fix: redirect to https only if the listener is a http

Signed-off-by: Florentin Dubois <florentin.dubois@clever-cloud.com>
sozu-proxy · Jul 11, 2023 · 675c99d · 675c99d
1 parent 86d275d
commit 675c99d
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 16 deletions.
diff --git a/bin/src/ctl/command.rs b/bin/src/ctl/command.rs
@@ -55,7 +55,9 @@ impl CommandManager {
             let response = self.read_channel_message_with_timeout()?;
 
             match response.status() {
-                ResponseStatus::Processing => { debug!("Proxy is processing: {}", response.message); },
+                ResponseStatus::Processing => {
+                    debug!("Proxy is processing: {}", response.message);
+                }
                 ResponseStatus::Failure => bail!("Request failed: {}", response.message),
                 ResponseStatus::Ok => {
                     if json {
@@ -149,10 +151,7 @@ impl CommandManager {
                                     );
                                 }
                                 ResponseStatus::Ok => {
-                                    info!(
-                                        "Main process upgrade succeeded: {}",
-                                        response.message
-                                    );
+                                    info!("Main process upgrade succeeded: {}", response.message);
                                     break;
                                 }
                             }
@@ -266,7 +265,9 @@ impl CommandManager {
                                 Some(ContentType::AvailableMetrics(available)) => {
                                     print_available_metrics(&available)?;
                                 }
-                                _ => { debug!("Wrong kind of response here"); },
+                                _ => {
+                                    debug!("Wrong kind of response here");
+                                }
                             }
                         }
 

diff --git a/e2e/src/tests/tests.rs b/e2e/src/tests/tests.rs
@@ -894,7 +894,6 @@ fn try_http_behaviors() -> State {
     );
     assert_eq!(request, String::from("0123"));
 
-
     info!("expecting 100 BAD");
     backend.set_response("HTTP/1.1 200 Ok\r\n\r\nRESPONSE_BODY_NO_LENGTH");
     client.set_request("GET /100 HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\nExpect: 100-continue\r\n\r\n");

diff --git a/lib/src/http.rs b/lib/src/http.rs
@@ -17,7 +17,8 @@ use time::{Duration, Instant};
 use sozu_command::{
     logging,
     proto::command::{
-        request::RequestType, Cluster, HttpListenerConfig, RemoveListener, RequestHttpFrontend,
+        request::RequestType, Cluster, HttpListenerConfig, ListenerType, RemoveListener,
+        RequestHttpFrontend,
     },
     ready::Ready,
     request::WorkerRequest,
@@ -916,6 +917,10 @@ impl ProxyConfiguration for HttpProxy {
 }
 
 impl L7Proxy for HttpProxy {
+    fn kind(&self) -> ListenerType {
+        ListenerType::Http
+    }
+
     fn register_socket(
         &self,
         source: &mut TcpStream,

diff --git a/lib/src/https.rs b/lib/src/https.rs
@@ -35,7 +35,7 @@ use sozu_command::{
     proto::command::{
         request::RequestType, response_content::ContentType, AddCertificate, CertificateSummary,
         CertificatesByAddress, Cluster, HttpsListenerConfig, ListOfCertificatesByAddress,
-        RemoveCertificate, RemoveListener, ReplaceCertificate, RequestHttpFrontend,
+        ListenerType, RemoveCertificate, RemoveListener, ReplaceCertificate, RequestHttpFrontend,
         ResponseContent, TlsVersion,
     },
     ready::Ready,
@@ -1374,6 +1374,10 @@ impl ProxyConfiguration for HttpsProxy {
     }
 }
 impl L7Proxy for HttpsProxy {
+    fn kind(&self) -> ListenerType {
+        ListenerType::Https
+    }
+
     fn register_socket(
         &self,
         socket: &mut MioTcpStream,

diff --git a/lib/src/lib.rs b/lib/src/lib.rs
@@ -394,6 +394,7 @@ use std::{
 use anyhow::{bail, Context};
 use mio::{net::TcpStream, Interest, Token};
 use protocol::http::parser::Method;
+use sozu_command::proto::command::ListenerType;
 use sozu_command_lib::{
     proto::command::{Cluster, Event, EventKind, LoadBalancingParams},
     ready::Ready,
@@ -653,6 +654,8 @@ pub trait ProxyConfiguration {
 }
 
 pub trait L7Proxy {
+    fn kind(&self) -> ListenerType;
+
     fn register_socket(
         &self,
         socket: &mut TcpStream,

diff --git a/lib/src/protocol/kawa_h1/mod.rs b/lib/src/protocol/kawa_h1/mod.rs
@@ -13,7 +13,7 @@ use anyhow::{bail, Context};
 use kawa;
 use mio::{net::TcpStream, *};
 use rusty_ulid::Ulid;
-use sozu_command::proto::command::{Event, EventKind};
+use sozu_command::proto::command::{Event, EventKind, ListenerType};
 use time::{Duration, Instant};
 
 use crate::{
@@ -1042,12 +1042,13 @@ impl<Front: SocketHandler, L: ListenerHandler + L7ListenerHandler> Http<Front, L
             }
         };
 
-        let frontend_should_redirect_https = proxy
-            .borrow()
-            .clusters()
-            .get(&cluster_id)
-            .map(|cluster| cluster.https_redirect)
-            .unwrap_or(false);
+        let frontend_should_redirect_https = matches!(proxy.borrow().kind(), ListenerType::Http)
+            && proxy
+                .borrow()
+                .clusters()
+                .get(&cluster_id)
+                .map(|cluster| cluster.https_redirect)
+                .unwrap_or(false);
 
         if frontend_should_redirect_https {
             let answer = format!("HTTP/1.1 301 Moved Permanently\r\nContent-Length: 0\r\nLocation: https://{host}{uri}\r\n\r\n");