diff --git a/acme/acme.go b/acme/acme.go index 63276abad..06e5c116f 100644 --- a/acme/acme.go +++ b/acme/acme.go @@ -107,7 +107,7 @@ func (a *ACME) init() error { return err } a.defaultCertificate = cert - // TODO: to remove in the futurs + // TODO: to remove in the future if len(a.StorageFile) > 0 && len(a.Storage) == 0 { log.Warn("ACME.StorageFile is deprecated, use ACME.Storage instead") a.Storage = a.StorageFile diff --git a/integration/access_log_test.go b/integration/access_log_test.go index 175edeace..cb1ab8896 100644 --- a/integration/access_log_test.go +++ b/integration/access_log_test.go @@ -40,8 +40,8 @@ func (s *AccessLogSuite) TestAccessLog(c *check.C) { defer os.Remove(traefikTestLogFile) err = try.Do(1*time.Second, func() error { - if _, err := os.Stat(traefikTestLogFile); err != nil { - return fmt.Errorf("could not get stats for log file: %s", err) + if _, errStat := os.Stat(traefikTestLogFile); errStat != nil { + return fmt.Errorf("could not get stats for log file: %s", errStat) } return nil }) diff --git a/integration/acme_test.go b/integration/acme_test.go index 52326f7ca..7a7c31604 100644 --- a/integration/acme_test.go +++ b/integration/acme_test.go @@ -140,8 +140,8 @@ func (s *AcmeSuite) retrieveAcmeCertificate(c *check.C, testCase AcmeTestCase) { // wait for traefik (generating acme account take some seconds) err = try.Do(90*time.Second, func() error { - _, err := client.Get("https://127.0.0.1:5001") - return err + _, errGet := client.Get("https://127.0.0.1:5001") + return errGet }) c.Assert(err, checker.IsNil) diff --git a/integration/constraint_test.go b/integration/constraint_test.go index dd2968584..e15dbd6d3 100644 --- a/integration/constraint_test.go +++ b/integration/constraint_test.go @@ -36,10 +36,10 @@ func (s *ConstraintSuite) SetUpSuite(c *check.C) { // Wait for consul to elect itself leader err = try.Do(3*time.Second, func() error { - leader, err := consulClient.Status().Leader() + leader, errLeader := consulClient.Status().Leader() - if err != nil || len(leader) == 0 { - return fmt.Errorf("Leader not found. %v", err) + if errLeader != nil || len(leader) == 0 { + return fmt.Errorf("leader not found. %v", errLeader) } return nil diff --git a/integration/consul_test.go b/integration/consul_test.go index 86fbadaab..f55340617 100644 --- a/integration/consul_test.go +++ b/integration/consul_test.go @@ -655,6 +655,7 @@ func (s *ConsulSuite) TestSNIDynamicTlsConfig(c *check.C) { req.Header.Set("Host", tr2.TLSClientConfig.ServerName) req.Header.Set("Accept", "*/*") resp, err = client.Do(req) + c.Assert(err, checker.IsNil) cn = resp.TLS.PeerCertificates[0].Subject.CommonName c.Assert(cn, checker.Equals, "snitest.org") } diff --git a/integration/etcd3_test.go b/integration/etcd3_test.go index 48645ac4a..24af22f30 100644 --- a/integration/etcd3_test.go +++ b/integration/etcd3_test.go @@ -573,6 +573,7 @@ func (s *Etcd3Suite) TestSNIDynamicTlsConfig(c *check.C) { req.Header.Set("Host", tr2.TLSClientConfig.ServerName) req.Header.Set("Accept", "*/*") resp, err = client.Do(req) + c.Assert(err, checker.IsNil) cn = resp.TLS.PeerCertificates[0].Subject.CommonName c.Assert(cn, checker.Equals, "snitest.org") } diff --git a/integration/etcd_test.go b/integration/etcd_test.go index 29cc02498..e435da7dc 100644 --- a/integration/etcd_test.go +++ b/integration/etcd_test.go @@ -589,6 +589,7 @@ func (s *EtcdSuite) TestSNIDynamicTlsConfig(c *check.C) { req.Header.Set("Host", tr2.TLSClientConfig.ServerName) req.Header.Set("Accept", "*/*") resp, err = client.Do(req) + c.Assert(err, checker.IsNil) cn = resp.TLS.PeerCertificates[0].Subject.CommonName c.Assert(cn, checker.Equals, "snitest.org") } diff --git a/integration/grpc_test.go b/integration/grpc_test.go index 1deb611f1..24971a727 100644 --- a/integration/grpc_test.go +++ b/integration/grpc_test.go @@ -189,6 +189,7 @@ func (s *GRPCSuite) TestGRPCBuffer(c *check.C) { stopStreamExample := make(chan bool) defer func() { stopStreamExample <- true }() lis, err := net.Listen("tcp", ":0") + c.Assert(err, check.IsNil) _, port, err := net.SplitHostPort(lis.Addr().String()) c.Assert(err, check.IsNil) diff --git a/integration/websocket_test.go b/integration/websocket_test.go index 6cc9c8f47..509d9cc33 100644 --- a/integration/websocket_test.go +++ b/integration/websocket_test.go @@ -282,6 +282,7 @@ func (s *WebsocketSuite) TestSSLTermination(c *check.C) { //Add client self-signed cert roots := x509.NewCertPool() certContent, err := ioutil.ReadFile("./resources/tls/local.cert") + c.Assert(err, checker.IsNil) roots.AppendCertsFromPEM(certContent) gorillawebsocket.DefaultDialer.TLSClientConfig = &tls.Config{ RootCAs: roots, @@ -489,6 +490,7 @@ func (s *WebsocketSuite) TestSSLhttp2(c *check.C) { //Add client self-signed cert roots := x509.NewCertPool() certContent, err := ioutil.ReadFile("./resources/tls/local.cert") + c.Assert(err, checker.IsNil) roots.AppendCertsFromPEM(certContent) gorillawebsocket.DefaultDialer.TLSClientConfig = &tls.Config{ RootCAs: roots, diff --git a/metrics/influxdb.go b/metrics/influxdb.go index 463ea2fa4..4ab029a6d 100644 --- a/metrics/influxdb.go +++ b/metrics/influxdb.go @@ -46,11 +46,6 @@ func RegisterInfluxDB(config *types.InfluxDB) Registry { // initInfluxDBTicker initializes metrics pusher and creates a influxDBClient if not created already func initInfluxDBTicker(config *types.InfluxDB) *time.Ticker { - address := config.Address - if len(address) == 0 { - address = "localhost:8089" - } - pushInterval, err := time.ParseDuration(config.PushInterval) if err != nil { log.Warnf("Unable to parse %s into pushInterval, using 10s as default value", config.PushInterval) diff --git a/provider/kv/kv.go b/provider/kv/kv.go index 6d5e4d0f9..aaeced042 100644 --- a/provider/kv/kv.go +++ b/provider/kv/kv.go @@ -134,7 +134,7 @@ func (p *Provider) loadConfig() *types.Configuration { templateObjects := struct { Prefix string }{ - // Allow `/traefik/alias` to superesede `p.Prefix` + // Allow `/traefik/alias` to supersede `p.Prefix` strings.TrimSuffix(p.get(p.Prefix, p.Prefix+"/alias"), "/"), } diff --git a/provider/provider.go b/provider/provider.go index cf281d0b5..eec8c7a91 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -31,7 +31,7 @@ type BaseProvider struct { DebugLogGeneratedTemplate bool `description:"Enable debug logging of generated configuration template." export:"true"` } -// MatchConstraints must match with EVERY single contraint +// MatchConstraints must match with EVERY single constraint // returns first constraint that do not match or nil func (p *BaseProvider) MatchConstraints(tags []string) (bool, *types.Constraint) { // if there is no tags and no constraints, filtering is disabled @@ -116,6 +116,7 @@ func split(sep, s string) []string { } // Normalize transform a string that work with the rest of traefik +// Replace '.' with '-' in quoted keys because of this issue https://github.com/BurntSushi/toml/issues/78 func Normalize(name string) string { fargs := func(c rune) bool { return !unicode.IsLetter(c) && !unicode.IsNumber(c) diff --git a/provider/provider_test.go b/provider/provider_test.go index a85c3e8b8..3e52f3cb5 100644 --- a/provider/provider_test.go +++ b/provider/provider_test.go @@ -464,6 +464,45 @@ func TestBaseProvider_GetConfiguration(t *testing.T) { } } +func TestNormalize(t *testing.T) { + testCases := []struct { + desc string + name string + expected string + }{ + { + desc: "without special chars", + name: "foobar", + expected: "foobar", + }, + { + desc: "with special chars", + name: "foo.foo.foo;foo:foo!foo/foo\\foo)foo_123-ç_àéè", + expected: "foo-foo-foo-foo-foo-foo-foo-foo-foo-123-ç-àéè", + }, + { + desc: "starts with special chars", + name: ".foo.foo", + expected: "foo-foo", + }, + { + desc: "ends with special chars", + name: "foo.foo.", + expected: "foo-foo", + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + actual := Normalize(test.name) + assert.Equal(t, test.expected, actual) + }) + } +} + func readTemplateFile(t *testing.T, path string) string { t.Helper() expectedContent, err := ioutil.ReadFile(path) diff --git a/server/header_rewriter.go b/server/header_rewriter.go index aebd9fcb7..17c5a4257 100644 --- a/server/header_rewriter.go +++ b/server/header_rewriter.go @@ -5,6 +5,7 @@ import ( "net/http" "os" + "github.com/containous/traefik/log" "github.com/containous/traefik/whitelist" "github.com/vulcand/oxy/forward" ) @@ -39,10 +40,18 @@ type headerRewriter struct { func (h *headerRewriter) Rewrite(req *http.Request) { clientIP, _, err := net.SplitHostPort(req.RemoteAddr) if err != nil { + log.Error(err) h.secureRewriter.Rewrite(req) + return } authorized, _, err := h.ips.Contains(clientIP) + if err != nil { + log.Error(err) + h.secureRewriter.Rewrite(req) + return + } + if h.insecure || authorized { h.secureRewriter.Rewrite(req) } else { diff --git a/server/server.go b/server/server.go index 21235fec0..1300fddb7 100644 --- a/server/server.go +++ b/server/server.go @@ -1133,6 +1133,9 @@ func (s *Server) loadConfig(configurations types.Configurations, globalConfigura } regex, replacement, err := s.buildRedirect(proto, entryPoint) + if err != nil { + log.Fatalf("Error creating Frontend Redirect: %v", err) + } rewrite, err := middlewares.NewRewrite(regex, replacement, true) if err != nil { log.Fatalf("Error creating Frontend Redirect: %v", err) @@ -1298,6 +1301,9 @@ func (s *Server) loadEntryPointConfig(entryPointName string, entryPoint *configu protocol = "https" } regex, replacement, err = s.buildRedirect(protocol, entryPoint) + if err != nil { + return nil, err + } } rewrite, err := middlewares.NewRewrite(regex, replacement, true) if err != nil {