From 19ba7309e28c0e746b58a4e177d4aae2ac7bbba2 Mon Sep 17 00:00:00 2001 From: Valerij Fredriksen Date: Mon, 4 Nov 2019 11:30:51 +0100 Subject: Use localhost when talking to controller --- .../vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java | 4 +--- .../controller/restapi/configserver/ConfigServerApiHandler.java | 5 +++-- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'controller-server/src/main') diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java index 4fa7a40d38a..dd43195f67d 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java @@ -18,7 +18,6 @@ import org.apache.http.client.methods.HttpPatch; import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPut; import org.apache.http.client.methods.HttpRequestBase; -import org.apache.http.conn.ssl.DefaultHostnameVerifier; import org.apache.http.entity.InputStreamEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; @@ -225,7 +224,6 @@ public class ConfigServerRestExecutorImpl extends AbstractComponent implements C private static class ControllerOrConfigserverHostnameVerifier implements HostnameVerifier { - private final HostnameVerifier controllerVerifier = new DefaultHostnameVerifier(); private final HostnameVerifier configserverVerifier; ControllerOrConfigserverHostnameVerifier(ZoneRegistry registry) { @@ -241,7 +239,7 @@ public class ConfigServerRestExecutorImpl extends AbstractComponent implements C @Override public boolean verify(String hostname, SSLSession session) { - return controllerVerifier.verify(hostname, session) || configserverVerifier.verify(hostname, session); + return "localhost".equals(hostname) || configserverVerifier.verify(hostname, session); } } } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/configserver/ConfigServerApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/configserver/ConfigServerApiHandler.java index 99cc78a2614..e747b6041a5 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/configserver/ConfigServerApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/configserver/ConfigServerApiHandler.java @@ -31,8 +31,9 @@ import java.util.stream.Stream; @SuppressWarnings("unused") public class ConfigServerApiHandler extends AuditLoggingRequestHandler { - private static final String OPTIONAL_PREFIX = "/api"; private static final ZoneId CONTROLLER_ZONE = ZoneId.from("prod", "controller"); + private static final URI CONTROLLER_URI = URI.create("https://localhost:4443"); + private static final String OPTIONAL_PREFIX = "/api"; private static final List WHITELISTED_APIS = List.of("/flags/v1/", "/nodes/v2/", "/orchestrator/v1/"); private final ZoneRegistry zoneRegistry; @@ -122,6 +123,6 @@ public class ConfigServerApiHandler extends AuditLoggingRequestHandler { } private URI getEndpoint(ZoneId zoneId) { - return CONTROLLER_ZONE.equals(zoneId) ? zoneRegistry.apiUrl() : zoneRegistry.getConfigServerVipUri(zoneId); + return CONTROLLER_ZONE.equals(zoneId) ? CONTROLLER_URI : zoneRegistry.getConfigServerVipUri(zoneId); } } -- cgit v1.2.3