shaba/traefik
1
0
Fork 0
mirror of https://github.com/containous/traefik.git synced 2025-09-01 13:58:36 +03:00
Code Releases Activity

Enforce failure for TCP HostSNI with hostname

Browse Source 
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
This commit is contained in:
Baptiste Mayelle
2024-03-25 11:08:04 +01:00
committed by GitHub
parent 141abce2d5
commit d94e676083
3 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
integration/fixtures/tcp/service_errors.toml
View File

@ -23,10 +23,12 @@
[tcp.routers.router1] [tcp.routers.router1]
service = "service1" service = "service1"
rule = "HostSNI(`snitest.net`)" rule = "HostSNI(`snitest.net`)"
[tcp.routers.router1.tls]
[tcp.routers.router2] [tcp.routers.router2]
service = "service2" service = "service2"
rule = "HostSNI(`snitest.com`)" rule = "HostSNI(`snitest.com`)"
[tcp.routers.router2.tls]
[tcp.services] [tcp.services]
[tcp.services.service1] [tcp.services.service1]

1
pkg/server/router/tcp/manager.go
View File

@ -288,6 +288,7 @@ func (m *Manager) addTCPHandlers(ctx context.Context, configs map[string]*runtim
routerErr := fmt.Errorf("invalid rule: %q , has HostSNI matcher, but no TLS on router", routerConfig.Rule) routerErr := fmt.Errorf("invalid rule: %q , has HostSNI matcher, but no TLS on router", routerConfig.Rule)
routerConfig.AddError(routerErr, true) routerConfig.AddError(routerErr, true)
logger.Error(routerErr) logger.Error(routerErr)
continue
} }
var handler tcp.Handler var handler tcp.Handler

1
pkg/server/router/tcp/manager_test.go
View File

@ -264,6 +264,7 @@ func TestRuntimeConfiguration(t *testing.T) {
EntryPoints: []string{"web"}, EntryPoints: []string{"web"},
Service: "foo-service", Service: "foo-service",
Rule: "HostSNI(`foo.bar`)", Rule: "HostSNI(`foo.bar`)",
TLS: &dynamic.RouterTCPTLSConfig{},
}, },
}, },
}, },