docs: update comments

improve tls client config
Bump golang.org/x/net from 0.10.0 to 0.11.0
2023-06-28 17:46:15 +08:00 · 2023-06-28 17:31:08 +08:00 · 2023-06-27 23:13:13 +08:00 · 2023-05-15 15:40:51 +08:00
4 changed files with 41 additions and 27 deletions
@@ -16,7 +16,7 @@ jobs:

    steps:
    - name: Set up Go 1.x
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v4
      with:
        go-version: ${{ matrix.go }}

@@ -32,4 +32,4 @@ jobs:
      run: go test -race -coverprofile=coverage.txt -covermode=atomic ./tea/... ./utils/...
    
    - name: CodeCov
-      run: bash <(curl -s https://codecov.io/bash)
+      run: bash <(curl -s https://codecov.io/bash)
@@ -6,5 +6,5 @@ require (
 	github.com/alibabacloud-go/debug v0.0.0-20190504072949-9472017b5c68
 	github.com/json-iterator/go v1.1.12
 	github.com/modern-go/reflect2 v1.0.2
-	golang.org/x/net v0.10.0
+	golang.org/x/net v0.11.0
 )
@@ -262,7 +262,7 @@ func Convert(in interface{}, out interface{}) error {
 	return err
 }

-// Convert is use convert map[string]interface object to struct
+// Recover is used to format error
 func Recover(in interface{}) error {
 	if in == nil {
 		return nil
@@ -415,28 +415,30 @@ func getHttpTransport(req *Request, runtime *RuntimeObject) (*http.Transport, er
 	if err != nil {
 		return nil, err
 	}
-	if strings.ToLower(*req.Protocol) == "https" &&
-		runtime.Key != nil && runtime.Cert != nil {
-		cert, err := tls.X509KeyPair([]byte(StringValue(runtime.Cert)), []byte(StringValue(runtime.Key)))
-		if err != nil {
-			return nil, err
-		}
-
-		trans.TLSClientConfig = &tls.Config{
-			Certificates:       []tls.Certificate{cert},
-			InsecureSkipVerify: BoolValue(runtime.IgnoreSSL),
-		}
-		if runtime.CA != nil {
-			clientCertPool := x509.NewCertPool()
-			ok := clientCertPool.AppendCertsFromPEM([]byte(StringValue(runtime.CA)))
-			if !ok {
-				return nil, errors.New("Failed to parse root certificate")
+	if strings.ToLower(*req.Protocol) == "https" {
+		if BoolValue(runtime.IgnoreSSL) != true {
+			trans.TLSClientConfig = &tls.Config{
+				InsecureSkipVerify: false,
+			}
+			if runtime.Key != nil && runtime.Cert != nil && StringValue(runtime.Key) != "" && StringValue(runtime.Cert) != "" {
+				cert, err := tls.X509KeyPair([]byte(StringValue(runtime.Cert)), []byte(StringValue(runtime.Key)))
+				if err != nil {
+					return nil, err
+				}
+				trans.TLSClientConfig.Certificates = []tls.Certificate{cert}
+			}
+			if runtime.CA != nil && StringValue(runtime.CA) != "" {
+				clientCertPool := x509.NewCertPool()
+				ok := clientCertPool.AppendCertsFromPEM([]byte(StringValue(runtime.CA)))
+				if !ok {
+					return nil, errors.New("Failed to parse root certificate")
+				}
+				trans.TLSClientConfig.RootCAs = clientCertPool
+			}
+		} else {
+			trans.TLSClientConfig = &tls.Config{
+				InsecureSkipVerify: true,
 			}
-			trans.TLSClientConfig.RootCAs = clientCertPool
-		}
-	} else {
-		trans.TLSClientConfig = &tls.Config{
-			InsecureSkipVerify: BoolValue(runtime.IgnoreSSL),
 		}
 	}
 	if httpProxy != nil {
@@ -542,20 +542,32 @@ func Test_DoRequest(t *testing.T) {

 	runtimeObj["key"] = "private rsa key"
 	runtimeObj["cert"] = "private certification"
+	runtimeObj["ca"] = "private ca"
 	runtimeObj["ignoreSSL"] = true
 	resp, err = DoRequest(request, runtimeObj)
+	utils.AssertNil(t, err)
+	utils.AssertNotNil(t, resp)
+
+	// update the host is to restart a client
+	request.Headers["host"] = String("a.com")
+	runtimeObj["ignoreSSL"] = false
+	resp, err = DoRequest(request, runtimeObj)
 	utils.AssertNotNil(t, err)
+	utils.AssertEqual(t, "tls: failed to find any PEM data in certificate input", err.Error())
 	utils.AssertNil(t, resp)

+	// update the host is to restart a client
+	request.Headers["host"] = String("b.com")
 	runtimeObj["key"] = key
 	runtimeObj["cert"] = cert
 	runtimeObj["ca"] = "private ca"
-	runtimeObj["socks5Proxy"] = "socks5://someuser:somepassword@cs.aliyun.com"
 	_, err = DoRequest(request, runtimeObj)
 	utils.AssertNotNil(t, err)
+	utils.AssertEqual(t, "Failed to parse root certificate", err.Error())

+	// update the host is to restart a client
+	request.Headers["host"] = String("c.com")
 	runtimeObj["ca"] = ca
-	runtimeObj["socks5Proxy"] = "socks5://someuser:somepassword@cs.aliyuncs.com"
 	resp, err = DoRequest(request, runtimeObj)
 	utils.AssertNil(t, err)
 	utils.AssertEqual(t, "test", StringValue(resp.Headers["tea"]))
Author	SHA1	Message	Date
nanhe	2b0e131d00	docs: update comments	2023-06-28 17:46:15 +08:00
nanhe	e3922d2afb	improve tls client config	2023-06-28 17:31:08 +08:00
dependabot[bot]	5ef2fcc54f	Bump golang.org/x/net from 0.10.0 to 0.11.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.11.0. - [Commits](https://github.com/golang/net/compare/v0.10.0...v0.11.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-06-27 23:13:13 +08:00
Jackson Tian	121efa4413	update actions setup-go to v4	2023-05-15 15:40:51 +08:00