120 lines
2.8 KiB
Go
120 lines
2.8 KiB
Go
package winrm
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/masterzen/winrm/soap"
|
|
)
|
|
|
|
type ClientAuthRequest struct {
|
|
transport http.RoundTripper
|
|
dial func(network, addr string) (net.Conn, error)
|
|
}
|
|
|
|
func (c *ClientAuthRequest) Transport(endpoint *Endpoint) error {
|
|
cert, err := tls.X509KeyPair(endpoint.Cert, endpoint.Key)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
dial := (&net.Dialer{
|
|
Timeout: 30 * time.Second,
|
|
KeepAlive: 30 * time.Second,
|
|
}).Dial
|
|
|
|
if c.dial != nil {
|
|
dial = c.dial
|
|
}
|
|
|
|
transport := &http.Transport{
|
|
Proxy: http.ProxyFromEnvironment,
|
|
TLSClientConfig: &tls.Config{
|
|
Renegotiation: tls.RenegotiateOnceAsClient,
|
|
InsecureSkipVerify: endpoint.Insecure,
|
|
Certificates: []tls.Certificate{cert},
|
|
},
|
|
Dial: dial,
|
|
ResponseHeaderTimeout: endpoint.Timeout,
|
|
}
|
|
|
|
if endpoint.CACert != nil && len(endpoint.CACert) > 0 {
|
|
certPool, err := readCACerts(endpoint.CACert)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
transport.TLSClientConfig.RootCAs = certPool
|
|
}
|
|
|
|
c.transport = transport
|
|
|
|
return nil
|
|
}
|
|
|
|
// parse func reads the response body and return it as a string
|
|
func parse(response *http.Response) (string, error) {
|
|
|
|
// if we recived the content we expected
|
|
if strings.Contains(response.Header.Get("Content-Type"), "application/soap+xml") {
|
|
body, err := ioutil.ReadAll(response.Body)
|
|
defer func() {
|
|
// defer can modify the returned value before
|
|
// it is actually passed to the calling statement
|
|
if errClose := response.Body.Close(); errClose != nil && err == nil {
|
|
err = errClose
|
|
}
|
|
}()
|
|
if err != nil {
|
|
return "", fmt.Errorf("error while reading request body %s", err)
|
|
}
|
|
|
|
return string(body), nil
|
|
}
|
|
|
|
return "", fmt.Errorf("invalid content type")
|
|
}
|
|
|
|
func (c ClientAuthRequest) Post(client *Client, request *soap.SoapMessage) (string, error) {
|
|
httpClient := &http.Client{Transport: c.transport}
|
|
|
|
req, err := http.NewRequest("POST", client.url, strings.NewReader(request.String()))
|
|
if err != nil {
|
|
return "", fmt.Errorf("impossible to create http request %s", err)
|
|
}
|
|
|
|
req.Header.Set("Content-Type", soapXML+";charset=UTF-8")
|
|
req.Header.Set("Authorization", "http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/mutual")
|
|
|
|
resp, err := httpClient.Do(req)
|
|
if err != nil {
|
|
return "", fmt.Errorf("unknown error %s", err)
|
|
}
|
|
|
|
body, err := parse(resp)
|
|
if err != nil {
|
|
return "", fmt.Errorf("http response error: %d - %s", resp.StatusCode, err.Error())
|
|
}
|
|
|
|
// if we have different 200 http status code
|
|
// we must replace the error
|
|
defer func() {
|
|
if resp.StatusCode != 200 {
|
|
body, err = "", fmt.Errorf("http error %d: %s", resp.StatusCode, body)
|
|
}
|
|
}()
|
|
|
|
return body, err
|
|
}
|
|
|
|
func NewClientAuthRequestWithDial(dial func(network, addr string) (net.Conn, error)) *ClientAuthRequest {
|
|
return &ClientAuthRequest{
|
|
dial: dial,
|
|
}
|
|
}
|