mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Fail when TLS is configured and HTTP endpoints are provided (#5771)
This commit is contained in:
parent
a706c21f70
commit
eb0deabd73
@ -21,7 +21,6 @@ import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
@ -198,6 +197,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// gob doesn't provide any typed errors for us to reflect
|
||||
// upon, this is the only way to return proper error.
|
||||
if err != nil && strings.Contains(err.Error(), "gob: wrong type") {
|
||||
@ -206,6 +206,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
|
||||
|
||||
err = errRPCAPIVersionUnsupported
|
||||
}
|
||||
|
||||
break
|
||||
}
|
||||
return err
|
||||
@ -257,7 +258,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
|
||||
Op: "dial-http",
|
||||
Net: serverAddr + serviceEndpoint,
|
||||
Addr: nil,
|
||||
Err: fmt.Errorf("Unable to parse server address <%s>: %s", serverAddr, err),
|
||||
Err: fmt.Errorf("Unable to parse server address <%s>/<%s>: %s", serverAddr, serviceEndpoint, err),
|
||||
}
|
||||
}
|
||||
// ServerName in tls.Config needs to be specified to support SNI certificates.
|
||||
@ -313,7 +314,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
|
||||
}
|
||||
if resp.Status != connectSuccessMessage {
|
||||
conn.Close()
|
||||
return nil, errors.New("unexpected HTTP response: " + resp.Status)
|
||||
return nil, fmt.Errorf("Unexpected HTTP response: %s from %s/%s", resp.Status, serverAddr, serviceEndpoint)
|
||||
}
|
||||
|
||||
// Initialize rpc client.
|
||||
|
@ -210,8 +210,13 @@ func serverMain(ctx *cli.Context) {
|
||||
logger.FatalIf(err, "Invalid SSL certificate file")
|
||||
|
||||
// Is distributed setup, error out if no certificates are found for HTTPS endpoints.
|
||||
if globalIsDistXL && globalEndpoints.IsHTTPS() && !globalIsSSL {
|
||||
logger.FatalIf(errInvalidArgument, "No certificates found for HTTPS endpoints (%s)", globalEndpoints)
|
||||
if globalIsDistXL {
|
||||
if globalEndpoints.IsHTTPS() && !globalIsSSL {
|
||||
logger.FatalIf(errInvalidArgument, "No certificates found, use HTTP endpoints (%s)", globalEndpoints)
|
||||
}
|
||||
if !globalEndpoints.IsHTTPS() && globalIsSSL {
|
||||
logger.FatalIf(errInvalidArgument, "TLS Certificates found, use HTTPS endpoints (%s)", globalEndpoints)
|
||||
}
|
||||
}
|
||||
|
||||
if !quietFlag {
|
||||
|
Loading…
Reference in New Issue
Block a user