Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

pkg/transport: fix downgrade https to http bug in transport

Browse Source 
If the TLS config is empty, etcd downgrades https to http without a warning.
This commit avoid the downgrade and stoping etcd from bootstrap if it cannot
listen on TLS.
This commit is contained in:
Xiang Li
2015-03-06 10:42:23 -08:00
parent 964c61916d
commit 3c9581adde
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/transport/listener.go
View File

@@ -31,7 +31,10 @@ func NewListener(addr string, scheme string, info TLSInfo) (net.Listener, error)
return nil, err
}
if !info.Empty() && scheme == "https" {
if scheme == "https" {
if info.Empty() {
return nil, fmt.Errorf("cannot listen on TLS for %s: KeyFile and CertFile are not presented", scheme+"://"+addr)
}
cfg, err := info.ServerConfig()
if err != nil {
return nil, err

7
pkg/transport/listener_test.go
View File

@@ -70,6 +70,13 @@ func TestNewListenerTLSInfo(t *testing.T) {
}
}
func TestNewListenerTLSEmptyInfo(t *testing.T) {
_, err := NewListener("127.0.0.1:0", "https", TLSInfo{})
if err == nil {
t.Errorf("err = nil, want not presented error")
}
}
func TestNewListenerTLSInfoNonexist(t *testing.T) {
tlsInfo := TLSInfo{CertFile: "@badname", KeyFile: "@badname"}
_, err := NewListener("127.0.0.1:0", "https", tlsInfo)