github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-06-26 15:12:06 +00:00
Code Issues Projects Releases Wiki Activity

Use struct key for TLS cache

Browse Source 
Kubernetes-commit: 5c8fe23722db05dda25a54d4275737af329227eb
This commit is contained in:
Jordan Liggitt 2017-12-04 13:51:29 -06:00 committed by Kubernetes Publisher
parent 6cddcf6b00
commit 60b0546760
1 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
transport/cache.go
View File

@ -31,12 +31,28 @@ import (
// the config has no custom TLS options, http.DefaultTransport is returned.
type tlsTransportCache struct {
mu sync.Mutex
transports map[string]*http.Transport
transports map[tlsCacheKey]*http.Transport
}
const idleConnsPerHost = 25
var tlsCache = &tlsTransportCache{transports: make(map[string]*http.Transport)}
var tlsCache = &tlsTransportCache{transports: make(map[tlsCacheKey]*http.Transport)}
type tlsCacheKey struct {
insecure bool
caData string
certData string
keyData string
serverName string
}
func (t tlsCacheKey) String() string {
keyText := "<none>"
if len(t.keyData) > 0 {
keyText = "<redacted>"
}
return fmt.Sprintf("insecure:%v, caData:%#v, certData:%#v, keyData:%s, serverName:%s", t.insecure, t.caData, t.certData, keyText, t.serverName)
}
func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
key, err := tlsConfigKey(config)
@ -82,11 +98,16 @@ func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
}
// tlsConfigKey returns a unique key for tls.Config objects returned from TLSConfigFor
func tlsConfigKey(c *Config) (string, error) {
func tlsConfigKey(c *Config) (tlsCacheKey, error) {
// Make sure ca/key/cert content is loaded
if err := loadTLSFiles(c); err != nil {
return "", err
return tlsCacheKey{}, err
}
// Only include the things that actually affect the tls.Config
return fmt.Sprintf("%v/%x/%x/%x/%v", c.TLS.Insecure, c.TLS.CAData, c.TLS.CertData, c.TLS.KeyData, c.TLS.ServerName), nil
return tlsCacheKey{
insecure: c.TLS.Insecure,
caData: string(c.TLS.CAData),
certData: string(c.TLS.CertData),
keyData: string(c.TLS.KeyData),
serverName: c.TLS.ServerName,
}, nil
}