From 9f6f18f9bb32e69702b88b11e864c0e8ae230c4c Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 23 Sep 2020 12:21:19 +0200 Subject: [PATCH] proxy: implement internal_host_ssl_validation option --- proxy/go.mod | 6 +++--- proxy/go.sum | 10 ++++++---- proxy/pkg/server/api.go | 2 +- proxy/pkg/server/api_bundle.go | 7 ++++--- 4 files changed, 14 insertions(+), 11 deletions(-) diff --git a/proxy/go.mod b/proxy/go.mod index 31ca6ebd7..ea21c9427 100644 --- a/proxy/go.mod +++ b/proxy/go.mod @@ -20,7 +20,7 @@ require ( github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a github.com/justinas/alice v1.2.0 github.com/kr/pretty v0.2.1 // indirect - github.com/magiconair/properties v1.8.3 // indirect + github.com/magiconair/properties v1.8.4 // indirect github.com/mailru/easyjson v0.7.6 // indirect github.com/mitchellh/mapstructure v1.3.3 // indirect github.com/oauth2-proxy/oauth2-proxy v1.1.2-0.20200817154438-5fa5b3186f39 @@ -37,8 +37,8 @@ require ( go.mongodb.org/mongo-driver v1.4.1 // indirect golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de // indirect golang.org/x/net v0.0.0-20200904194848-62affa334b73 // indirect - golang.org/x/sys v0.0.0-20200918174421-af09f7315aff // indirect - golang.org/x/tools v0.0.0-20200918232735-d647fc253266 // indirect + golang.org/x/sys v0.0.0-20200922070232-aee5d888a860 // indirect + golang.org/x/tools v0.0.0-20200923053713-ba800b16d873 // indirect gopkg.in/ini.v1 v1.61.0 // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect ) diff --git a/proxy/go.sum b/proxy/go.sum index c75392400..66b42b66f 100644 --- a/proxy/go.sum +++ b/proxy/go.sum @@ -443,6 +443,8 @@ github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzR github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.3 h1:kJSsc6EXkBLgr3SphHk9w5mtjn0bjlR4JYEXKrJ45rQ= github.com/magiconair/properties v1.8.3/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/magiconair/properties v1.8.4 h1:8KGKTcQQGm0Kv7vEbKFErAoAOFyyacLStRtQSeYtvkY= +github.com/magiconair/properties v1.8.4/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -830,8 +832,8 @@ golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200918174421-af09f7315aff h1:1CPUrky56AcgSpxz/KfgzQWzfG09u5YOL8MvPYBlrL8= -golang.org/x/sys v0.0.0-20200918174421-af09f7315aff/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200922070232-aee5d888a860 h1:YEu4SMq7D0cmT7CBbXfcH0NZeuChAXwsHe/9XueUO6o= +golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -898,8 +900,8 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200817023811-d00afeaade8f h1:33yHANSyO/TeglgY9rBhUpX43wtonTXoFOsMRtNB6qE= golang.org/x/tools v0.0.0-20200817023811-d00afeaade8f/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200918232735-d647fc253266 h1:k7tVuG0g1JwmD3Jh8oAl1vQ1C3jb4Hi/dUl1wWDBJpQ= -golang.org/x/tools v0.0.0-20200918232735-d647fc253266/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= +golang.org/x/tools v0.0.0-20200923053713-ba800b16d873 h1:Q5Sq7Lt0bkn6Ax1NAraQhKRN7xxxy1LV4guxsyFHZx4= +golang.org/x/tools v0.0.0-20200923053713-ba800b16d873/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/proxy/pkg/server/api.go b/proxy/pkg/server/api.go index becae3db5..88d5af0ba 100644 --- a/proxy/pkg/server/api.go +++ b/proxy/pkg/server/api.go @@ -50,7 +50,7 @@ func getCommonOptions() *options.Options { commonOpts.SkipProviderButton = true commonOpts.Logging.SilencePing = true commonOpts.SetXAuthRequest = true - commonOpts.SetAuthorization = true + commonOpts.SetAuthorization = false return commonOpts } diff --git a/proxy/pkg/server/api_bundle.go b/proxy/pkg/server/api_bundle.go index 38b40ed48..81b2ca0ae 100644 --- a/proxy/pkg/server/api_bundle.go +++ b/proxy/pkg/server/api_bundle.go @@ -58,9 +58,10 @@ func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *opti providerOpts.UpstreamServers = []options.Upstream{ { - ID: "default", - URI: *provider.InternalHost, - Path: "/", + ID: "default", + URI: *provider.InternalHost, + Path: "/", + InsecureSkipTLSVerify: *&provider.InternalHostSslValidation, }, }