Enforce failure for TCP HostSNI with hostname
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
This commit is contained in:
parent
141abce2d5
commit
d94e676083
3 changed files with 4 additions and 0 deletions
|
@ -23,10 +23,12 @@
|
||||||
[tcp.routers.router1]
|
[tcp.routers.router1]
|
||||||
service = "service1"
|
service = "service1"
|
||||||
rule = "HostSNI(`snitest.net`)"
|
rule = "HostSNI(`snitest.net`)"
|
||||||
|
[tcp.routers.router1.tls]
|
||||||
|
|
||||||
[tcp.routers.router2]
|
[tcp.routers.router2]
|
||||||
service = "service2"
|
service = "service2"
|
||||||
rule = "HostSNI(`snitest.com`)"
|
rule = "HostSNI(`snitest.com`)"
|
||||||
|
[tcp.routers.router2.tls]
|
||||||
|
|
||||||
[tcp.services]
|
[tcp.services]
|
||||||
[tcp.services.service1]
|
[tcp.services.service1]
|
||||||
|
|
|
@ -288,6 +288,7 @@ func (m *Manager) addTCPHandlers(ctx context.Context, configs map[string]*runtim
|
||||||
routerErr := fmt.Errorf("invalid rule: %q , has HostSNI matcher, but no TLS on router", routerConfig.Rule)
|
routerErr := fmt.Errorf("invalid rule: %q , has HostSNI matcher, but no TLS on router", routerConfig.Rule)
|
||||||
routerConfig.AddError(routerErr, true)
|
routerConfig.AddError(routerErr, true)
|
||||||
logger.Error(routerErr)
|
logger.Error(routerErr)
|
||||||
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
var handler tcp.Handler
|
var handler tcp.Handler
|
||||||
|
|
|
@ -264,6 +264,7 @@ func TestRuntimeConfiguration(t *testing.T) {
|
||||||
EntryPoints: []string{"web"},
|
EntryPoints: []string{"web"},
|
||||||
Service: "foo-service",
|
Service: "foo-service",
|
||||||
Rule: "HostSNI(`foo.bar`)",
|
Rule: "HostSNI(`foo.bar`)",
|
||||||
|
TLS: &dynamic.RouterTCPTLSConfig{},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue