Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(healthchecks) add support for HTTPS in active health checks #3815

Merged
merged 4 commits into from Oct 1, 2018
Merged
Diff settings

Always

Just for now

Next

feat(schema) adds `sni` typedef validating hostnames

Introduces `typedefs.sni` for verifying the validity of hostnames.
  • Loading branch information...
hishamhm committed Oct 1, 2018
commit 925e402083fc2534f61d5a96b806b6816f6d203b
@@ -57,6 +57,24 @@ local function validate_name(name)
end


local function validate_sni(host)
local res, err_or_port = utils.normalize_ip(host)
if type(err_or_port) == "string" and err_or_port ~= "invalid port number" then
return nil, "invalid value: " .. host
end

if res.type ~= "name" then
return nil, "must not be an IP"
end

if err_or_port == "invalid port number" or type(res.port) == "number" then
return nil, "must not have a port"
end

return true
end

This comment has been minimized.

Copy link
@thibaultcha

thibaultcha Oct 1, 2018

Member

If I were to specify ip:port, I would first receive an error stating that I should not specify a port, and after retrying, I would get an error that I should also not specify an IP. I think the "most not be an IP address" error should be thrown first.

Also, are we lacking tests for this function?

This comment has been minimized.

Copy link
@hishamhm

hishamhm Oct 1, 2018

Author Member

Also, are we lacking tests for this function?

It was being tested indirectly via the upstreams tests (as is the case for some other typedefs).



local typedefs = {}


@@ -161,4 +179,10 @@ typedefs.name = Schema.define {
}


typedefs.sni = Schema.define {
type = "string",
custom_validator = validate_sni,
}


return typedefs
@@ -5,7 +5,20 @@ local typedefs = require("kong.db.schema.typedefs")
describe("typedefs", function()
local a_valid_uuid = "cbb297c0-a956-486d-ad1d-f9b42df9465a"
local a_blank_uuid = "00000000-0000-0000-0000-000000000000"


it("features sni typedef", function()
local Test = Schema.new({
fields = {
{ f = typedefs.sni }
}
})
assert.truthy(Test:validate({ f = "example.com" }))
assert.truthy(Test:validate({ f = "9foo.te-st.bar.test" }))
assert.falsy(Test:validate({ f = "127.0.0.1" }))
assert.falsy(Test:validate({ f = "example.com:80" }))
assert.falsy(Test:validate({ f = "[::1]" }))
end)

it("features port typedef", function()
local Test = Schema.new({
fields = {
@@ -19,7 +32,7 @@ describe("typedefs", function()
assert.falsy(Test:validate({ f = 65536 }))
assert.falsy(Test:validate({ f = 65536.1 }))
end)

it("features protocol typedef", function()
local Test = Schema.new({
fields = {
@@ -77,7 +90,7 @@ describe("typedefs", function()
local data = Test:process_auto_fields({})
assert.truthy(Test:validate(data))
assert.same(data.f, 120)

data = Test:process_auto_fields({ f = 900 })
assert.truthy(Test:validate(data))
assert.same(data.f, 900)
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.