knative
/
pkg
mirror of https://github.com/knative/pkg.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use `DialTLSContextFunc` instead of `tls.Config` for `NewProxyAutoTLSTransport` (#2842) 

* Use DialTLSContextFunc instead of TLSConf for TLS transport

* Fix comment

* Drop DialWithBackOff from newHTTPSTransport
This commit is contained in:
Kenjiro Nakayama 2023-10-17 00:36:18 +09:00 committed by GitHub
parent 0d0cd4e7db
commit 44a8a5e174
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
network/h2c.go
View File

@ -59,13 +59,11 @@ func newH2CTransport(disableCompression bool) http.RoundTripper {
// newH2Transport constructs a neew H2 transport. That transport will handles HTTPS traffic
// with TLS config.
func newH2Transport(disableCompression bool, tlsConf *tls.Config) http.RoundTripper {
func newH2Transport(disableCompression bool, tlsContext DialTLSContextFunc) http.RoundTripper {
return &http2.Transport{
DisableCompression: disableCompression,
DialTLS: func(netw, addr string, tlsConf *tls.Config) (net.Conn, error) {
return DialTLSWithBackOff(context.Background(),
netw, addr, tlsConf)
DialTLSContext: func(ctx context.Context, network, addr string, cfg *tls.Config) (net.Conn, error) {
return tlsContext(ctx, network, addr)
},
TLSClientConfig: tlsConf,
}
}

15
network/transports.go
View File

@ -127,16 +127,17 @@ func newHTTPTransport(disableKeepAlives, disableCompression bool, maxIdle, maxId
return transport
}
func newHTTPSTransport(disableKeepAlives, disableCompression bool, maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper {
type DialTLSContextFunc func(ctx context.Context, network, addr string) (net.Conn, error)
func newHTTPSTransport(disableKeepAlives, disableCompression bool, maxIdle, maxIdlePerHost int, tlsContext DialTLSContextFunc) http.RoundTripper {
transport := http.DefaultTransport.(*http.Transport).Clone()
transport.DialContext = DialWithBackOff
transport.DisableKeepAlives = disableKeepAlives
transport.MaxIdleConns = maxIdle
transport.MaxIdleConnsPerHost = maxIdlePerHost
transport.ForceAttemptHTTP2 = false
transport.DisableCompression = disableCompression
transport.DialTLSContext = tlsContext
transport.TLSClientConfig = tlsConf
return transport
}
@ -148,11 +149,11 @@ func NewProberTransport() http.RoundTripper {
NewH2CTransport())
}
// NewProxyAutoTLSTransport is same with NewProxyAutoTransport but it has tls.Config to create HTTPS request.
func NewProxyAutoTLSTransport(maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper {
// NewProxyAutoTLSTransport is same with NewProxyAutoTransport but it has DialTLSContextFunc to create HTTPS request.
func NewProxyAutoTLSTransport(maxIdle, maxIdlePerHost int, tlsContext DialTLSContextFunc) http.RoundTripper {
return newAutoTransport(
newHTTPSTransport(false /*disable keep-alives*/, true /*disable auto-compression*/, maxIdle, maxIdlePerHost, tlsConf),
newH2Transport(true /*disable auto-compression*/, tlsConf))
newHTTPSTransport(false /*disable keep-alives*/, true /*disable auto-compression*/, maxIdle, maxIdlePerHost, tlsContext),
newH2Transport(true /*disable auto-compression*/, tlsContext))
}
// NewAutoTransport creates a RoundTripper that can use appropriate transport