From e0901f4fe5daf511527fa9e345b0b1893fcdcedf Mon Sep 17 00:00:00 2001 From: Monis Khan Date: Mon, 16 Aug 2021 21:30:02 -0400 Subject: [PATCH] dynamiccert: prevent misuse of NewServingCert The Kube API server code that we use will cast inputs in an attempt to see if they implement optional interfaces. This change adds a simple wrapper struct to prevent such casts from causing us any issues. Signed-off-by: Monis Khan --- internal/dynamiccert/provider.go | 6 +++++- internal/dynamiccert/provider_test.go | 17 +++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/internal/dynamiccert/provider.go b/internal/dynamiccert/provider.go index 4e74d118..d5c76847 100644 --- a/internal/dynamiccert/provider.go +++ b/internal/dynamiccert/provider.go @@ -55,7 +55,11 @@ type provider struct { // NewServingCert returns a Private that is go routine safe. // It can only hold key pairs that have IsCA=false. func NewServingCert(name string) Private { - return &provider{name: name} + return struct { + Private + }{ + Private: &provider{name: name}, + } } // NewCA returns a Provider that is go routine safe. diff --git a/internal/dynamiccert/provider_test.go b/internal/dynamiccert/provider_test.go index b2d1d168..fce2cd39 100644 --- a/internal/dynamiccert/provider_test.go +++ b/internal/dynamiccert/provider_test.go @@ -12,6 +12,7 @@ import ( "time" "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/server/dynamiccertificates" @@ -224,3 +225,19 @@ func poolSubjects(pool *x509.CertPool) [][]byte { } return pool.Subjects() } + +func TestNewServingCert(t *testing.T) { + got := NewServingCert("") + + ok1 := assert.Implements(fakeT{}, (*Private)(nil), got) + ok2 := assert.Implements(fakeT{}, (*Public)(nil), got) + ok3 := assert.Implements(fakeT{}, (*Provider)(nil), got) + + require.True(t, ok1, "NewServingCert must implement Private") + require.False(t, ok2, "NewServingCert must not implement Public") + require.False(t, ok3, "NewServingCert must not implement Provider") +} + +type fakeT struct{} + +func (fakeT) Errorf(string, ...interface{}) {}