Ensure encryption arguments are passed to artifact (#3147)

currently, as `EncryptionArgs` are never passed to the artifact, the artifact defaults to the auto-generated x509 cert at all times. this patch ensures that `EncryptionArgs` are being read from the given spec, and therefore enables custom x509 certificates for encryption. small typo fix included, too.
Velocidex · Dec 7, 2023 · 8a3da80 · 8a3da80
1 parent beec682
commit 8a3da80
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/artifacts/definitions/Server/Utils/CreateCollector.yaml b/artifacts/definitions/Server/Utils/CreateCollector.yaml
@@ -413,7 +413,7 @@ sources:
       )
 
       LET use_server_cert = encryption_scheme =~ "x509"
-         AND NOT encryption_args.public_key =~ "----BEGIN CERTIFICATE-----"
+         AND NOT encryption_args.public_key =~ "-----BEGIN CERTIFICATE-----"
          AND log(message="Pubkey encryption specified, but no cert/key provided. Defaulting to server frontend cert")
 
       -- For x509, if no public key cert is specified, we use the

diff --git a/bin/offline.go b/bin/offline.go
@@ -177,6 +177,7 @@ SELECT * FROM Artifact.Server.Utils.CreateCollector(
    target=Spec.Target,
    target_args=Spec.TargetArgs,
    encryption_scheme=Spec.EncryptionScheme,
+   encryption_args=Spec.EncryptionArgs,
    opt_verbose=Spec.OptVerbose,
    opt_banner=Spec.OptBanner,
    opt_prompt=Spec.OptPrompt,