletions.
diff --git a/Makefile b/Makefile
@@ -10,7 +10,7 @@ endif
 BINARY=keymaster
 
 # These are the values we want to pass for Version and BuildTime
-VERSION?=1.15.3
+VERSION?=1.15.4
 DEFAULT_HOST?=
 VERSION_FLAVOUR?=
 EXTRA_LDFLAGS?=

diff --git a/lib/client/sshagent/agent.go b/lib/client/sshagent/agent.go
@@ -50,12 +50,13 @@ func deleteDuplicateEntries(comment string, agentClient agent.ExtendedAgent, log
 	return deletedCount, nil
 }
 
-func upsertCertIntoAgent(
+func upsertCertIntoAgentConnection(
 	certText []byte,
 	privateKey interface{},
 	comment string,
 	lifeTimeSecs uint32,
 	confirmBeforeUse bool,
+	conn net.Conn,
 	logger log.DebugLogger) error {
 	pubKey, _, _, _, err := ssh.ParseAuthorizedKey(certText)
 	if err != nil {
@@ -72,23 +73,32 @@ func upsertCertIntoAgent(
 		Comment:          comment,
 		ConfirmBeforeUse: confirmBeforeUse,
 	}
-	return withAddedKeyUpsertCertIntoAgent(keyToAdd, logger)
+	return withAddedKeyUpsertCertIntoAgentConnection(keyToAdd, conn, logger)
 }
 
-func withAddedKeyUpsertCertIntoAgent(certToAdd agent.AddedKey, logger log.DebugLogger) error {
-	if certToAdd.Certificate == nil {
-		return fmt.Errorf("Needs a certificate to be added")
-	}
-
+func upsertCertIntoAgent(
+	certText []byte,
+	privateKey interface{},
+	comment string,
+	lifeTimeSecs uint32,
+	confirmBeforeUse bool,
+	logger log.DebugLogger) error {
 	conn, err := connectToDefaultSSHAgentLocation()
 	if err != nil {
 		return err
 	}
 	defer conn.Close()
+	return upsertCertIntoAgentConnection(certText, privateKey, comment, lifeTimeSecs, confirmBeforeUse, conn, logger)
+}
+
+func withAddedKeyUpsertCertIntoAgentConnection(certToAdd agent.AddedKey, conn net.Conn, logger log.DebugLogger) error {
+	if certToAdd.Certificate == nil {
+		return fmt.Errorf("Needs a certificate to be added")
+	}
 	agentClient := agent.NewClient(conn)
 
 	//delete certs in agent with the same comment
-	_, err = deleteDuplicateEntries(certToAdd.Comment, agentClient, logger)
+	_, err := deleteDuplicateEntries(certToAdd.Comment, agentClient, logger)
 	if err != nil {
 		logger.Printf("failed during deletion err=%s", err)
 		return err
@@ -102,3 +112,12 @@ func withAddedKeyUpsertCertIntoAgent(certToAdd agent.AddedKey, logger log.DebugL
 
 	return agentClient.Add(certToAdd)
 }
+
+func withAddedKeyUpsertCertIntoAgent(certToAdd agent.AddedKey, logger log.DebugLogger) error {
+	conn, err := connectToDefaultSSHAgentLocation()
+	if err != nil {
+		return err
+	}
+	defer conn.Close()
+	return withAddedKeyUpsertCertIntoAgentConnection(certToAdd, conn, logger)
+}
diff --git a/lib/client/sshagent/api.go b/lib/client/sshagent/api.go
@@ -2,6 +2,7 @@ package sshagent
 
 import (
 	"golang.org/x/crypto/ssh/agent"
+	"net"
 
 	"github.com/Cloud-Foundations/golib/pkg/log"
 )
@@ -15,6 +16,21 @@ func UpsertCertIntoAgent(
 	return upsertCertIntoAgent(certText, privateKey, comment, lifeTimeSecs, false, logger)
 }
 
+func UpsertCertIntoAgentConnection(
+	certText []byte,
+	privateKey interface{},
+	comment string,
+	lifeTimeSecs uint32,
+	confirmBeforeUse bool,
+	conn net.Conn,
+	logger log.DebugLogger) error {
+	return upsertCertIntoAgentConnection(certText, privateKey, comment, lifeTimeSecs, confirmBeforeUse, conn, logger)
+}
+
 func WithAddedKeyUpsertCertIntoAgent(certToAdd agent.AddedKey, logger log.DebugLogger) error {
 	return withAddedKeyUpsertCertIntoAgent(certToAdd, logger)
 }
+
+func WithAddedKeyUpsertCertIntoAgentConnection(certToAdd agent.AddedKey, conn net.Conn, logger log.DebugLogger) error {
+	return withAddedKeyUpsertCertIntoAgentConnection(certToAdd, conn, logger)
+}