summaryrefslogtreecommitdiff
path: root/plugins/http/config
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/http/config')
-rw-r--r--plugins/http/config/http.go34
-rw-r--r--plugins/http/config/ssl.go69
-rw-r--r--plugins/http/config/ssl_config_test.go116
3 files changed, 189 insertions, 30 deletions
diff --git a/plugins/http/config/http.go b/plugins/http/config/http.go
index 76547fde..bd689918 100644
--- a/plugins/http/config/http.go
+++ b/plugins/http/config/http.go
@@ -2,7 +2,6 @@ package config
import (
"net"
- "os"
"runtime"
"strings"
"time"
@@ -13,7 +12,7 @@ import (
// HTTP configures RoadRunner HTTP server.
type HTTP struct {
- // Port and port to handle as http server.
+ // Host and port to handle as http server.
Address string
// SSLConfig defines https server options.
@@ -97,8 +96,8 @@ func (c *HTTP) InitDefaults() error {
c.SSLConfig = &SSL{}
}
- if c.SSLConfig.Port == 0 {
- c.SSLConfig.Port = 443
+ if c.SSLConfig.Address == "" {
+ c.SSLConfig.Address = ":443"
}
err := c.HTTP2Config.InitDefaults()
@@ -191,30 +190,9 @@ func (c *HTTP) Valid() error {
}
if c.EnableTLS() {
- if _, err := os.Stat(c.SSLConfig.Key); err != nil {
- if os.IsNotExist(err) {
- return errors.E(op, errors.Errorf("key file '%s' does not exists", c.SSLConfig.Key))
- }
-
- return err
- }
-
- if _, err := os.Stat(c.SSLConfig.Cert); err != nil {
- if os.IsNotExist(err) {
- return errors.E(op, errors.Errorf("cert file '%s' does not exists", c.SSLConfig.Cert))
- }
-
- return err
- }
-
- // RootCA is optional, but if provided - check it
- if c.SSLConfig.RootCA != "" {
- if _, err := os.Stat(c.SSLConfig.RootCA); err != nil {
- if os.IsNotExist(err) {
- return errors.E(op, errors.Errorf("root ca path provided, but path '%s' does not exists", c.SSLConfig.RootCA))
- }
- return err
- }
+ err := c.SSLConfig.Valid()
+ if err != nil {
+ return errors.E(op, err)
}
}
diff --git a/plugins/http/config/ssl.go b/plugins/http/config/ssl.go
index aae6e920..c33dbce4 100644
--- a/plugins/http/config/ssl.go
+++ b/plugins/http/config/ssl.go
@@ -1,9 +1,17 @@
package config
+import (
+ "os"
+ "strconv"
+ "strings"
+
+ "github.com/spiral/errors"
+)
+
// SSL defines https server configuration.
type SSL struct {
- // Port to listen as HTTPS server, defaults to 443.
- Port int
+ // Address to listen as HTTPS server, defaults to 0.0.0.0:443.
+ Address string
// Redirect when enabled forces all http connections to switch to https.
Redirect bool
@@ -16,4 +24,61 @@ type SSL struct {
// Root CA file
RootCA string
+
+ // internal
+ host string
+ Port int
+}
+
+func (s *SSL) Valid() error {
+ const op = errors.Op("ssl_valid")
+
+ parts := strings.Split(s.Address, ":")
+ switch len(parts) {
+ // :443 form
+ // localhost:443 form
+ // use 0.0.0.0 as host and 443 as port
+ case 2:
+ if parts[0] == "" {
+ s.host = "0.0.0.0"
+ } else {
+ s.host = parts[0]
+ }
+
+ port, err := strconv.Atoi(parts[1])
+ if err != nil {
+ return errors.E(op, err)
+ }
+ s.Port = port
+ default:
+ return errors.E(op, errors.Errorf("unknown format, accepted format is [:<port> or <host>:<port>], provided: %s", s.Address))
+ }
+
+ if _, err := os.Stat(s.Key); err != nil {
+ if os.IsNotExist(err) {
+ return errors.E(op, errors.Errorf("key file '%s' does not exists", s.Key))
+ }
+
+ return err
+ }
+
+ if _, err := os.Stat(s.Cert); err != nil {
+ if os.IsNotExist(err) {
+ return errors.E(op, errors.Errorf("cert file '%s' does not exists", s.Cert))
+ }
+
+ return err
+ }
+
+ // RootCA is optional, but if provided - check it
+ if s.RootCA != "" {
+ if _, err := os.Stat(s.RootCA); err != nil {
+ if os.IsNotExist(err) {
+ return errors.E(op, errors.Errorf("root ca path provided, but path '%s' does not exists", s.RootCA))
+ }
+ return err
+ }
+ }
+
+ return nil
}
diff --git a/plugins/http/config/ssl_config_test.go b/plugins/http/config/ssl_config_test.go
new file mode 100644
index 00000000..1f5fef0a
--- /dev/null
+++ b/plugins/http/config/ssl_config_test.go
@@ -0,0 +1,116 @@
+package config
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestSSL_Valid1(t *testing.T) {
+ conf := &SSL{
+ Address: "",
+ Redirect: false,
+ Key: "",
+ Cert: "",
+ RootCA: "",
+ host: "",
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}
+
+func TestSSL_Valid2(t *testing.T) {
+ conf := &SSL{
+ Address: ":hello",
+ Redirect: false,
+ Key: "",
+ Cert: "",
+ RootCA: "",
+ host: "",
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}
+
+func TestSSL_Valid3(t *testing.T) {
+ conf := &SSL{
+ Address: ":555",
+ Redirect: false,
+ Key: "",
+ Cert: "",
+ RootCA: "",
+ host: "",
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}
+
+func TestSSL_Valid4(t *testing.T) {
+ conf := &SSL{
+ Address: ":555",
+ Redirect: false,
+ Key: "../../../tests/plugins/http/fixtures/server.key",
+ Cert: "../../../tests/plugins/http/fixtures/server.crt",
+ RootCA: "",
+ host: "",
+ // private
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.NoError(t, err)
+}
+
+func TestSSL_Valid5(t *testing.T) {
+ conf := &SSL{
+ Address: "a:b:c",
+ Redirect: false,
+ Key: "../../../tests/plugins/http/fixtures/server.key",
+ Cert: "../../../tests/plugins/http/fixtures/server.crt",
+ RootCA: "",
+ host: "",
+ // private
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}
+
+func TestSSL_Valid6(t *testing.T) {
+ conf := &SSL{
+ Address: ":",
+ Redirect: false,
+ Key: "../../../tests/plugins/http/fixtures/server.key",
+ Cert: "../../../tests/plugins/http/fixtures/server.crt",
+ RootCA: "",
+ host: "",
+ // private
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}
+
+func TestSSL_Valid7(t *testing.T) {
+ conf := &SSL{
+ Address: "localhost:555:1",
+ Redirect: false,
+ Key: "../../../tests/plugins/http/fixtures/server.key",
+ Cert: "../../../tests/plugins/http/fixtures/server.crt",
+ RootCA: "",
+ host: "",
+ // private
+ Port: 0,
+ }
+
+ err := conf.Valid()
+ assert.Error(t, err)
+}