proxy: Fixed #1484, websockets with h2 disabled (#1488)

* Fixed #1484

Fixed a nil pointer runtime error in newConnHijackerTransport,
where the access to the TLSClientConfig did not check for nil values.

* Minor improvement to UseInsecureTransport

This prevents overwriting a possibly preexisting TLSClientConfig,
even though only a single field should be changed.
This commit is contained in:
Leonard Hecker 2017-03-10 18:41:37 +01:00 committed by Matt Holt
parent 9e4eeb4fb7
commit 5a41e8bc1a

View file

@ -224,7 +224,10 @@ func (rp *ReverseProxy) UseInsecureTransport() {
} }
rp.Transport = transport rp.Transport = transport
} else if transport, ok := rp.Transport.(*http.Transport); ok { } else if transport, ok := rp.Transport.(*http.Transport); ok {
transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} if transport.TLSClientConfig == nil {
transport.TLSClientConfig = &tls.Config{}
}
transport.TLSClientConfig.InsecureSkipVerify = true
// No http2.ConfigureTransport() here. // No http2.ConfigureTransport() here.
// For now this is only added in places where // For now this is only added in places where
// an http.Transport is actually created. // an http.Transport is actually created.
@ -441,7 +444,7 @@ func newConnHijackerTransport(base http.RoundTripper) *connHijackerTransport {
} }
if b, _ := base.(*http.Transport); b != nil { if b, _ := base.(*http.Transport); b != nil {
tlsClientConfig := b.TLSClientConfig tlsClientConfig := b.TLSClientConfig
if tlsClientConfig.NextProtos != nil { if tlsClientConfig != nil && tlsClientConfig.NextProtos != nil {
tlsClientConfig = tlsClientConfig.Clone() tlsClientConfig = tlsClientConfig.Clone()
tlsClientConfig.NextProtos = nil tlsClientConfig.NextProtos = nil
} }