mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Added status code checking

Browse source
This commit is contained in:
Josh Hogle 2020-05-19 23:57:09 -04:00
parent af0f21d744
commit bbbe4738c7
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
authority/provisioner/aws.go
View file

@ -196,14 +196,14 @@ func (p *AWS) GetIdentityToken(subject, caURL string) (string, error) {
var idoc awsInstanceIdentityDocument
doc, err := p.readURL(p.config.identityURL)
if err != nil {
return "", errors.Wrap(err, "error retrieving identity document, are you in an AWS VM?")
return "", errors.Wrap(err, "error retrieving identity document, are you in an AWS VM with IMDSv2 enabled?")
}
if err := json.Unmarshal(doc, &idoc); err != nil {
return "", errors.Wrap(err, "error unmarshaling identity document")
}
sig, err := p.readURL(p.config.signatureURL)
if err != nil {
return "", errors.Wrap(err, "error retrieving identity document signature, are you in an AWS VM?")
return "", errors.Wrap(err, "error retrieving identity document signature, are you in an AWS VM with IMDSv2 enabled?")
}
signature, err := base64.StdEncoding.DecodeString(string(sig))
if err != nil {
@ -358,6 +358,9 @@ func (p *AWS) readURL(url string) ([]byte, error) {
return nil, err
}
defer r.Body.Close()
if r.StatusCode >= 400 {
return nil, fmt.Errorf("HTTP request returned non-successful status code %d", r.StatusCode)
}
b, err := ioutil.ReadAll(r.Body)
if err != nil {
return nil, err
@ -375,6 +378,9 @@ func (p *AWS) readURL(url string) ([]byte, error) {
return nil, err
}
defer r.Body.Close()
if r.StatusCode >= 400 {
return nil, fmt.Errorf("HTTP request returned non-successful status code %d", r.StatusCode)
}
b, err = ioutil.ReadAll(r.Body)
if err != nil {
return nil, err