summaryrefslogtreecommitdiff
path: root/vendor/k8s.io/client-go/transport/cache.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/k8s.io/client-go/transport/cache.go')
-rw-r--r--vendor/k8s.io/client-go/transport/cache.go45
1 files changed, 35 insertions, 10 deletions
diff --git a/vendor/k8s.io/client-go/transport/cache.go b/vendor/k8s.io/client-go/transport/cache.go
index 8d76def34..7c40848c7 100644
--- a/vendor/k8s.io/client-go/transport/cache.go
+++ b/vendor/k8s.io/client-go/transport/cache.go
@@ -31,12 +31,28 @@ import (
// the config has no custom TLS options, http.DefaultTransport is returned.
type tlsTransportCache struct {
mu sync.Mutex
- transports map[string]*http.Transport
+ transports map[tlsCacheKey]*http.Transport
}
const idleConnsPerHost = 25
-var tlsCache = &tlsTransportCache{transports: make(map[string]*http.Transport)}
+var tlsCache = &tlsTransportCache{transports: make(map[tlsCacheKey]*http.Transport)}
+
+type tlsCacheKey struct {
+ insecure bool
+ caData string
+ certData string
+ keyData string
+ serverName string
+}
+
+func (t tlsCacheKey) String() string {
+ keyText := "<none>"
+ if len(t.keyData) > 0 {
+ keyText = "<redacted>"
+ }
+ return fmt.Sprintf("insecure:%v, caData:%#v, certData:%#v, keyData:%s, serverName:%s", t.insecure, t.caData, t.certData, keyText, t.serverName)
+}
func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
key, err := tlsConfigKey(config)
@@ -63,26 +79,35 @@ func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
return http.DefaultTransport, nil
}
+ dial := config.Dial
+ if dial == nil {
+ dial = (&net.Dialer{
+ Timeout: 30 * time.Second,
+ KeepAlive: 30 * time.Second,
+ }).Dial
+ }
// Cache a single transport for these options
c.transports[key] = utilnet.SetTransportDefaults(&http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: tlsConfig,
MaxIdleConnsPerHost: idleConnsPerHost,
- Dial: (&net.Dialer{
- Timeout: 30 * time.Second,
- KeepAlive: 30 * time.Second,
- }).Dial,
+ Dial: dial,
})
return c.transports[key], nil
}
// tlsConfigKey returns a unique key for tls.Config objects returned from TLSConfigFor
-func tlsConfigKey(c *Config) (string, error) {
+func tlsConfigKey(c *Config) (tlsCacheKey, error) {
// Make sure ca/key/cert content is loaded
if err := loadTLSFiles(c); err != nil {
- return "", err
+ return tlsCacheKey{}, err
}
- // Only include the things that actually affect the tls.Config
- return fmt.Sprintf("%v/%x/%x/%x", c.TLS.Insecure, c.TLS.CAData, c.TLS.CertData, c.TLS.KeyData), nil
+ return tlsCacheKey{
+ insecure: c.TLS.Insecure,
+ caData: string(c.TLS.CAData),
+ certData: string(c.TLS.CertData),
+ keyData: string(c.TLS.KeyData),
+ serverName: c.TLS.ServerName,
+ }, nil
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-15 22:44:17 +0000