ensure tls server name is used in transport

Kubernetes-commit: 6f657424743e93d064f8975a930941ba73f53110
This commit is contained in:
Jordan Liggitt
2018-04-17 00:59:27 -04:00
committed by Kubernetes Publisher
parent 015563ab58
commit d23614d7ea
2 changed files with 8 additions and 1 deletions

View File

@@ -52,7 +52,7 @@ func New(config *Config) (http.RoundTripper, error) {
// TLSConfigFor returns a tls.Config that will provide the transport level security defined
// by the provided Config. Will return nil if no transport level security is requested.
func TLSConfigFor(c *Config) (*tls.Config, error) {
if !(c.HasCA() || c.HasCertAuth() || c.TLS.Insecure) {
if !(c.HasCA() || c.HasCertAuth() || c.TLS.Insecure || len(c.TLS.ServerName) > 0) {
return nil, nil
}
if c.HasCA() && c.TLS.Insecure {

View File

@@ -101,6 +101,13 @@ func TestNew(t *testing.T) {
Config: &Config{},
},
"server name": {
TLS: true,
Config: &Config{TLS: TLSConfig{
ServerName: "foo",
}},
},
"ca transport": {
TLS: true,
Config: &Config{