homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: do not require a TLS client cert when InsecureSkipVerify is false

Browse source 
Co-authored-by: Tom Moulard <tom.moulard@traefik.io>
This commit is contained in:
Kevin Pollet 2021-10-26 10:54:11 +02:00 committed by GitHub
parent 566b205758
commit d3ff0c2cd4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
21 changed files with 273 additions and 184 deletions
Download patch file Download diff file Expand all files Collapse all files

15
pkg/provider/kubernetes/crd/kubernetes_test.go
View file

@ -9,13 +9,14 @@ import (
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/traefik/paerser/types"
ptypes "github.com/traefik/paerser/types"
"github.com/traefik/traefik/v2/pkg/config/dynamic"
"github.com/traefik/traefik/v2/pkg/provider"
crdfake "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake"
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1"
"github.com/traefik/traefik/v2/pkg/provider/kubernetes/k8s"
"github.com/traefik/traefik/v2/pkg/tls"
"github.com/traefik/traefik/v2/pkg/types"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/intstr"
@ -3243,7 +3244,7 @@ func TestLoadIngressRoutes(t *testing.T) {
"default-forwardauth": {
ForwardAuth: &dynamic.ForwardAuth{
Address: "test.com",
TLS: &dynamic.ClientTLS{
TLS: &types.ClientTLS{
CA: "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----",
Cert: "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----",
Key: "-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----",
@ -3612,17 +3613,17 @@ func TestLoadIngressRoutes(t *testing.T) {
MaxIdleConnsPerHost: 42,
DisableHTTP2: true,
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: types.Duration(42 * time.Second),
ResponseHeaderTimeout: types.Duration(42 * time.Second),
IdleConnTimeout: types.Duration(42 * time.Millisecond),
DialTimeout: ptypes.Duration(42 * time.Second),
ResponseHeaderTimeout: ptypes.Duration(42 * time.Second),
IdleConnTimeout: ptypes.Duration(42 * time.Millisecond),
},
PeerCertURI: "foo://bar",
},
"default-test": {
ServerName: "test",
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: types.Duration(30 * time.Second),
IdleConnTimeout: types.Duration(90 * time.Second),
DialTimeout: ptypes.Duration(30 * time.Second),
IdleConnTimeout: ptypes.Duration(90 * time.Second),
},
},
},