Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-10-31 02:27:19 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

proxy: Respect insecure_skip_verify for health check (#1558)

Browse Source 
* Respect the 'insecure_skip_verify' for the health check.

* WIP: Trying to add a test. Non functional.

* Fixing tests.

* Creating better error messages.

* Optimize two more error messages.

* Move the tests into an extra function.
This commit is contained in:
Peer Beckmann 2017-04-03 23:16:32 +02:00 committed by Matt Holt
parent 59bf71c293
commit c0ce2b1d50
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
caddyhttp/proxy/upstream.go
View File

@ -13,6 +13,8 @@ import (
"sync/atomic" "sync/atomic"
"time" "time"
"crypto/tls"
"github.com/mholt/caddy/caddyfile" "github.com/mholt/caddy/caddyfile"
"github.com/mholt/caddy/caddyhttp/httpserver" "github.com/mholt/caddy/caddyhttp/httpserver"
) )
@ -112,6 +114,9 @@ func NewStaticUpstreams(c caddyfile.Dispenser) ([]Upstream, error) {
if upstream.HealthCheck.Path != "" { if upstream.HealthCheck.Path != "" {
upstream.HealthCheck.Client = http.Client{ upstream.HealthCheck.Client = http.Client{
Timeout: upstream.HealthCheck.Timeout, Timeout: upstream.HealthCheck.Timeout,
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: upstream.insecureSkipVerify},
},
} }
upstream.wg.Add(1) upstream.wg.Add(1)
go func() { go func() {

38
caddyhttp/proxy/upstream_test.go
View File

@ -279,7 +279,7 @@ func TestParseBlock(t *testing.T) {
for i, test := range tests { for i, test := range tests {
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config))) upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
if err != nil { if err != nil {
t.Error("Expected no error. Got:", err.Error()) t.Errorf("Expected no error. Got: %s", err.Error())
} }
for _, upstream := range upstreams { for _, upstream := range upstreams {
headers := upstream.Select(r).UpstreamHeaders headers := upstream.Select(r).UpstreamHeaders
@ -298,3 +298,39 @@ func TestParseBlock(t *testing.T) {
} }
} }
} }
func TestHealthSetUp(t *testing.T) {
// tests for insecure skip verify
isv_tests := []struct {
config string
flag bool
}{
// Test #1: without flag
{"proxy / localhost:8080 {\n health_check / \n}", false},
// Test #2: with flag
{"proxy / localhost:8080 {\n health_check / \n insecure_skip_verify \n}", true},
}
for i, test := range isv_tests {
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
if err != nil {
t.Errorf("Expected no error. Got: %s", err.Error())
}
for _, upstream := range upstreams {
staticUpstream, ok := upstream.(*staticUpstream)
if !ok {
t.Errorf("type mismatch: %#v", upstream)
continue
}
transport, ok := staticUpstream.HealthCheck.Client.Transport.(*http.Transport)
if !ok {
t.Errorf("type mismatch: %#v", staticUpstream.HealthCheck.Client.Transport)
continue
}
if test.flag != transport.TLSClientConfig.InsecureSkipVerify {
t.Errorf("test %d: expected transport.TLSClientCnfig.InsecureSkipVerify=%v, got %v", i, test.flag, transport.TLSClientConfig.InsecureSkipVerify)
}
}
}
}