From 7c99874c7a3e7a89716f3ee0cdf696532e35ae35 Mon Sep 17 00:00:00 2001
From: Bob Long <robertjflong@gmail.com>
Date: Tue, 17 Oct 2017 14:00:37 +0100
Subject:  Support a message to be passed and logged from client to server
 (#67)

* Support a message to be passed and logged from client to server
---
 client/client.go      | 8 +++++---
 client/client_test.go | 4 ++--
 2 files changed, 7 insertions(+), 5 deletions(-)

(limited to 'client')

diff --git a/client/client.go b/client/client.go
index 8ebe29a..31b6cb7 100644
--- a/client/client.go
+++ b/client/client.go
@@ -50,7 +50,7 @@ func SavePrivateFiles(prefix string, cert *ssh.Certificate, key Key) error {
 		return nil
 	}
 	_prefix := prefix + "/id_" + cert.KeyId
-	pemBlock, err := pemBlockForKey(key);
+	pemBlock, err := pemBlockForKey(key)
 	if err != nil {
 		return err
 	}
@@ -117,7 +117,7 @@ func send(s []byte, token, ca string, ValidateTLSCertificate bool) (*lib.SignRes
 }
 
 // Sign sends the public key to the CA to be signed.
-func Sign(pub ssh.PublicKey, token string, conf *Config) (*ssh.Certificate, error) {
+func Sign(pub ssh.PublicKey, token string, message string, conf *Config) (*ssh.Certificate, error) {
 	validity, err := time.ParseDuration(conf.Validity)
 	if err != nil {
 		return nil, err
@@ -125,6 +125,7 @@ func Sign(pub ssh.PublicKey, token string, conf *Config) (*ssh.Certificate, erro
 	s, err := json.Marshal(&lib.SignRequest{
 		Key:        string(lib.GetPublicKey(pub)),
 		ValidUntil: time.Now().Add(validity),
+		Message:    message,
 	})
 	if err != nil {
 		return nil, errors.Wrap(err, "unable to create sign request")
@@ -148,7 +149,7 @@ func Sign(pub ssh.PublicKey, token string, conf *Config) (*ssh.Certificate, erro
 }
 
 // RPCSign sends the public key to the CA to be signed.
-func RPCSign(pub ssh.PublicKey, token string, conf *Config) (*ssh.Certificate, error) {
+func RPCSign(pub ssh.PublicKey, token string, message string, conf *Config) (*ssh.Certificate, error) {
 	var opts []grpc.DialOption
 	var srv string
 	if strings.HasPrefix(conf.CA, "https://") {
@@ -175,6 +176,7 @@ func RPCSign(pub ssh.PublicKey, token string, conf *Config) (*ssh.Certificate, e
 	req := &proto.SignRequest{
 		Key:        lib.GetPublicKey(pub),
 		ValidUntil: ts,
+		Message:    message,
 	}
 	md := metadata.New(map[string]string{
 		"security": "authorization",
diff --git a/client/client_test.go b/client/client_test.go
index 713b2d5..fddd543 100644
--- a/client/client_test.go
+++ b/client/client_test.go
@@ -79,7 +79,7 @@ func TestSignGood(t *testing.T) {
 		CA:       ts.URL,
 		Validity: "24h",
 	}
-	cert, err := Sign(k, "token", c)
+	cert, err := Sign(k, "token", "message", c)
 	if cert == nil && err != nil {
 		t.Error(err)
 	}
@@ -107,7 +107,7 @@ func TestSignBad(t *testing.T) {
 		CA:       ts.URL,
 		Validity: "24h",
 	}
-	cert, err := Sign(k, "token", c)
+	cert, err := Sign(k, "token", "message", c)
 	if cert != nil && err == nil {
 		t.Error(err)
 	}
-- 
cgit v1.2.3