Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(v6) Fix --insecure-no-tls flag #5922

Merged
merged 1 commit into from
Mar 10, 2021
Merged

(v6) Fix --insecure-no-tls flag #5922

merged 1 commit into from
Mar 10, 2021

Conversation

r0mant
Copy link
Collaborator

@r0mant r0mant commented Mar 10, 2021

Discovered that I broke --insecure-no-tls flag when updating proxy listeners to support db protocols in our multiplexer.

This PR disables multiplexing if TLS is disabled, like it was before.

@r0mant r0mant self-assigned this Mar 10, 2021
@r0mant r0mant requested a review from klizhentas as a code owner March 10, 2021 05:12
This was referenced Mar 10, 2021
Merged
Merged
a-palchikov
a-palchikov approved these changes Mar 10, 2021
View reviewed changes
integration/integration_test.go
err = rc.CreateEx(nil, rcConf)
require.NoError(t, err)

err = rc.Start()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wish the test could be reduced to this:

proxyConfig := newDefaultConfiguration()
// DisableTLS flag should turn off TLS termination and multiplexing.
proxyConfig.Proxy.DisableTLS = true

proxy := newTeleportInstance()
proxy.Start()
t.Cleanup(proxy.StopAll)

// Web proxy endpoint should just respond with 200 when called over http://,
// content doesn't matter.
resp, err := http.Get(fmt.Sprintf("http://%v", net.JoinHostPort(Loopback, rc.GetPortWeb())))
require.NoError(t, err)
require.NoError(t, resp.Body.Close())

@klizhentas klizhentas merged commit 13ad701 into branch/v6 Mar 10, 2021
@klizhentas klizhentas deleted the roman/v6/notls branch March 10, 2021 15:42
@webvictim webvictim mentioned this pull request May 5, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@klizhentas klizhentas klizhentas approved these changes

@a-palchikov a-palchikov a-palchikov approved these changes

@awly awly Awaiting requested review from awly

@russjones russjones Awaiting requested review from russjones russjones is a code owner

Assignees

@r0mant r0mant

Labels
backport-required regression
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@r0mant @klizhentas @a-palchikov