diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-04-28 15:48:27 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-04-28 15:48:27 +0200 |
commit | a9e5c8b38d4b37862e38a43239720ccdf56470d2 (patch) | |
tree | 0458a71b062d604bc0518850aa3883f5ed054504 /config-model/src/test/java/com/yahoo | |
parent | 4d3c251083a14f21dde71bcce21561c22fa79acd (diff) |
Temporarily disable proxy-protocol for port 4443 in jdisc
Diffstat (limited to 'config-model/src/test/java/com/yahoo')
-rw-r--r-- | config-model/src/test/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilderTest.java | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilderTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilderTest.java index dcd1c46e52f..15966694f8d 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilderTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilderTest.java @@ -832,6 +832,41 @@ public class ContainerModelBuilderTest extends ContainerModelBuilderTestBase { connectorConfig.ssl().caCertificateFile(), equalTo("/opt/yahoo/share/ssl/certs/athenz_certificate_bundle.pem")); assertThat(connectorConfig.ssl().caCertificate(), isEmptyString()); } + @Test + + public void jdisc_proxy_protocol_disabled_in_public_systems() { + Element clusterElem = DomBuilderTest.parse( + "<container version='1.0'>", + nodesXml, + "</container>" ); + + var applicationPackage = new MockApplicationPackage.Builder() + .withRoot(applicationFolder.getRoot()) + .build(); + + applicationPackage.getFile(Path.fromString("security")).createDirectory(); + applicationPackage.getFile(Path.fromString("security/clients.pem")).writeFile(new StringReader("I am a very nice certificate")); + + Zone zone = new Zone(SystemName.Public, Environment.prod, RegionName.defaultName()); + DeployState state = new DeployState.Builder() + .zone(zone) + .applicationPackage(applicationPackage) + .properties(new TestProperties() + .setHostedVespa(true) + .setZone(zone) + .setEndpointCertificateSecrets(Optional.of(new EndpointCertificateSecrets("CERT", "KEY")))) + .build(); + createModel(root, state, null, clusterElem); + ApplicationContainer container = (ApplicationContainer)root.getProducer("container/container.0"); + ConnectorFactory tlsPort = container.getHttp().getHttpServer().get().getConnectorFactories().stream() + .filter(connectorFactory -> connectorFactory.getListenPort() == 4443) + .findFirst() + .orElseThrow(); + ConnectorConfig.Builder builder = new ConnectorConfig.Builder(); + tlsPort.getConfig(builder); + ConnectorConfig connectorConfig = new ConnectorConfig(builder); + assertFalse(connectorConfig.proxyProtocol().enabled()); + } private Element generateContainerElementWithRenderer(String rendererId) { |