diff options
| author | Andrew Newdigate <andrew@gitlab.com> | 2019-01-09 23:07:29 +0300 |
|---|---|---|
| committer | Andrew Newdigate <andrew@gitlab.com> | 2019-01-09 23:07:29 +0300 |
| commit | d6de8fdde63e41e413b54f19e01f26377b90fc8b (patch) | |
| tree | 650874d6687c98f0155d5993e2671a94b386d105 | |
| parent | 9691e7a75af1f73667f20f069f77c942bff16560 (diff) | |
Reintroduce a specific dialler for unix sockets1447-fix
61f6c92779a70d577727e7eefa337409effd69ef removed the Dialer for unix
socket. This was done because a change to the GRPC library caused the
Dialer to stop working, and because the default implementation works as
expected for users not using a proxy.
Unfortunately this led to a regression for users with HTTP or
HTTPS proxy configurations exposed via the `http_proxy` or `https_proxy`
environment variables.
For this reason, we reintroduce the dialer for Unix socket connections.
| -rw-r--r-- | client/dial.go | 51 |
1 files changed, 47 insertions, 4 deletions
diff --git a/client/dial.go b/client/dial.go index d0a51c0c1..96915d811 100644 --- a/client/dial.go +++ b/client/dial.go @@ -1,6 +1,9 @@ package client import ( + "net" + "time" + "google.golang.org/grpc/credentials" "net/url" @@ -11,6 +14,14 @@ import ( // DefaultDialOpts hold the default DialOptions for connection to Gitaly over UNIX-socket var DefaultDialOpts = []grpc.DialOption{} +type connectionType int + +const ( + tcpConnection connectionType = iota + tlsConnection = iota + unixConnection = iota +) + // Dial gitaly func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, error) { canonicalAddress, err := parseAddress(rawAddress) @@ -18,7 +29,13 @@ func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, erro return nil, err } - if isTLS(rawAddress) { + connectionType, err := getConnectionType(rawAddress) + if err != nil { + return nil, err + } + + switch connectionType { + case tlsConnection: certPool, err := systemCertPool() if err != nil { return nil, err @@ -26,8 +43,22 @@ func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, erro creds := credentials.NewClientTLSFromCert(certPool, "") connOpts = append(connOpts, grpc.WithTransportCredentials(creds)) - } else { + case tcpConnection: connOpts = append(connOpts, grpc.WithInsecure()) + case unixConnection: + connOpts = append( + connOpts, + grpc.WithInsecure(), + grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) { + u, err := url.Parse(addr) + if err != nil { + return nil, err + } + + return net.DialTimeout("unix", u.Path, timeout) + }), + ) + } conn, err := grpc.Dial(canonicalAddress, connOpts...) @@ -38,7 +69,19 @@ func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, erro return conn, nil } -func isTLS(rawAddress string) bool { +func getConnectionType(rawAddress string) (connectionType, error) { u, err := url.Parse(rawAddress) - return err == nil && u.Scheme == "tls" + if err != nil { + return tcpConnection, err + } + + if u.Scheme == "tls" { + return tlsConnection, nil + } + + if u.Scheme == "unix" { + return unixConnection, nil + } + + return tcpConnection, nil } |