github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-06-27 07:28:14 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #56415 from liggitt/tls-cache-key

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 56094, 52910, 55953, 56405, 56415). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Include ServerName in tls transport cache key

Fixes #56385

```release-note
Fixes server name verification of aggregated API servers and webhook admission endpoints
```

Kubernetes-commit: a46153e2f988382535aaf27a5a90b13b6c10712b
This commit is contained in:
Kubernetes Publisher 2017-11-27 16:04:31 -08:00
commit 84b6352f98
3 changed files with 723 additions and 709 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
Godeps/Godeps.json generated
View File

@ -488,215 +488,215 @@
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/equality", "ImportPath": "k8s.io/apimachinery/pkg/api/equality",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/errors", "ImportPath": "k8s.io/apimachinery/pkg/api/errors",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/meta", "ImportPath": "k8s.io/apimachinery/pkg/api/meta",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/resource", "ImportPath": "k8s.io/apimachinery/pkg/api/resource",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/testing", "ImportPath": "k8s.io/apimachinery/pkg/api/testing",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/testing/fuzzer", "ImportPath": "k8s.io/apimachinery/pkg/api/testing/fuzzer",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/api/testing/roundtrip", "ImportPath": "k8s.io/apimachinery/pkg/api/testing/roundtrip",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apimachinery", "ImportPath": "k8s.io/apimachinery/pkg/apimachinery",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apimachinery/announced", "ImportPath": "k8s.io/apimachinery/pkg/apimachinery/announced",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apimachinery/registered", "ImportPath": "k8s.io/apimachinery/pkg/apimachinery/registered",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/fuzzer", "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/fuzzer",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/internalversion", "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/internalversion",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1", "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured", "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1alpha1", "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1alpha1",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/conversion", "ImportPath": "k8s.io/apimachinery/pkg/conversion",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/conversion/queryparams", "ImportPath": "k8s.io/apimachinery/pkg/conversion/queryparams",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/fields", "ImportPath": "k8s.io/apimachinery/pkg/fields",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/labels", "ImportPath": "k8s.io/apimachinery/pkg/labels",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime", "ImportPath": "k8s.io/apimachinery/pkg/runtime",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/schema", "ImportPath": "k8s.io/apimachinery/pkg/runtime/schema",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/json", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/json",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/protobuf", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/protobuf",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/recognizer", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/recognizer",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/streaming", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/streaming",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/versioning", "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/versioning",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/selection", "ImportPath": "k8s.io/apimachinery/pkg/selection",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/types", "ImportPath": "k8s.io/apimachinery/pkg/types",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/cache", "ImportPath": "k8s.io/apimachinery/pkg/util/cache",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/clock", "ImportPath": "k8s.io/apimachinery/pkg/util/clock",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/diff", "ImportPath": "k8s.io/apimachinery/pkg/util/diff",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/errors", "ImportPath": "k8s.io/apimachinery/pkg/util/errors",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/framer", "ImportPath": "k8s.io/apimachinery/pkg/util/framer",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/httpstream", "ImportPath": "k8s.io/apimachinery/pkg/util/httpstream",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/httpstream/spdy", "ImportPath": "k8s.io/apimachinery/pkg/util/httpstream/spdy",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/intstr", "ImportPath": "k8s.io/apimachinery/pkg/util/intstr",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/json", "ImportPath": "k8s.io/apimachinery/pkg/util/json",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/mergepatch", "ImportPath": "k8s.io/apimachinery/pkg/util/mergepatch",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/net", "ImportPath": "k8s.io/apimachinery/pkg/util/net",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/remotecommand", "ImportPath": "k8s.io/apimachinery/pkg/util/remotecommand",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/runtime", "ImportPath": "k8s.io/apimachinery/pkg/util/runtime",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/sets", "ImportPath": "k8s.io/apimachinery/pkg/util/sets",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/strategicpatch", "ImportPath": "k8s.io/apimachinery/pkg/util/strategicpatch",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/validation", "ImportPath": "k8s.io/apimachinery/pkg/util/validation",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/validation/field", "ImportPath": "k8s.io/apimachinery/pkg/util/validation/field",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/wait", "ImportPath": "k8s.io/apimachinery/pkg/util/wait",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/util/yaml", "ImportPath": "k8s.io/apimachinery/pkg/util/yaml",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/version", "ImportPath": "k8s.io/apimachinery/pkg/version",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/pkg/watch", "ImportPath": "k8s.io/apimachinery/pkg/watch",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/json", "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/json",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/netutil", "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/netutil",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect", "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect",
"Rev": "a04e753f5223cf882db01ac64212682ea28767b4" "Rev": "65ea0794289ccbf04d9145bb1d7b57dc8127ebb6"
}, },
{ {
"ImportPath": "k8s.io/kube-openapi/pkg/common", "ImportPath": "k8s.io/kube-openapi/pkg/common",

2
transport/cache.go
View File

@ -88,5 +88,5 @@ func tlsConfigKey(c *Config) (string, error) {
return "", err return "", err
} }
// Only include the things that actually affect the tls.Config // Only include the things that actually affect the tls.Config
return fmt.Sprintf("%v/%x/%x/%x", c.TLS.Insecure, c.TLS.CAData, c.TLS.CertData, c.TLS.KeyData), nil return fmt.Sprintf("%v/%x/%x/%x/%v", c.TLS.Insecure, c.TLS.CAData, c.TLS.CertData, c.TLS.KeyData, c.TLS.ServerName), nil
} }

14
transport/cache_test.go
View File

@ -62,6 +62,20 @@ func TestTLSConfigKey(t *testing.T) {
KeyData: []byte{1}, KeyData: []byte{1},
}, },
}, },
"cert 1, key 1, servername 1": {
TLS: TLSConfig{
CertData: []byte{1},
KeyData: []byte{1},
ServerName: "1",
},
},
"cert 1, key 1, servername 2": {
TLS: TLSConfig{
CertData: []byte{1},
KeyData: []byte{1},
ServerName: "2",
},
},
"cert 1, key 2": { "cert 1, key 2": {
TLS: TLSConfig{ TLS: TLSConfig{
CertData: []byte{1}, CertData: []byte{1},