Fail when TLS is configured and HTTP endpoints are provided (#5771)

This commit is contained in:
Harshavardhana 2018-04-09 19:10:23 -07:00 committed by Nitish Tiwari
parent a706c21f70
commit eb0deabd73
2 changed files with 11 additions and 5 deletions

View File

@ -21,7 +21,6 @@ import (
"context"
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"io"
"net"
@ -198,6 +197,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
}
}
}
// gob doesn't provide any typed errors for us to reflect
// upon, this is the only way to return proper error.
if err != nil && strings.Contains(err.Error(), "gob: wrong type") {
@ -206,6 +206,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
err = errRPCAPIVersionUnsupported
}
break
}
return err
@ -257,7 +258,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
Op: "dial-http",
Net: serverAddr + serviceEndpoint,
Addr: nil,
Err: fmt.Errorf("Unable to parse server address <%s>: %s", serverAddr, err),
Err: fmt.Errorf("Unable to parse server address <%s>/<%s>: %s", serverAddr, serviceEndpoint, err),
}
}
// ServerName in tls.Config needs to be specified to support SNI certificates.
@ -313,7 +314,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
}
if resp.Status != connectSuccessMessage {
conn.Close()
return nil, errors.New("unexpected HTTP response: " + resp.Status)
return nil, fmt.Errorf("Unexpected HTTP response: %s from %s/%s", resp.Status, serverAddr, serviceEndpoint)
}
// Initialize rpc client.

View File

@ -210,8 +210,13 @@ func serverMain(ctx *cli.Context) {
logger.FatalIf(err, "Invalid SSL certificate file")
// Is distributed setup, error out if no certificates are found for HTTPS endpoints.
if globalIsDistXL && globalEndpoints.IsHTTPS() && !globalIsSSL {
logger.FatalIf(errInvalidArgument, "No certificates found for HTTPS endpoints (%s)", globalEndpoints)
if globalIsDistXL {
if globalEndpoints.IsHTTPS() && !globalIsSSL {
logger.FatalIf(errInvalidArgument, "No certificates found, use HTTP endpoints (%s)", globalEndpoints)
}
if !globalEndpoints.IsHTTPS() && globalIsSSL {
logger.FatalIf(errInvalidArgument, "TLS Certificates found, use HTTPS endpoints (%s)", globalEndpoints)
}
}
if !quietFlag {