make spdy.roundtripper usable with UpgradeAwareProxyHandler

pkg/util/httpstream/spdy/roundtripper.go

@@ -72,6 +72,11 @@ func NewSpdyRoundTripper(tlsConfig *tls.Config) *SpdyRoundTripper {
 	return &SpdyRoundTripper{tlsConfig: tlsConfig}
 }
 
+// implements pkg/util/net.TLSClientConfigHolder for proper TLS checking during proxying with a spdy roundtripper
+func (s *SpdyRoundTripper) TLSClientConfig() *tls.Config {
+	return s.tlsConfig
+}
+
 // dial dials the host specified by req, using TLS if appropriate, optionally
 // using a proxy server if one is configured via environment variables.
 func (s *SpdyRoundTripper) dial(req *http.Request) (net.Conn, error) {

pkg/util/net/http.go

@@ -138,6 +138,10 @@ func CloneTLSConfig(cfg *tls.Config) *tls.Config {
 	}
 }
 
+type TLSClientConfigHolder interface {
+	TLSClientConfig() *tls.Config
+}
+
 func TLSClientConfig(transport http.RoundTripper) (*tls.Config, error) {
 	if transport == nil {
 		return nil, nil
@@ -146,6 +150,8 @@ func TLSClientConfig(transport http.RoundTripper) (*tls.Config, error) {
 	switch transport := transport.(type) {
 	case *http.Transport:
 		return transport.TLSClientConfig, nil
+	case TLSClientConfigHolder:
+		return transport.TLSClientConfig(), nil
 	case RoundTripperWrapper:
 		return TLSClientConfig(transport.WrappedRoundTripper())
 	default:

pkg/util/net/http_test.go

@@ -218,3 +218,24 @@ func TestProxierWithNoProxyCIDR(t *testing.T) {
 		}
 	}
 }
+
+type fakeTLSClientConfigHolder struct {
+	called bool
+}
+
+func (f *fakeTLSClientConfigHolder) TLSClientConfig() *tls.Config {
+	f.called = true
+	return nil
+}
+func (f *fakeTLSClientConfigHolder) RoundTrip(*http.Request) (*http.Response, error) {
+	return nil, nil
+}
+
+func TestTLSClientConfigHolder(t *testing.T) {
+	rt := &fakeTLSClientConfigHolder{}
+	TLSClientConfig(rt)
+
+	if !rt.called {
+		t.Errorf("didn't find tls config")
+	}
+}