Compute priority for https forwarder TLS routes

This commit is contained in:
Romain 2023-12-08 16:42:05 +01:00 committed by GitHub
parent 6858dbdd07
commit d51a2ce487
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 3 deletions

View file

@ -266,9 +266,8 @@ func (r *Router) SetHTTPSForwarder(handler tcp.Handler) {
}
}
// muxerHTTPS only contains single HostSNI rules (and no other kind of rules),
// so there's no need for specifying a priority for them.
if err := r.muxerHTTPS.AddRoute("HostSNI(`"+sniHost+"`)", 0, tcpHandler); err != nil {
rule := "HostSNI(`" + sniHost + "`)"
if err := r.muxerHTTPS.AddRoute(rule, tcpmuxer.GetRulePriority(rule), tcpHandler); err != nil {
log.Error().Err(err).Msg("Error while adding route for host")
}
}

View file

@ -494,6 +494,21 @@ func Test_Routing(t *testing.T) {
},
},
},
{
desc: "HTTPS router && HTTPS CatchAll router",
routers: []applyRouter{routerHTTPS, routerHTTPSPathPrefix},
checks: []checkCase{
{
desc: "HTTPS TLS 1.0 request should fail",
checkRouter: checkHTTPSTLS10,
expectedError: "wrong TLS version",
},
{
desc: "HTTPS TLS 1.2 request should be handled by HTTPS service",
checkRouter: checkHTTPSTLS12,
},
},
},
{
desc: "All routers, all checks",
routers: []applyRouter{routerTCPCatchAll, routerHTTP, routerHTTPS, routerTCPTLS, routerTCPTLSCatchAll},