mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-23 10:45:49 +03:00
proxy: Respect insecure_skip_verify for health check (#1558)
* Respect the 'insecure_skip_verify' for the health check. * WIP: Trying to add a test. Non functional. * Fixing tests. * Creating better error messages. * Optimize two more error messages. * Move the tests into an extra function.
This commit is contained in:
parent
59bf71c293
commit
c0ce2b1d50
2 changed files with 42 additions and 1 deletions
|
@ -13,6 +13,8 @@ import (
|
||||||
"sync/atomic"
|
"sync/atomic"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"crypto/tls"
|
||||||
|
|
||||||
"github.com/mholt/caddy/caddyfile"
|
"github.com/mholt/caddy/caddyfile"
|
||||||
"github.com/mholt/caddy/caddyhttp/httpserver"
|
"github.com/mholt/caddy/caddyhttp/httpserver"
|
||||||
)
|
)
|
||||||
|
@ -112,6 +114,9 @@ func NewStaticUpstreams(c caddyfile.Dispenser) ([]Upstream, error) {
|
||||||
if upstream.HealthCheck.Path != "" {
|
if upstream.HealthCheck.Path != "" {
|
||||||
upstream.HealthCheck.Client = http.Client{
|
upstream.HealthCheck.Client = http.Client{
|
||||||
Timeout: upstream.HealthCheck.Timeout,
|
Timeout: upstream.HealthCheck.Timeout,
|
||||||
|
Transport: &http.Transport{
|
||||||
|
TLSClientConfig: &tls.Config{InsecureSkipVerify: upstream.insecureSkipVerify},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
upstream.wg.Add(1)
|
upstream.wg.Add(1)
|
||||||
go func() {
|
go func() {
|
||||||
|
|
|
@ -279,7 +279,7 @@ func TestParseBlock(t *testing.T) {
|
||||||
for i, test := range tests {
|
for i, test := range tests {
|
||||||
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
|
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Error("Expected no error. Got:", err.Error())
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
||||||
}
|
}
|
||||||
for _, upstream := range upstreams {
|
for _, upstream := range upstreams {
|
||||||
headers := upstream.Select(r).UpstreamHeaders
|
headers := upstream.Select(r).UpstreamHeaders
|
||||||
|
@ -298,3 +298,39 @@ func TestParseBlock(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestHealthSetUp(t *testing.T) {
|
||||||
|
// tests for insecure skip verify
|
||||||
|
isv_tests := []struct {
|
||||||
|
config string
|
||||||
|
flag bool
|
||||||
|
}{
|
||||||
|
// Test #1: without flag
|
||||||
|
{"proxy / localhost:8080 {\n health_check / \n}", false},
|
||||||
|
|
||||||
|
// Test #2: with flag
|
||||||
|
{"proxy / localhost:8080 {\n health_check / \n insecure_skip_verify \n}", true},
|
||||||
|
}
|
||||||
|
|
||||||
|
for i, test := range isv_tests {
|
||||||
|
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
||||||
|
}
|
||||||
|
for _, upstream := range upstreams {
|
||||||
|
staticUpstream, ok := upstream.(*staticUpstream)
|
||||||
|
if !ok {
|
||||||
|
t.Errorf("type mismatch: %#v", upstream)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
transport, ok := staticUpstream.HealthCheck.Client.Transport.(*http.Transport)
|
||||||
|
if !ok {
|
||||||
|
t.Errorf("type mismatch: %#v", staticUpstream.HealthCheck.Client.Transport)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if test.flag != transport.TLSClientConfig.InsecureSkipVerify {
|
||||||
|
t.Errorf("test %d: expected transport.TLSClientCnfig.InsecureSkipVerify=%v, got %v", i, test.flag, transport.TLSClientConfig.InsecureSkipVerify)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue