feat: add WINRM logic#309
Conversation
|
💬 Discussion in Slack: #pr-review-cli-309-feat-add-winrm-logic Posted by Review Police — reviews, comments, new commits, and CI failures will stream into this channel. |
|
| Filename | Overview |
|---|---|
| packages/gateway-v2/winrm_handler.go | New HTTP mux handler dispatching WinRM operations. Has a silent json.Unmarshal error discard in handleWinrmTest that falls back to plain HTTP, unlike handleWinrmDeliver/Remove. The Insecure TLS flag is request-body-controlled. |
| packages/gateway-v2/winrm/winrm.go | New package implementing WinRM file delivery via PowerShell. Path escaping via psSingleQuote is correct; base64 chunking avoids command-line length limits. No injection vulnerabilities found. |
| packages/gateway-v2/gateway.go | Adds WINRM forward mode and ALPN protocol registration, following the same pattern as ADCS. Host/port pinned to signed X.509 certificate extension — no SSRF risk. |
| packages/gateway-v2/winrm/winrm_transport_test.go | Tests cover transport decorator selection, global parameter mutation guard, and concurrent client creation. Good coverage for the critical transport logic. |
| packages/cmd/relay.go | Adds --organization-slug flag to the relay start command. Straightforward flag registration following the existing pattern. |
| go.mod | Adds github.com/masterzen/winrm and transitive dependencies (bodgit/ntlmssp, simplexml, goxpath). gopkg.in/ini.v1 promoted from indirect to direct. |
Comments Outside Diff (1)
-
packages/gateway-v2/winrm_handler.go, line 837-845 (link)Silent unmarshal failure changes transport security mode
handleWinrmTestdiscards thejson.Unmarshalerror with_ =, so if the control plane sends malformed or unexpected params (e.g."useHttps"with a non-boolean value),tpsilently stays at its zero value (UseHTTPS: false). The test then connects over plain HTTP instead of the intended HTTPS without any indication to the caller.handleWinrmDeliverandhandleWinrmRemoveboth propagate the unmarshal error;handleWinrmTestshould do the same.
Reviews (1): Last reviewed commit: "feat: Add WINRM logic" | Re-trigger Greptile
PR overviewAll previously flagged issues have been addressed. No open security concerns remain on this pull request. Security reviewNo open security issues remain on this pull request. Fixed/addressed: 4 · PR risk: 0/10 |
Description 📣
This PR adds support for delivering certificates to Windows machines over WinRM (Windows Remote Management). Until now, the Infisical gateway could reach Windows-based certificate authorities but couldn't push certificate files directly onto Windows hosts.
With this change, the gateway can securely connect to a Windows machine, verify it's reachable, write certificate files to it, and remove them when needed, all on behalf of Infisical's platform, which sits outside the customer's network and can't talk to those machines directly.
Connections are encrypted end to end (either through Windows' built-in message encryption over standard connections or through TLS for secured ones), and the target machine is always determined by Infisical's signed configuration rather than the request itself, so it can't be pointed at an unintended host.
Type ✨
Tests 🛠️
# Here's some code block to paste some code snippets