If secure or tlsconfig not nil then secure

This commit is contained in:
Asim 2016-01-17 00:33:07 +00:00
parent 48798027d0
commit a6ce435a07
2 changed files with 18 additions and 8 deletions

View File

@ -65,7 +65,13 @@ func init() {
rand.Seed(time.Now().Unix()) rand.Seed(time.Now().Unix())
} }
func newTransport() *http.Transport { func newTransport(config *tls.Config) *http.Transport {
if config == nil {
config = &tls.Config{
InsecureSkipVerify: true,
}
}
t := &http.Transport{ t := &http.Transport{
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{ Dial: (&net.Dialer{
@ -73,9 +79,7 @@ func newTransport() *http.Transport {
KeepAlive: 30 * time.Second, KeepAlive: 30 * time.Second,
}).Dial, }).Dial,
TLSHandshakeTimeout: 10 * time.Second, TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: &tls.Config{ TLSClientConfig: config,
InsecureSkipVerify: true,
},
} }
runtime.SetFinalizer(&t, func(tr **http.Transport) { runtime.SetFinalizer(&t, func(tr **http.Transport) {
(*tr).CloseIdleConnections() (*tr).CloseIdleConnections()
@ -98,7 +102,7 @@ func newHttpBroker(addrs []string, opts ...Option) Broker {
id: "broker-" + uuid.NewUUID().String(), id: "broker-" + uuid.NewUUID().String(),
address: addr, address: addr,
opts: options, opts: options,
c: &http.Client{Transport: newTransport()}, c: &http.Client{Transport: newTransport(options.TLSConfig)},
subscribers: make(map[string][]*httpSubscriber), subscribers: make(map[string][]*httpSubscriber),
unsubscribe: make(chan *httpSubscriber), unsubscribe: make(chan *httpSubscriber),
exit: make(chan chan error), exit: make(chan chan error),
@ -143,7 +147,7 @@ func (h *httpBroker) start() error {
var l net.Listener var l net.Listener
var err error var err error
if h.opts.Secure { if h.opts.Secure || h.opts.TLSConfig != nil {
config := h.opts.TLSConfig config := h.opts.TLSConfig
if config == nil { if config == nil {
cert, err := mls.Certificate(h.address) cert, err := mls.Certificate(h.address)
@ -342,13 +346,19 @@ func (h *httpBroker) Subscribe(topic string, handler Handler, opts ...SubscribeO
id := uuid.NewUUID().String() id := uuid.NewUUID().String()
var secure bool
if h.opts.Secure || h.opts.TLSConfig != nil {
secure = true
}
// register service // register service
node := &registry.Node{ node := &registry.Node{
Id: h.id + "." + id, Id: h.id + "." + id,
Address: host, Address: host,
Port: port, Port: port,
Metadata: map[string]string{ Metadata: map[string]string{
"secure": fmt.Sprintf("%t", h.opts.Secure), "secure": fmt.Sprintf("%t", secure),
}, },
} }

View File

@ -121,7 +121,7 @@ func newConsulRegistry(addrs []string, opts ...Option) Registry {
} }
// requires secure connection? // requires secure connection?
if opt.Secure { if opt.Secure || opt.TLSConfig != nil {
config.Scheme = "https" config.Scheme = "https"
// We're going to support InsecureSkipVerify // We're going to support InsecureSkipVerify
config.HttpClient.Transport = newTransport(opt.TLSConfig) config.HttpClient.Transport = newTransport(opt.TLSConfig)