You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by sh...@apache.org on 2023/06/28 15:31:00 UTC
[trafficcontrol] branch master updated: Fix status code and alert structure for sslkeys endpoint, when no ssl keys are present. (#7595)
This is an automated email from the ASF dual-hosted git repository.
shamrick pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 1e39991285 Fix status code and alert structure for sslkeys endpoint, when no ssl keys are present. (#7595)
1e39991285 is described below
commit 1e399912855f9a96b26aa51e5a9a7ad3cd62e3a1
Author: Srijeet Chatterjee <30...@users.noreply.github.com>
AuthorDate: Wed Jun 28 09:30:55 2023 -0600
Fix status code and alert structure for sslkeys endpoint, when no ssl keys are present. (#7595)
* Fix status code and alert structure for sslkeys endpoint, when no ssl keys are present
* fix tests
* fix v4 test
* fix v4 test
* adding debug
* debug
* fix v5 test
---
CHANGELOG.md | 1 +
.../testing/api/v5/deliveryservices_keys_test.go | 1 -
.../traffic_ops_golang/deliveryservice/keys.go | 25 ++++++++++++++++++----
.../traffic_ops_golang/deliveryservice/sslkeys.go | 4 +++-
.../trafficvault/backends/postgres/postgres.go | 2 +-
5 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 55d1e64a1b..0464ff5933 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -118,6 +118,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
- [#7425](https://github.com/apache/trafficcontrol/pull/7425) *Traffic Control Cache Config (t3c)* Fixed issue with layered profile iteration being done in the wrong order.
- [#6385](https://github.com/apache/trafficcontrol/issues/6385) *Traffic Ops* Reserved consistentHashQueryParameters cause internal server error
- [#7471](https://github.com/apache/trafficcontrol/pull/7471) *Traffic Control Cache Config (t3c)* Fixed issue with MSO non topo origins from multiple cache groups.
+- [#4393](https://github.com/apache/trafficcontrol/issues/4393) *Traffic Ops* Fixed the error code and alert structure when TO is queried for a delivery service with no ssl keys.
### Removed
- [#7271](https://github.com/apache/trafficcontrol/pull/7271) Remove components in `infrastructre/docker/`, not in use as cdn-in-a-box performs the same functionality.
diff --git a/traffic_ops/testing/api/v5/deliveryservices_keys_test.go b/traffic_ops/testing/api/v5/deliveryservices_keys_test.go
index 54b0775d5b..47b1d9cc50 100644
--- a/traffic_ops/testing/api/v5/deliveryservices_keys_test.go
+++ b/traffic_ops/testing/api/v5/deliveryservices_keys_test.go
@@ -380,7 +380,6 @@ func VerifySSLKeysOnDsCreationTest(t *testing.T) {
break
}
}
-
if err != nil || dsSSLKey == nil {
t.Fatalf("unable to get DS %s SSL key: %v", ds.XMLID, err)
}
diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/keys.go b/traffic_ops/traffic_ops_golang/deliveryservice/keys.go
index ef02ebb683..65dce07d05 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/keys.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/keys.go
@@ -187,12 +187,26 @@ func GetSSLKeysByXMLID(w http.ResponseWriter, r *http.Request) {
return
}
+ var userError error
+ sc := http.StatusInternalServerError
+ logAlert := true
keyObjV4, err := getSslKeys(inf, r.Context())
if err != nil {
- userErr := api.LogErr(r, http.StatusInternalServerError, nil, err)
- alerts.AddNewAlert(tc.ErrorLevel, userErr.Error())
- api.WriteAlerts(w, r, http.StatusInternalServerError, alerts)
- return
+ userError = api.LogErr(r, sc, nil, err)
+ if err == sql.ErrNoRows {
+ if inf.Version.GreaterThanOrEqualTo(&api.Version{Major: 5, Minor: 0}) {
+ sc = http.StatusNotFound
+ userError = api.LogErr(r, sc, errors.New("no ssl keys for XML ID "+xmlID), nil)
+ } else {
+ // For versions lesser than 5.0, don't log an alert if the error is ErrNoRows. This is for backward compatibility reasons.
+ logAlert = false
+ }
+ }
+ if logAlert {
+ alerts.AddNewAlert(tc.ErrorLevel, userError.Error())
+ api.WriteAlerts(w, r, sc, alerts)
+ return
+ }
}
var keyObj interface{}
@@ -216,6 +230,9 @@ func getSslKeys(inf *api.APIInfo, ctx context.Context) (tc.DeliveryServiceSSLKey
keyObjFromTv, ok, err := inf.Vault.GetDeliveryServiceSSLKeys(xmlID, version, inf.Tx.Tx, ctx)
if err != nil {
+ if err == sql.ErrNoRows {
+ return tc.DeliveryServiceSSLKeysV4{}, err
+ }
return tc.DeliveryServiceSSLKeysV4{}, errors.New("getting ssl keys: " + err.Error())
}
keyObj := tc.DeliveryServiceSSLKeysV4{}
diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/sslkeys.go b/traffic_ops/traffic_ops_golang/deliveryservice/sslkeys.go
index f3a133c066..38402e9cf0 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/sslkeys.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/sslkeys.go
@@ -122,7 +122,9 @@ func GeneratePlaceholderSelfSignedCert(ds tc.DeliveryServiceV5, inf *api.APIInfo
tv := inf.Vault
_, ok, err := tv.GetDeliveryServiceSSLKeys(ds.XMLID, "", tx, context)
if err != nil {
- return fmt.Errorf("getting latest ssl keys for XMLID '%s': %w", ds.XMLID, err), http.StatusInternalServerError
+ if err != sql.ErrNoRows {
+ return fmt.Errorf("getting latest ssl keys for XMLID '%s': %w", ds.XMLID, err), http.StatusInternalServerError
+ }
}
if ok {
return nil, http.StatusOK
diff --git a/traffic_ops/traffic_ops_golang/trafficvault/backends/postgres/postgres.go b/traffic_ops/traffic_ops_golang/trafficvault/backends/postgres/postgres.go
index b1bdc1b394..1499882d30 100644
--- a/traffic_ops/traffic_ops_golang/trafficvault/backends/postgres/postgres.go
+++ b/traffic_ops/traffic_ops_golang/trafficvault/backends/postgres/postgres.go
@@ -138,7 +138,7 @@ func (p *Postgres) GetDeliveryServiceSSLKeys(xmlID string, version string, tx *s
err = tvTx.QueryRow(query, xmlID, version).Scan(&encryptedSslKeys)
if err != nil {
if err == sql.ErrNoRows {
- return tc.DeliveryServiceSSLKeysV15{}, false, nil
+ return tc.DeliveryServiceSSLKeysV15{}, false, err
}
e := checkErrWithContext("Traffic Vault PostgreSQL: executing SELECT SSL Keys query", err, ctx.Err())
return tc.DeliveryServiceSSLKeysV15{}, false, e