middleware/etcd: move NewHTTPTransport to pkg/tls (#769)

This commit is contained in:
Mia Boulay 2017-07-01 16:17:53 -04:00 committed by Miek Gieben
parent 7e97379bc5
commit 7fada97ee3
3 changed files with 44 additions and 23 deletions

View file

@ -2,9 +2,6 @@ package etcd
import (
"crypto/tls"
"net"
"net/http"
"time"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/middleware"
@ -135,7 +132,7 @@ func etcdParse(c *caddy.Controller) (*Etcd, bool, error) {
func newEtcdClient(endpoints []string, cc *tls.Config) (etcdc.KeysAPI, error) {
etcdCfg := etcdc.Config{
Endpoints: endpoints,
Transport: newHTTPSTransport(cc),
Transport: mwtls.NewHTTPSTransport(cc),
}
cli, err := etcdc.New(etcdCfg)
if err != nil {
@ -144,23 +141,4 @@ func newEtcdClient(endpoints []string, cc *tls.Config) (etcdc.KeysAPI, error) {
return etcdc.NewKeysAPI(cli), nil
}
func newHTTPSTransport(cc *tls.Config) etcdc.CancelableTransport {
// this seems like a bad idea but was here in the previous version
if cc != nil {
cc.InsecureSkipVerify = true
}
tr := &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: cc,
}
return tr
}
const defaultEndpoint = "http://localhost:2379"

View file

@ -5,6 +5,9 @@ import (
"crypto/x509"
"fmt"
"io/ioutil"
"net"
"net/http"
"time"
)
// NewTLSConfigFromArgs returns a TLS config based upon the passed
@ -102,3 +105,23 @@ func loadRoots(caPath string) (*x509.CertPool, error) {
}
return roots, nil
}
// NetHTTPSTransport returns an HTTP transport configured using tls.Config
func NewHTTPSTransport(cc *tls.Config) *http.Transport {
// this seems like a bad idea but was here in the previous version
if cc != nil {
cc.InsecureSkipVerify = true
}
tr := &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: cc,
}
return tr
}

View file

@ -79,3 +79,23 @@ func TestNewTLSConfigFromArgs(t *testing.T) {
t.Error("Certificateis should have a single entry when three args passed")
}
}
func TestNewHTTPSTransport(t *testing.T) {
rmFunc, _, _, ca := getPEMFiles(t)
defer rmFunc()
cc, err := NewTLSClientConfig(ca)
if err != nil {
t.Errorf("Failed to create TLSConfig: %s", err)
}
tr := NewHTTPSTransport(cc)
if tr == nil {
t.Errorf("Failed to create https transport with cc")
}
tr = NewHTTPSTransport(nil)
if tr == nil {
t.Errorf("Failed to create https transport without cc")
}
}