Skip to content

Commit

Permalink
custom TLS for HTTP client
Browse files Browse the repository at this point in the history
  • Loading branch information
@FZambia
FZambia committed Jan 8, 2025
1 parent bc02113 commit f3dfae6
Show file tree
Hide file tree
Showing 9 changed files with 55 additions and 11 deletions.
6 changes: 5 additions & 1 deletion internal/configtypes/tls.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,11 @@ func (c TLSConfig) ToGoTLSConfig(logTraceEntity string) (*tls.Config, error) {
}
logger := log.With().Str("entity", logTraceEntity).Logger()
logger.Debug().Msg("TLS enabled")
return makeTLSConfig(c, logger, os.ReadFile, os.Stat)
tlsConfig, err := makeTLSConfig(c, logger, os.ReadFile, os.Stat)
if err != nil {
return nil, fmt.Errorf("error make TLS config (for %s): %w", logTraceEntity, err)
}
return tlsConfig, nil
}

// ReadFileFunc is like os.ReadFile but helps in testing.
Expand Down
1 change: 1 addition & 0 deletions internal/configtypes/types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -526,6 +526,7 @@ func (d *HttpStatusToCodeTransforms) Decode(value string) error {
}

type ProxyCommonHTTP struct {
TLS TLSConfig `mapstructure:"tls" json:"tls" envconfig:"tls" yaml:"tls" toml:"tls"`
// StaticHeaders is a static set of key/value pairs to attach to HTTP proxy request as
// headers. Headers received from HTTP client request or metadata from GRPC client request
// both have priority over values set in StaticHttpHeaders map.
Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/connect_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package proxy

import (
"context"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -16,9 +17,13 @@ var _ ConnectProxy = (*HTTPConnectProxy)(nil)

// NewHTTPConnectProxy ...
func NewHTTPConnectProxy(p Config) (*HTTPConnectProxy, error) {
httpClient, err := proxyHTTPClient(p, "connect_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPConnectProxy{
config: p,
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
}, nil
}

Expand Down
17 changes: 13 additions & 4 deletions internal/proxy/http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ package proxy
import (
"bytes"
"context"
"crypto/tls"
"errors"
"fmt"
"io"
"net/http"
"slices"
"strings"
"time"

"github.com/centrifugal/centrifugo/v5/internal/configtypes"
"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
Expand Down Expand Up @@ -45,13 +45,22 @@ func NewHTTPCaller(httpClient *http.Client) HTTPCaller {
}
}

func proxyHTTPClient(timeout time.Duration) *http.Client {
func proxyHTTPClient(p configtypes.Proxy, logTraceEntity string) (*http.Client, error) {
var tlsConfig *tls.Config
if p.HTTP.TLS.Enabled {
var err error
tlsConfig, err = p.HTTP.TLS.ToGoTLSConfig(logTraceEntity)
if err != nil {
return nil, fmt.Errorf("error creating TLS config: %w", err)
}
}
return &http.Client{
Transport: &http.Transport{
MaxIdleConnsPerHost: DefaultMaxIdleConnsPerHost,
TLSClientConfig: tlsConfig,
},
Timeout: timeout,
}
Timeout: p.Timeout.ToDuration(),
}, nil
}

type statusCodeError struct {
Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/publish_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package proxy
import (
"context"
"encoding/json"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -29,8 +30,12 @@ var _ PublishProxy = (*HTTPPublishProxy)(nil)

// NewHTTPPublishProxy ...
func NewHTTPPublishProxy(p Config) (*HTTPPublishProxy, error) {
httpClient, err := proxyHTTPClient(p, "publish_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPPublishProxy{
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
config: p,
}, nil
}
Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/refresh_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package proxy

import (
"context"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -23,9 +24,13 @@ var _ RefreshProxy = (*HTTPRefreshProxy)(nil)

// NewHTTPRefreshProxy ...
func NewHTTPRefreshProxy(p Config) (*HTTPRefreshProxy, error) {
httpClient, err := proxyHTTPClient(p, "refresh_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPRefreshProxy{
config: p,
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
}, nil
}

Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/rpc_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package proxy

import (
"context"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -16,9 +17,13 @@ var _ RPCProxy = (*HTTPRPCProxy)(nil)

// NewHTTPRPCProxy ...
func NewHTTPRPCProxy(p Config) (*HTTPRPCProxy, error) {
httpClient, err := proxyHTTPClient(p, "rpc_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPRPCProxy{
config: p,
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
}, nil
}

Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/sub_refresh_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package proxy

import (
"context"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -24,9 +25,13 @@ var _ SubRefreshProxy = (*HTTPSubRefreshProxy)(nil)

// NewHTTPSubRefreshProxy ...
func NewHTTPSubRefreshProxy(p Config) (*HTTPSubRefreshProxy, error) {
httpClient, err := proxyHTTPClient(p, "sub_refresh_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPSubRefreshProxy{
config: p,
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
}, nil
}

Expand Down
7 changes: 6 additions & 1 deletion internal/proxy/subscribe_http.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package proxy

import (
"context"
"fmt"

"github.com/centrifugal/centrifugo/v5/internal/proxyproto"
)
Expand All @@ -16,9 +17,13 @@ var _ SubscribeProxy = (*HTTPSubscribeProxy)(nil)

// NewHTTPSubscribeProxy ...
func NewHTTPSubscribeProxy(p Config) (*HTTPSubscribeProxy, error) {
httpClient, err := proxyHTTPClient(p, "subscribe_proxy")
if err != nil {
return nil, fmt.Errorf("error creating HTTP client: %w", err)
}
return &HTTPSubscribeProxy{
config: p,
httpCaller: NewHTTPCaller(proxyHTTPClient(p.Timeout.ToDuration())),
httpCaller: NewHTTPCaller(httpClient),
}, nil
}

Expand Down

0 comments on commit f3dfae6

Please sign in to comment.