MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-04-08 21:55:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fail when TLS is configured and HTTP endpoints are provided (#5771)

Browse Source
This commit is contained in:
Harshavardhana 2018-04-09 19:10:23 -07:00 committed by Nitish Tiwari
parent a706c21f70
commit eb0deabd73
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/auth-rpc-client.go
View File

@ -21,7 +21,6 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"errors"
"fmt" "fmt"
"io" "io"
"net" "net"
@ -198,6 +197,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
} }
} }
} }
// gob doesn't provide any typed errors for us to reflect // gob doesn't provide any typed errors for us to reflect
// upon, this is the only way to return proper error. // upon, this is the only way to return proper error.
if err != nil && strings.Contains(err.Error(), "gob: wrong type") { if err != nil && strings.Contains(err.Error(), "gob: wrong type") {
@ -206,6 +206,7 @@ func (authClient *AuthRPCClient) Call(serviceMethod string, args interface {
err = errRPCAPIVersionUnsupported err = errRPCAPIVersionUnsupported
} }
break break
} }
return err return err
@ -257,7 +258,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
Op: "dial-http", Op: "dial-http",
Net: serverAddr + serviceEndpoint, Net: serverAddr + serviceEndpoint,
Addr: nil, Addr: nil,
Err: fmt.Errorf("Unable to parse server address <%s>: %s", serverAddr, err), Err: fmt.Errorf("Unable to parse server address <%s>/<%s>: %s", serverAddr, serviceEndpoint, err),
} }
} }
// ServerName in tls.Config needs to be specified to support SNI certificates. // ServerName in tls.Config needs to be specified to support SNI certificates.
@ -313,7 +314,7 @@ func rpcDial(serverAddr, serviceEndpoint string, secureConn bool) (netRPCClient
} }
if resp.Status != connectSuccessMessage { if resp.Status != connectSuccessMessage {
conn.Close() conn.Close()
return nil, errors.New("unexpected HTTP response: " + resp.Status) return nil, fmt.Errorf("Unexpected HTTP response: %s from %s/%s", resp.Status, serverAddr, serviceEndpoint)
} }
// Initialize rpc client. // Initialize rpc client.

9
cmd/server-main.go
View File

@ -210,8 +210,13 @@ func serverMain(ctx *cli.Context) {
logger.FatalIf(err, "Invalid SSL certificate file") logger.FatalIf(err, "Invalid SSL certificate file")
// Is distributed setup, error out if no certificates are found for HTTPS endpoints. // Is distributed setup, error out if no certificates are found for HTTPS endpoints.
if globalIsDistXL && globalEndpoints.IsHTTPS() && !globalIsSSL { if globalIsDistXL {
logger.FatalIf(errInvalidArgument, "No certificates found for HTTPS endpoints (%s)", globalEndpoints) if globalEndpoints.IsHTTPS() && !globalIsSSL {
logger.FatalIf(errInvalidArgument, "No certificates found, use HTTP endpoints (%s)", globalEndpoints)
}
if !globalEndpoints.IsHTTPS() && globalIsSSL {
logger.FatalIf(errInvalidArgument, "TLS Certificates found, use HTTPS endpoints (%s)", globalEndpoints)
}
} }
if !quietFlag { if !quietFlag {