Skip to content

Commit

Permalink
Update TLS config for elasticsearch client
Browse files Browse the repository at this point in the history 
Follow up on elastic/beats#15516 to pass TLS
options to forward proxies.
  • Loading branch information
@simitt
simitt committed Feb 4, 2020
1 parent 55e4078 commit 2f42977
Showing 1 changed file with 10 additions and 9 deletions.
19 changes: 10 additions & 9 deletions elasticsearch/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,19 +73,20 @@ func (h Hosts) Validate() error {
}

func connectionConfig(config *Config) (*http.Transport, []string, error) {
var dial, tlsDial transport.Dialer
var addrs []string
proxy, err := httpProxyURL(config)
if err == nil {
addrs, err = addresses(config)
}
if err == nil {
dial, tlsDial, err = dialer(config)
if err != nil {
return &http.Transport{}, nil, nil
}
dial, tlsDial, tlsConfig, err := dialer(config)
transport := &http.Transport{
Proxy: proxy,
Dial: dial.Dial,
DialTLS: tlsDial.Dial,
Proxy: proxy,
Dial: dial.Dial,
DialTLS: tlsDial.Dial,
TLSClientConfig: tlsConfig.ToConfig(),
}
return transport, addrs, err
}
Expand Down Expand Up @@ -122,16 +123,16 @@ func addresses(cfg *Config) ([]string, error) {
return addresses, nil
}

func dialer(cfg *Config) (transport.Dialer, transport.Dialer, error) {
func dialer(cfg *Config) (transport.Dialer, transport.Dialer, *tlscommon.TLSConfig, error) {
var tlsConfig *tlscommon.TLSConfig
var err error
if cfg.TLS.IsEnabled() {
if tlsConfig, err = tlscommon.LoadTLSConfig(cfg.TLS); err != nil {
return nil, nil, err
return nil, nil, nil, err
}
}

dialer := transport.NetDialer(cfg.Timeout)
tlsDialer, err := transport.TLSDialer(dialer, tlsConfig, cfg.Timeout)
return dialer, tlsDialer, err
return dialer, tlsDialer, tlsConfig, err
}

0 comments on commit 2f42977

Please sign in to comment.