Merge pull request #2220 from LeftyBC/master

state/remote: Add a boolean flag to http remote that disables cert validity checking (for e.g. self-signed certs)
This commit is contained in:
Mitchell Hashimoto 2015-06-07 22:19:31 -07:00
commit 6649658d62
1 changed files with 44 additions and 8 deletions

View File

@ -3,11 +3,13 @@ package remote
import ( import (
"bytes" "bytes"
"crypto/md5" "crypto/md5"
"crypto/tls"
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"io" "io"
"net/http" "net/http"
"net/url" "net/url"
"strconv"
) )
func httpFactory(conf map[string]string) (Client, error) { func httpFactory(conf map[string]string) (Client, error) {
@ -24,18 +26,41 @@ func httpFactory(conf map[string]string) (Client, error) {
return nil, fmt.Errorf("address must be HTTP or HTTPS") return nil, fmt.Errorf("address must be HTTP or HTTPS")
} }
skip_cert_verification := false
skip_cert_config_string, ok := conf["skip_cert_verification"]
if !ok {
// config wasn't specified
// use the default - check cert validity
} else {
skip_cert_verification, err = strconv.ParseBool(skip_cert_config_string)
if err != nil {
return nil, fmt.Errorf("skip_cert_verification must be boolean (true/false)")
}
// skip_cert_verification should now be set to true or false
}
return &HTTPClient{ return &HTTPClient{
URL: url, URL: url,
skipCertVerify: skip_cert_verification,
}, nil }, nil
} }
// HTTPClient is a remote client that stores data in Consul. // HTTPClient is a remote client that stores data in Consul or HTTP REST.
type HTTPClient struct { type HTTPClient struct {
URL *url.URL URL *url.URL
skipCertVerify bool
} }
func (c *HTTPClient) Get() (*Payload, error) { func (c *HTTPClient) Get() (*Payload, error) {
resp, err := http.Get(c.URL.String())
// Build the HTTP client
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
}
client := &http.Client{Transport: tr}
resp, err := client.Get(c.URL.String())
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -110,7 +135,13 @@ func (c *HTTPClient) Put(data []byte) error {
} }
*/ */
// Make the HTTP client and request // Build the HTTP client and request
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
}
client := &http.Client{Transport: tr}
req, err := http.NewRequest("POST", base.String(), bytes.NewReader(data)) req, err := http.NewRequest("POST", base.String(), bytes.NewReader(data))
if err != nil { if err != nil {
return fmt.Errorf("Failed to make HTTP request: %s", err) return fmt.Errorf("Failed to make HTTP request: %s", err)
@ -122,7 +153,7 @@ func (c *HTTPClient) Put(data []byte) error {
req.ContentLength = int64(len(data)) req.ContentLength = int64(len(data))
// Make the request // Make the request
resp, err := http.DefaultClient.Do(req) resp, err := client.Do(req)
if err != nil { if err != nil {
return fmt.Errorf("Failed to upload state: %v", err) return fmt.Errorf("Failed to upload state: %v", err)
} }
@ -138,14 +169,19 @@ func (c *HTTPClient) Put(data []byte) error {
} }
func (c *HTTPClient) Delete() error { func (c *HTTPClient) Delete() error {
// Make the HTTP request // Build the HTTP request
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.skipCertVerify},
}
client := &http.Client{Transport: tr}
req, err := http.NewRequest("DELETE", c.URL.String(), nil) req, err := http.NewRequest("DELETE", c.URL.String(), nil)
if err != nil { if err != nil {
return fmt.Errorf("Failed to make HTTP request: %s", err) return fmt.Errorf("Failed to make HTTP request: %s", err)
} }
// Make the request // Make the request
resp, err := http.DefaultClient.Do(req) resp, err := client.Do(req)
if err != nil { if err != nil {
return fmt.Errorf("Failed to delete state: %s", err) return fmt.Errorf("Failed to delete state: %s", err)
} }