Merge pull request #2220 from LeftyBC/master
state/remote: Add a boolean flag to http remote that disables cert validity checking (for e.g. self-signed certs)
This commit is contained in:
commit
6649658d62
|
@ -3,11 +3,13 @@ package remote
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/md5"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
func httpFactory(conf map[string]string) (Client, error) {
|
||||
|
@ -24,18 +26,41 @@ func httpFactory(conf map[string]string) (Client, error) {
|
|||
return nil, fmt.Errorf("address must be HTTP or HTTPS")
|
||||
}
|
||||
|
||||
skip_cert_verification := false
|
||||
skip_cert_config_string, ok := conf["skip_cert_verification"]
|
||||
if !ok {
|
||||
// config wasn't specified
|
||||
// use the default - check cert validity
|
||||
} else {
|
||||
skip_cert_verification, err = strconv.ParseBool(skip_cert_config_string)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("skip_cert_verification must be boolean (true/false)")
|
||||
}
|
||||
// skip_cert_verification should now be set to true or false
|
||||
}
|
||||
|
||||
return &HTTPClient{
|
||||
URL: url,
|
||||
URL: url,
|
||||
skipCertVerify: skip_cert_verification,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// HTTPClient is a remote client that stores data in Consul.
|
||||
// HTTPClient is a remote client that stores data in Consul or HTTP REST.
|
||||
type HTTPClient struct {
|
||||
URL *url.URL
|
||||
URL *url.URL
|
||||
skipCertVerify bool
|
||||
}
|
||||
|
||||
func (c *HTTPClient) Get() (*Payload, error) {
|
||||
resp, err := http.Get(c.URL.String())
|
||||
|
||||
// Build the HTTP client
|
||||
tr := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
|
||||
}
|
||||
|
||||
client := &http.Client{Transport: tr}
|
||||
|
||||
resp, err := client.Get(c.URL.String())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -110,7 +135,13 @@ func (c *HTTPClient) Put(data []byte) error {
|
|||
}
|
||||
*/
|
||||
|
||||
// Make the HTTP client and request
|
||||
// Build the HTTP client and request
|
||||
tr := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
|
||||
}
|
||||
|
||||
client := &http.Client{Transport: tr}
|
||||
|
||||
req, err := http.NewRequest("POST", base.String(), bytes.NewReader(data))
|
||||
if err != nil {
|
||||
return fmt.Errorf("Failed to make HTTP request: %s", err)
|
||||
|
@ -122,7 +153,7 @@ func (c *HTTPClient) Put(data []byte) error {
|
|||
req.ContentLength = int64(len(data))
|
||||
|
||||
// Make the request
|
||||
resp, err := http.DefaultClient.Do(req)
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Failed to upload state: %v", err)
|
||||
}
|
||||
|
@ -138,14 +169,19 @@ func (c *HTTPClient) Put(data []byte) error {
|
|||
}
|
||||
|
||||
func (c *HTTPClient) Delete() error {
|
||||
// Make the HTTP request
|
||||
// Build the HTTP request
|
||||
tr := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
|
||||
}
|
||||
|
||||
client := &http.Client{Transport: tr}
|
||||
req, err := http.NewRequest("DELETE", c.URL.String(), nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Failed to make HTTP request: %s", err)
|
||||
}
|
||||
|
||||
// Make the request
|
||||
resp, err := http.DefaultClient.Do(req)
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Failed to delete state: %s", err)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue