Dont modify provided transport

Signed-off-by: Matthias Fehr <matthias@monostream.com>
(cherry picked from commit cab1fc87d4)
release-3.8
Matthias Fehr 3 years ago committed by Matt Farina
parent b216f76899
commit f4276f4526
No known key found for this signature in database
GPG Key ID: 92C44A3D421FF7F9

@ -109,11 +109,13 @@ func NewHTTPGetter(options ...Option) (Getter, error) {
}
func (g *HTTPGetter) httpClient() (*http.Client, error) {
var transport *http.Transport
if g.opts.transport != nil {
transport = g.opts.transport
} else {
return &http.Client{
Transport: g.opts.transport,
Timeout: g.opts.timeout,
}, nil
}
g.once.Do(func() {
g.transport = &http.Transport{
DisableCompression: true,
@ -121,9 +123,6 @@ func (g *HTTPGetter) httpClient() (*http.Client, error) {
}
})
transport = g.transport
}
if (g.opts.certFile != "" && g.opts.keyFile != "") || g.opts.caFile != "" {
tlsConf, err := tlsutil.NewClientTLS(g.opts.certFile, g.opts.keyFile, g.opts.caFile)
if err != nil {
@ -137,21 +136,21 @@ func (g *HTTPGetter) httpClient() (*http.Client, error) {
}
tlsConf.ServerName = sni
transport.TLSClientConfig = tlsConf
g.transport.TLSClientConfig = tlsConf
}
if g.opts.insecureSkipVerifyTLS {
if transport.TLSClientConfig == nil {
transport.TLSClientConfig = &tls.Config{
if g.transport.TLSClientConfig == nil {
g.transport.TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}
} else {
transport.TLSClientConfig.InsecureSkipVerify = true
g.transport.TLSClientConfig.InsecureSkipVerify = true
}
}
client := &http.Client{
Transport: transport,
Transport: g.transport,
Timeout: g.opts.timeout,
}

@ -518,4 +518,15 @@ func TestHTTPTransportOption(t *testing.T) {
if transport1 != transport2 {
t.Fatalf("Expected applied transport to be reused")
}
g = HTTPGetter{}
g.opts.url = "https://localhost"
g.opts.certFile = "testdata/client.crt"
g.opts.keyFile = "testdata/client.key"
g.opts.insecureSkipVerifyTLS = true
g.opts.transport = transport
usedTransport := verifyInsecureSkipVerify(t, &g, "HTTPGetter with 2 way ssl", false)
if usedTransport.TLSClientConfig != nil {
t.Fatal("transport.TLSClientConfig should not be set")
}
}

Loading…
Cancel
Save