-
Notifications
You must be signed in to change notification settings - Fork 3.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: include crypto
diagnostics in /debug/vars
output
#23948
Changes from 4 commits
3f0e5e1
6785fa5
94f215b
28eba8f
af43e11
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -872,7 +872,6 @@ func (h *Handler) async(q *influxql.Query, results <-chan *query.Result) { | |
// in the database URL query value. It is encoded using a forward slash like | ||
// "database/retentionpolicy" and we should be able to simply split that string | ||
// on the forward slash. | ||
// | ||
func bucket2dbrp(bucket string) (string, string, error) { | ||
// test for a slash in our bucket name. | ||
switch idx := strings.IndexByte(bucket, '/'); idx { | ||
|
@@ -2250,6 +2249,35 @@ func (h *Handler) serveExpvar(w http.ResponseWriter, r *http.Request) { | |
first = false | ||
fmt.Fprintf(w, "\"cmdline\": %s", val) | ||
} | ||
|
||
// We're going to print some kind of crypto data, we just | ||
// need to find the proper source for it. | ||
{ | ||
var jv map[string]interface{} | ||
val := diags["crypto"] | ||
if val != nil { | ||
jv, err = parseCryptoDiagnostics(val) | ||
if err != nil { | ||
h.httpError(w, err.Error(), http.StatusInternalServerError) | ||
return | ||
} | ||
} else { | ||
jv = ossCryptoDiagnostics() | ||
} | ||
|
||
data, err := json.Marshal(jv) | ||
if err != nil { | ||
h.httpError(w, err.Error(), http.StatusInternalServerError) | ||
return | ||
} | ||
|
||
if !first { | ||
fmt.Fprintln(w, ",") | ||
} | ||
first = false | ||
fmt.Fprintf(w, "\"crypto\": %s", data) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same, let's log There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'll go a step further and say the fact there are There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Absolutely agree. But I didn't want to generate more work for you rewriting everything. |
||
} | ||
|
||
if val := expvar.Get("memstats"); val != nil { | ||
if !first { | ||
fmt.Fprintln(w, ",") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same, let's log |
||
|
@@ -2434,6 +2462,47 @@ func parseBuildInfo(d *diagnostics.Diagnostics) (map[string]interface{}, error) | |
return m, nil | ||
} | ||
|
||
// ossCryptoDiagnostics creates a default crypto diagnostics map that | ||
// can be marshaled into JSON for /debug/vars. | ||
func ossCryptoDiagnostics() map[string]interface{} { | ||
return map[string]interface{}{ | ||
"ensureFIPS": false, | ||
"FIPS": false, | ||
"implementation": "Go", | ||
"passwordHash": "bcrypt", | ||
} | ||
} | ||
|
||
// parseCryptoDiagnostics converts the crypto diagnostics into an appropriate | ||
// format for marshaling to JSON in the /debug/vars format. | ||
func parseCryptoDiagnostics(d *diagnostics.Diagnostics) (map[string]interface{}, error) { | ||
// No defaults (eg ossCryptoDiagnostics) to avoid lying if values are missing | ||
m := make(map[string]interface{}) | ||
|
||
for key := range m { | ||
// Find the associated column. | ||
ci := -1 | ||
for i, col := range d.Columns { | ||
if col == key { | ||
ci = i | ||
break | ||
} | ||
} | ||
|
||
// Don't error out if we can't find the column or cell for a given key. | ||
// There could still be useful information we gather. | ||
if ci == -1 { // column not found | ||
continue | ||
} | ||
if len(d.Rows) < 1 || len(d.Rows[0]) <= ci { // data cell not found | ||
continue | ||
} | ||
|
||
m[key] = d.Rows[0][ci] | ||
} | ||
return m, nil | ||
} | ||
|
||
// httpError writes an error to the client in a standard format. | ||
func (h *Handler) httpError(w http.ResponseWriter, errmsg string, code int) { | ||
if code == http.StatusUnauthorized { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm still in favor of an
h.Logger.Error(err)
ifFprintln
fails here.