DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #777 from aledbf/fix-ssl-proxy

Browse source 
Update sniff parser to fix index out of bound error
This commit is contained in:
Nick Sardo 2017-05-26 11:59:33 -07:00 committed by GitHub
commit cc1a560585
4 changed files with 41 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Godeps/Godeps.json generated
View file

@ -191,7 +191,7 @@
}, },
{ {
"ImportPath": "github.com/paultag/sniff/parser", "ImportPath": "github.com/paultag/sniff/parser",
"Rev": "c36b8585a41425573d9e3e1890bf3b6ac89a3828" "Rev": "558797aed1e6daa735d8fada0b863b89d72dcfba"
}, },
{ {
"ImportPath": "github.com/pborman/uuid", "ImportPath": "github.com/pborman/uuid",

70
controllers/nginx/pkg/cmd/controller/nginx.go
View file

@ -417,6 +417,41 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) ([]byte, er
cfg := ngx_template.ReadConfig(n.configmap.Data) cfg := ngx_template.ReadConfig(n.configmap.Data)
cfg.Resolver = n.resolver cfg.Resolver = n.resolver
servers := []*server{}
for _, pb := range ingressCfg.PassthroughBackends {
svc := pb.Service
if svc == nil {
glog.Warningf("missing service for PassthroughBackends %v", pb.Backend)
continue
}
port, err := strconv.Atoi(pb.Port.String())
if err != nil {
for _, sp := range svc.Spec.Ports {
if sp.Name == pb.Port.String() {
port = int(sp.Port)
break
}
}
} else {
for _, sp := range svc.Spec.Ports {
if sp.Port == int32(port) {
port = int(sp.Port)
break
}
}
}
//TODO: Allow PassthroughBackends to specify they support proxy-protocol
servers = append(servers, &server{
Hostname: pb.Hostname,
IP: svc.Spec.ClusterIP,
Port: port,
ProxyProtocol: false,
})
}
n.proxy.ServerList = servers
// we need to check if the status module configuration changed // we need to check if the status module configuration changed
if cfg.EnableVtsStatus { if cfg.EnableVtsStatus {
n.setupMonitor(vtsStatusModule) n.setupMonitor(vtsStatusModule)
@ -513,41 +548,6 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) ([]byte, er
return nil, err return nil, err
} }
servers := []*server{}
for _, pb := range ingressCfg.PassthroughBackends {
svc := pb.Service
if svc == nil {
glog.Warningf("missing service for PassthroughBackends %v", pb.Backend)
continue
}
port, err := strconv.Atoi(pb.Port.String())
if err != nil {
for _, sp := range svc.Spec.Ports {
if sp.Name == pb.Port.String() {
port = int(sp.Port)
break
}
}
} else {
for _, sp := range svc.Spec.Ports {
if sp.Port == int32(port) {
port = int(sp.Port)
break
}
}
}
//TODO: Allow PassthroughBackends to specify they support proxy-protocol
servers = append(servers, &server{
Hostname: pb.Hostname,
IP: svc.Spec.ClusterIP,
Port: port,
ProxyProtocol: false,
})
}
n.proxy.ServerList = servers
return content, nil return content, nil
} }

4
controllers/nginx/pkg/cmd/controller/tcp.go
View file

@ -22,6 +22,10 @@ type proxy struct {
} }
func (p *proxy) Get(host string) *server { func (p *proxy) Get(host string) *server {
if p.ServerList == nil {
return p.Default
}
for _, s := range p.ServerList { for _, s := range p.ServerList {
if s.Hostname == host { if s.Hostname == host {
return s return s

2
vendor/github.com/paultag/sniff/parser/parser.go generated vendored
View file

@ -85,7 +85,7 @@ func GetSNBlock(data []byte) ([]byte, error) {
data = data[2 : extensionLength+2] data = data[2 : extensionLength+2]
for { for {
if index >= len(data) { if index+4 >= len(data) {
break break
} }
length := int((data[index+2] << 8) + data[index+3]) length := int((data[index+2] << 8) + data[index+3])