Fix panic in tls manager

This commit is contained in:
Julien Salleyron 2019-06-21 16:32:04 +02:00 committed by Traefiker Bot
parent 69a1817c3f
commit 69cf05df9a
2 changed files with 33 additions and 5 deletions

View file

@ -39,11 +39,12 @@ func (m *Manager) UpdateConfigs(stores map[string]Store, configs map[string]TLS,
m.stores = make(map[string]*CertificateStore) m.stores = make(map[string]*CertificateStore)
for storeName, storeConfig := range m.storesConfig { for storeName, storeConfig := range m.storesConfig {
var err error store, err := buildCertificateStore(storeConfig)
m.stores[storeName], err = buildCertificateStore(storeConfig)
if err != nil { if err != nil {
log.Errorf("Error while creating certificate store %s", storeName) log.Errorf("Error while creating certificate store %s: %v", storeName, err)
continue
} }
m.stores[storeName] = store
} }
storesCertificates := make(map[string]map[string]*tls.Certificate) storesCertificates := make(map[string]map[string]*tls.Certificate)
@ -137,14 +138,14 @@ func buildCertificateStore(tlsStore Store) (*CertificateStore, error) {
if tlsStore.DefaultCertificate != nil { if tlsStore.DefaultCertificate != nil {
cert, err := buildDefaultCertificate(tlsStore.DefaultCertificate) cert, err := buildDefaultCertificate(tlsStore.DefaultCertificate)
if err != nil { if err != nil {
return nil, err return certificateStore, err
} }
certificateStore.DefaultCertificate = cert certificateStore.DefaultCertificate = cert
} else { } else {
log.Debug("No default certificate, generate one") log.Debug("No default certificate, generate one")
cert, err := generate.DefaultCertificate() cert, err := generate.DefaultCertificate()
if err != nil { if err != nil {
return nil, err return certificateStore, err
} }
certificateStore.DefaultCertificate = cert certificateStore.DefaultCertificate = cert
} }

View file

@ -62,3 +62,30 @@ func TestTLSInStore(t *testing.T) {
t.Fatal("got error: default store must have TLS certificates.") t.Fatal("got error: default store must have TLS certificates.")
} }
} }
func TestTLSInvalidStore(t *testing.T) {
dynamicConfigs :=
[]*Configuration{
{
Certificate: &Certificate{
CertFile: localhostCert,
KeyFile: localhostKey,
},
},
}
tlsManager := NewManager()
tlsManager.UpdateConfigs(map[string]Store{
"default": {
DefaultCertificate: &Certificate{
CertFile: "/wrong",
KeyFile: "/wrong",
},
},
}, nil, dynamicConfigs)
certs := tlsManager.GetStore("default").DynamicCerts.Get().(map[string]*tls.Certificate)
if len(certs) == 0 {
t.Fatal("got error: default store must have TLS certificates.")
}
}