mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-07 11:28:48 +03:00
proxy: Respect insecure_skip_verify for health check (#1558)
* Respect the 'insecure_skip_verify' for the health check. * WIP: Trying to add a test. Non functional. * Fixing tests. * Creating better error messages. * Optimize two more error messages. * Move the tests into an extra function.
This commit is contained in:
parent
59bf71c293
commit
c0ce2b1d50
2 changed files with 42 additions and 1 deletions
|
@ -13,6 +13,8 @@ import (
|
|||
"sync/atomic"
|
||||
"time"
|
||||
|
||||
"crypto/tls"
|
||||
|
||||
"github.com/mholt/caddy/caddyfile"
|
||||
"github.com/mholt/caddy/caddyhttp/httpserver"
|
||||
)
|
||||
|
@ -112,6 +114,9 @@ func NewStaticUpstreams(c caddyfile.Dispenser) ([]Upstream, error) {
|
|||
if upstream.HealthCheck.Path != "" {
|
||||
upstream.HealthCheck.Client = http.Client{
|
||||
Timeout: upstream.HealthCheck.Timeout,
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: upstream.insecureSkipVerify},
|
||||
},
|
||||
}
|
||||
upstream.wg.Add(1)
|
||||
go func() {
|
||||
|
|
|
@ -279,7 +279,7 @@ func TestParseBlock(t *testing.T) {
|
|||
for i, test := range tests {
|
||||
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
|
||||
if err != nil {
|
||||
t.Error("Expected no error. Got:", err.Error())
|
||||
t.Errorf("Expected no error. Got: %s", err.Error())
|
||||
}
|
||||
for _, upstream := range upstreams {
|
||||
headers := upstream.Select(r).UpstreamHeaders
|
||||
|
@ -298,3 +298,39 @@ func TestParseBlock(t *testing.T) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestHealthSetUp(t *testing.T) {
|
||||
// tests for insecure skip verify
|
||||
isv_tests := []struct {
|
||||
config string
|
||||
flag bool
|
||||
}{
|
||||
// Test #1: without flag
|
||||
{"proxy / localhost:8080 {\n health_check / \n}", false},
|
||||
|
||||
// Test #2: with flag
|
||||
{"proxy / localhost:8080 {\n health_check / \n insecure_skip_verify \n}", true},
|
||||
}
|
||||
|
||||
for i, test := range isv_tests {
|
||||
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(test.config)))
|
||||
if err != nil {
|
||||
t.Errorf("Expected no error. Got: %s", err.Error())
|
||||
}
|
||||
for _, upstream := range upstreams {
|
||||
staticUpstream, ok := upstream.(*staticUpstream)
|
||||
if !ok {
|
||||
t.Errorf("type mismatch: %#v", upstream)
|
||||
continue
|
||||
}
|
||||
transport, ok := staticUpstream.HealthCheck.Client.Transport.(*http.Transport)
|
||||
if !ok {
|
||||
t.Errorf("type mismatch: %#v", staticUpstream.HealthCheck.Client.Transport)
|
||||
continue
|
||||
}
|
||||
if test.flag != transport.TLSClientConfig.InsecureSkipVerify {
|
||||
t.Errorf("test %d: expected transport.TLSClientCnfig.InsecureSkipVerify=%v, got %v", i, test.flag, transport.TLSClientConfig.InsecureSkipVerify)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue