From 9f6f8155a002699e29c5f02c8ebb48ac5dff17be Mon Sep 17 00:00:00 2001
From: fredbi <fredbi@yahoo.com>
Date: Thu, 11 Oct 2018 22:49:43 +0200
Subject: [PATCH] cmd: Streamlines https configuration variables (#124)

Closes  #121

Signed-off-by: Frederic BIDON <frederic@oneconcern.com>
---
 UPGRADE.md                |   7 +++
 cmd/helper_messages.go    |   4 +-
 cmd/helper_server.go      |   4 +-
 cmd/helper_server_test.go | 104 +++++++++++++++++++-------------------
 4 files changed, 63 insertions(+), 56 deletions(-)

diff --git a/UPGRADE.md b/UPGRADE.md
index 6e5aba9ec6..d312d44b53 100644
--- a/UPGRADE.md
+++ b/UPGRADE.md
@@ -16,6 +16,13 @@ before finalizing the upgrade process.
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
+## master
+
+### Refresh Configuration
+
+Environment variables `HTTP_TLS_xxx` are now called
+`HTTPS_TLS_xxx`.
+
 ## 1.0.0-beta.9
 
 ### Refresh Configuration
diff --git a/cmd/helper_messages.go b/cmd/helper_messages.go
index 33e5a542e3..76c91f964d 100644
--- a/cmd/helper_messages.go
+++ b/cmd/helper_messages.go
@@ -182,10 +182,10 @@ NOTE: configure TLS params consistently both as PATH or as string. If no TLS pai
 - HTTPS_TLS_KEY_PATH: The path to the TLS private key (pem encoded).
 	Example: HTTPS_TLS_KEY_PATH=~/key.pem
 
-- HTTP_TLS_CERT: Base64 encoded (without padding) string of the TLS certificate (PEM encoded) to be used for HTTP over TLS (HTTPS).
+- HTTPS_TLS_CERT: Base64 encoded (without padding) string of the TLS certificate (PEM encoded) to be used for HTTP over TLS (HTTPS).
 	Example: HTTPS_TLS_CERT="-----BEGIN CERTIFICATE-----\nMIIDZTCCAk2gAwIBAgIEV5xOtDANBgkqhkiG9w0BAQ0FADA0MTIwMAYDVQQDDClP..."
 
-- HTTP_TLS_KEY: Base64 encoded (without padding) string of the private key (PEM encoded) to be used for HTTP over TLS (HTTPS).
+- HTTPS_TLS_KEY: Base64 encoded (without padding) string of the private key (PEM encoded) to be used for HTTP over TLS (HTTPS).
 	Example: HTTPS_TLS_KEY="-----BEGIN ENCRYPTED PRIVATE KEY-----\nMIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDg..."
 `
 
diff --git a/cmd/helper_server.go b/cmd/helper_server.go
index 6dda76cc26..3e119c487f 100644
--- a/cmd/helper_server.go
+++ b/cmd/helper_server.go
@@ -277,8 +277,8 @@ func handlerFactories(keyManager rsakey.Manager) ([]proxy.Authenticator, []proxy
 }
 
 func getTLSCertAndKey() (*tls.Certificate, error) {
-	certString, keyString := viper.GetString("HTTP_TLS_CERT"), viper.GetString("HTTP_TLS_KEY")
-	certPath, keyPath := viper.GetString("HTTP_TLS_CERT_PATH"), viper.GetString("HTTP_TLS_KEY_PATH")
+	certString, keyString := viper.GetString("HTTPS_TLS_CERT"), viper.GetString("HTTPS_TLS_KEY")
+	certPath, keyPath := viper.GetString("HTTPS_TLS_CERT_PATH"), viper.GetString("HTTPS_TLS_KEY_PATH")
 
 	if certString == "" && keyString == "" && certPath == "" && keyPath == "" {
 		// serve http
diff --git a/cmd/helper_server_test.go b/cmd/helper_server_test.go
index d0a4a103e9..5ad92a3bff 100644
--- a/cmd/helper_server_test.go
+++ b/cmd/helper_server_test.go
@@ -127,119 +127,119 @@ RHMZNMoDTRhmhQhj8M7N+FMtZAUOMddZ/1cvREtFW7+66w+XZvj9CQ/uectp/qb+
 	defer func() {
 		_ = os.Remove(tmpCert)
 		_ = os.Remove(tmpKey)
-		os.Setenv("HTTP_TLS_KEY_PATH", "")
-		os.Setenv("HTTP_TLS_CERT_PATH", "")
-		os.Setenv("HTTP_TLS_KEY", "")
-		os.Setenv("HTTP_TLS_CERT", "")
+		os.Setenv("HTTPS_TLS_KEY_PATH", "")
+		os.Setenv("HTTPS_TLS_CERT_PATH", "")
+		os.Setenv("HTTPS_TLS_KEY", "")
+		os.Setenv("HTTPS_TLS_CERT", "")
 	}()
 	_ = ioutil.WriteFile(tmpCert, []byte(certFileContent), 0600)
 	_ = ioutil.WriteFile(tmpKey, []byte(keyFileContent), 0600)
 	initConfig()
 
 	// 1. no TLS
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err := getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.NoError(t, err)
 
 	// 2. inconsistent TLS (i): warning only
-	os.Setenv("HTTP_TLS_KEY_PATH", "x")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", "x")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.NoError(t, err)
 
 	// 2. inconsistent TLS (ii): warning only
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "x")
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "x")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.NoError(t, err)
 
 	// 3. invalid TLS file
-	os.Setenv("HTTP_TLS_KEY_PATH", "x")
-	os.Setenv("HTTP_TLS_CERT_PATH", tmpCert)
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", "x")
+	os.Setenv("HTTPS_TLS_CERT_PATH", tmpCert)
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 4. invalid TLS string (i)
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", "{}")
-	os.Setenv("HTTP_TLS_CERT", certFixture)
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", "{}")
+	os.Setenv("HTTPS_TLS_CERT", certFixture)
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 4. invalid TLS string (ii)
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", keyFixture)
-	os.Setenv("HTTP_TLS_CERT", "{}")
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", keyFixture)
+	os.Setenv("HTTPS_TLS_CERT", "{}")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 5. valid TLS files
-	os.Setenv("HTTP_TLS_KEY_PATH", tmpKey)
-	os.Setenv("HTTP_TLS_CERT_PATH", tmpCert)
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", tmpKey)
+	os.Setenv("HTTPS_TLS_CERT_PATH", tmpCert)
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err = getTLSCertAndKey()
 	assert.NotNil(t, cert)
 	assert.NoError(t, err)
 
 	// 6. valid TLS strings
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", keyFixture)
-	os.Setenv("HTTP_TLS_CERT", certFixture)
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", keyFixture)
+	os.Setenv("HTTPS_TLS_CERT", certFixture)
 	cert, err = getTLSCertAndKey()
 	assert.NotNil(t, cert)
 	assert.NoError(t, err)
 
 	// 7. invalid TLS file content
-	os.Setenv("HTTP_TLS_KEY_PATH", keyFixture)
-	os.Setenv("HTTP_TLS_CERT_PATH", certFixture)
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", keyFixture)
+	os.Setenv("HTTPS_TLS_CERT_PATH", certFixture)
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 8. invalid TLS string content
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", keyFileContent)
-	os.Setenv("HTTP_TLS_CERT", certFileContent)
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", keyFileContent)
+	os.Setenv("HTTPS_TLS_CERT", certFileContent)
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 9. mismatched TLS file content
-	os.Setenv("HTTP_TLS_KEY_PATH", certFileContent)
-	os.Setenv("HTTP_TLS_CERT_PATH", keyFileContent)
-	os.Setenv("HTTP_TLS_KEY", "")
-	os.Setenv("HTTP_TLS_CERT", "")
+	os.Setenv("HTTPS_TLS_KEY_PATH", certFileContent)
+	os.Setenv("HTTPS_TLS_CERT_PATH", keyFileContent)
+	os.Setenv("HTTPS_TLS_KEY", "")
+	os.Setenv("HTTPS_TLS_CERT", "")
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)
 
 	// 10. mismatched TLS string content
-	os.Setenv("HTTP_TLS_KEY_PATH", "")
-	os.Setenv("HTTP_TLS_CERT_PATH", "")
-	os.Setenv("HTTP_TLS_KEY", certFixture)
-	os.Setenv("HTTP_TLS_CERT", keyFixture)
+	os.Setenv("HTTPS_TLS_KEY_PATH", "")
+	os.Setenv("HTTPS_TLS_CERT_PATH", "")
+	os.Setenv("HTTPS_TLS_KEY", certFixture)
+	os.Setenv("HTTPS_TLS_CERT", keyFixture)
 	cert, err = getTLSCertAndKey()
 	assert.Nil(t, cert)
 	assert.Error(t, err)