From 857fd1e0ea06d03ba157d2b627f1e758600df414 Mon Sep 17 00:00:00 2001 From: Vitor Enes Date: Wed, 7 Dec 2022 16:07:19 +0000 Subject: [PATCH] Move custom checks to Auth functions --- lib/config/configuration.go | 15 ++------------- lib/config/fileconf.go | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 13 deletions(-) diff --git a/lib/config/configuration.go b/lib/config/configuration.go index 25574dfda3a6..bff1dd4a192b 100644 --- a/lib/config/configuration.go +++ b/lib/config/configuration.go @@ -664,17 +664,7 @@ func applyAuthConfig(fc *FileConfig, cfg *service.Config) error { // Only override networking configuration if some of its fields is // specified in file configuration. - customNetworkingConfig := fc.Auth.ClientIdleTimeout != 0 || - fc.Auth.ClientIdleTimeoutMessage != "" || - fc.Auth.WebIdleTimeout != 0 || - fc.Auth.KeepAliveInterval != 0 || - fc.Auth.KeepAliveCountMax != 0 || - fc.Auth.SessionControlTimeout != 0 || - fc.Auth.ProxyListenerMode != 0 || - fc.Auth.RoutingStrategy != 0 || - fc.Auth.TunnelStrategy != nil || - fc.Auth.ProxyPingInterval != 0 - if customNetworkingConfig { + if fc.Auth.hasCustomNetworkingConfig() { cfg.Auth.NetworkingConfig, err = types.NewClusterNetworkingConfigFromConfigFile(types.ClusterNetworkingConfigSpecV2{ ClientIdleTimeout: fc.Auth.ClientIdleTimeout, ClientIdleTimeoutMessage: fc.Auth.ClientIdleTimeoutMessage, @@ -694,8 +684,7 @@ func applyAuthConfig(fc *FileConfig, cfg *service.Config) error { // Only override session recording configuration if either field is // specified in file configuration. - customSessionRecordingConfig := fc.Auth.SessionRecording != "" || fc.Auth.ProxyChecksHostKeys != nil - if customSessionRecordingConfig { + if fc.Auth.hasCustomSessionRecording() { cfg.Auth.SessionRecordingConfig, err = types.NewSessionRecordingConfigFromConfigFile(types.SessionRecordingConfigSpecV2{ Mode: fc.Auth.SessionRecording, ProxyChecksHostKeys: fc.Auth.ProxyChecksHostKeys, diff --git a/lib/config/fileconf.go b/lib/config/fileconf.go index 344aa94d77cc..4fbeffa6cc34 100644 --- a/lib/config/fileconf.go +++ b/lib/config/fileconf.go @@ -889,6 +889,30 @@ type Auth struct { LoadAllCAs bool `yaml:"load_all_cas,omitempty"` } +// hasCustomNetworkingConfig returns true if any of the networking +// configuration fields have values different from an empty Auth. +func (a *Auth) hasCustomNetworkingConfig() bool { + empty := Auth{} + return a.ClientIdleTimeout != empty.ClientIdleTimeout || + a.ClientIdleTimeoutMessage != empty.ClientIdleTimeoutMessage || + a.WebIdleTimeout != empty.WebIdleTimeout || + a.KeepAliveInterval != empty.KeepAliveInterval || + a.KeepAliveCountMax != empty.KeepAliveCountMax || + a.SessionControlTimeout != empty.SessionControlTimeout || + a.ProxyListenerMode != empty.ProxyListenerMode || + a.RoutingStrategy != empty.RoutingStrategy || + a.TunnelStrategy != empty.TunnelStrategy || + a.ProxyPingInterval != empty.ProxyPingInterval +} + +// hasCustomSessionRecording returns true if any of the session recording +// configuration fields have values different from an empty Auth. +func (a *Auth) hasCustomSessionRecording() bool { + empty := Auth{} + return a.SessionRecording != empty.SessionRecording || + a.ProxyChecksHostKeys != empty.ProxyChecksHostKeys +} + // CAKeyParams configures how CA private keys will be created and stored. type CAKeyParams struct { // PKCS11 configures a PKCS#11 HSM to be used for all CA private key generation and