Skip to content

Commit

Permalink
check if Tlsconfig is nil
Browse files Browse the repository at this point in the history
  • Loading branch information
sfc-gh-elinardi committed Oct 18, 2023
1 parent 9752d7e commit 20b6570
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 3 deletions.
7 changes: 4 additions & 3 deletions services/httpoverrpc/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,12 +65,13 @@ func (s *server) Host(ctx context.Context, req *pb.HostHTTPRequest) (*pb.HTTPRep
for _, header := range req.Request.Headers {
httpReq.Header[header.Key] = header.Values
}
client := &http.Client{
Transport: &http.Transport{
client := &http.Client{}
if req.Tlsconfig != nil {
client.Transport = &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: req.Tlsconfig.InsecureSkipVerify,
},
},
}
}
client.CheckRedirect = func(*http.Request, []*http.Request) error { return http.ErrUseLastResponse }

Expand Down
16 changes: 16 additions & 0 deletions services/httpoverrpc/server/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import (
"github.com/Snowflake-Labs/sansshell/services/httpoverrpc"
"github.com/Snowflake-Labs/sansshell/testing/testutil"
"github.com/google/go-cmp/cmp"
"github.com/stretchr/testify/assert"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
"google.golang.org/grpc/test/bufconn"
Expand Down Expand Up @@ -184,6 +185,9 @@ func TestServer(t *testing.T) {
Port: int32(httpPort),
Protocol: "https",
Hostname: "localhost",
Tlsconfig: &httpoverrpc.TLSConfig{
InsecureSkipVerify: true,
},
})
if err != nil {
t.Fatal(err)
Expand Down Expand Up @@ -212,4 +216,16 @@ func TestServer(t *testing.T) {
if !cmp.Equal(got, want, protocmp.Transform()) {
t.Fatalf("want %v, got %v", want, got)
}

// without insecureSkipVerify, should get an error
got, err = client.Host(ctx, &httpoverrpc.HostHTTPRequest{
Request: &httpoverrpc.HTTPRequest{
Method: "POST",
RequestUri: "/register",
},
Port: int32(httpPort),
Protocol: "https",
Hostname: "localhost",
})
assert.ErrorContains(t, err, "failed to verify certificate:")
}

0 comments on commit 20b6570

Please sign in to comment.