From 7834c29a8163cd5368c491c2a659d09bdc507f42 Mon Sep 17 00:00:00 2001 From: "Harris.Chu" <1726587+HarrisChu@users.noreply.github.com> Date: Fri, 15 Sep 2023 18:18:07 +0800 Subject: [PATCH] add http header (#290) * add http header * update certs --- client_test.go | 10 ++++----- configs.go | 11 ++++++++++ connection.go | 22 ++++++++++++++++++-- connection_pool.go | 22 ++++++++++++-------- nebula-docker-compose/secrets/client.crt | 18 ++++++++-------- nebula-docker-compose/secrets/client.key | 26 ++++++++++++------------ nebula-docker-compose/secrets/root.crt | 22 ++++++++++---------- nebula-docker-compose/secrets/root.key | 26 ++++++++++++------------ nebula-docker-compose/secrets/run.sh | 2 +- nebula-docker-compose/secrets/server.crt | 20 +++++++++--------- nebula-docker-compose/secrets/server.key | 26 ++++++++++++------------ session_pool.go | 6 ++++-- 12 files changed, 124 insertions(+), 87 deletions(-) diff --git a/client_test.go b/client_test.go index 806d2a40..3bfc7c4d 100644 --- a/client_test.go +++ b/client_test.go @@ -65,7 +65,7 @@ func logoutAndClose(conn *connection, sessionID int64) { func TestConnection(t *testing.T) { hostAddress := HostAddress{Host: address, Port: port} conn := newConnection(hostAddress) - err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false) + err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false, nil) if err != nil { t.Fatalf("fail to open connection, address: %s, port: %d, %s", address, port, err.Error()) } @@ -122,7 +122,7 @@ func TestConnection(t *testing.T) { func TestConnectionIPv6(t *testing.T) { hostAddress := HostAddress{Host: addressIPv6, Port: port} conn := newConnection(hostAddress) - err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false) + err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false, nil) if err != nil { t.Fatalf("fail to open connection, address: %s, port: %d, %s", address, port, err.Error()) } @@ -254,7 +254,7 @@ func TestAuthentication(t *testing.T) { hostAddress := HostAddress{Host: address, Port: port} conn := newConnection(hostAddress) - err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false) + err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false, nil) if err != nil { t.Fatalf("fail to open connection, address: %s, port: %d, %s", address, port, err.Error()) } @@ -1421,7 +1421,7 @@ func prepareSpace(spaceName string) error { conn := newConnection(hostAddress) testPoolConfig := GetDefaultConf() - err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false) + err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false, nil) if err != nil { return fmt.Errorf("fail to open connection, address: %s, port: %d, %s", address, port, err.Error()) } @@ -1458,7 +1458,7 @@ func dropSpace(spaceName string) error { conn := newConnection(hostAddress) testPoolConfig := GetDefaultConf() - err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false) + err := conn.open(hostAddress, testPoolConfig.TimeOut, nil, false, nil) if err != nil { return fmt.Errorf("fail to open connection, address: %s, port: %d, %s", address, port, err.Error()) } diff --git a/configs.go b/configs.go index 01a188b5..fec4c3fb 100644 --- a/configs.go +++ b/configs.go @@ -13,6 +13,7 @@ import ( "crypto/x509" "fmt" "io/ioutil" + "net/http" "os" "time" ) @@ -31,6 +32,8 @@ type PoolConfig struct { MinConnPoolSize int // UseHTTP2 indicates whether to use HTTP2 UseHTTP2 bool + // HttpHeader is the http headers for the connection when using HTTP2 + HttpHeader http.Header } // validateConf validates config @@ -133,6 +136,8 @@ type SessionPoolConf struct { minSize int // useHTTP2 indicates whether to use HTTP2 useHTTP2 bool + // httpHeader is the http headers for the connection + httpHeader http.Header } type SessionPoolConfOption func(*SessionPoolConf) @@ -203,6 +208,12 @@ func WithHTTP2(useHTTP2 bool) SessionPoolConfOption { } } +func WithHttpHeader(header http.Header) SessionPoolConfOption { + return func(conf *SessionPoolConf) { + conf.httpHeader = header + } +} + func (conf *SessionPoolConf) checkMandatoryFields() error { // Check mandatory fields if conf.username == "" { diff --git a/connection.go b/connection.go index f2c1e29c..fdfe188e 100644 --- a/connection.go +++ b/connection.go @@ -29,6 +29,7 @@ type connection struct { returnedAt time.Time // the connection was created or returned. sslConfig *tls.Config useHTTP2 bool + httpHeader http.Header graph *graph.GraphServiceClient } @@ -44,7 +45,8 @@ func newConnection(severAddress HostAddress) *connection { // open opens a transport for the connection // if sslConfig is not nil, an SSL transport will be created -func (cn *connection) open(hostAddress HostAddress, timeout time.Duration, sslConfig *tls.Config, useHTTP2 bool) error { +func (cn *connection) open(hostAddress HostAddress, timeout time.Duration, sslConfig *tls.Config, + useHTTP2 bool, httpHeader http.Header) error { ip := hostAddress.Host port := hostAddress.Port newAdd := net.JoinHostPort(ip, strconv.Itoa(port)) @@ -85,6 +87,22 @@ func (cn *connection) open(hostAddress HostAddress, timeout time.Duration, sslCo return fmt.Errorf("failed to create a net.Conn-backed Transport,: %s", err.Error()) } pf = thrift.NewBinaryProtocolFactoryDefault() + if httpHeader != nil { + client, ok := transport.(*thrift.HTTPClient) + if !ok { + return fmt.Errorf("failed to get thrift http client") + } + for k, vv := range httpHeader { + if k == "Content-Type" { + // fbthrift will add "Content-Type" header, so we need to skip it + continue + } + for _, v := range vv { + // fbthrift set header with http.Header.Add, so we need to set header one by one + client.SetHeader(k, v) + } + } + } } else { bufferSize := 128 << 10 @@ -132,7 +150,7 @@ func (cn *connection) verifyClientVersion() error { // When the timeout occurs, the connection will be reopened to avoid the impact of the message. func (cn *connection) reopen() error { cn.close() - return cn.open(cn.severAddress, cn.timeout, cn.sslConfig, cn.useHTTP2) + return cn.open(cn.severAddress, cn.timeout, cn.sslConfig, cn.useHTTP2, cn.httpHeader) } // Authenticate diff --git a/connection_pool.go b/connection_pool.go index d8f891ed..bb29efd3 100644 --- a/connection_pool.go +++ b/connection_pool.go @@ -12,6 +12,7 @@ import ( "container/list" "crypto/tls" "fmt" + "net/http" "sync" "time" @@ -64,7 +65,8 @@ func NewSslConnectionPool(addresses []HostAddress, conf PoolConfig, sslConfig *t // initPool initializes the connection pool func (pool *ConnectionPool) initPool() error { - if err := checkAddresses(pool.conf.TimeOut, pool.addresses, pool.sslConfig, pool.conf.UseHTTP2); err != nil { + if err := checkAddresses(pool.conf.TimeOut, pool.addresses, pool.sslConfig, + pool.conf.UseHTTP2, pool.conf.HttpHeader); err != nil { return fmt.Errorf("failed to open connection, error: %s ", err.Error()) } @@ -73,7 +75,8 @@ func (pool *ConnectionPool) initPool() error { newConn := newConnection(pool.addresses[i%len(pool.addresses)]) // Open connection to host - if err := newConn.open(newConn.severAddress, pool.conf.TimeOut, pool.sslConfig, pool.conf.UseHTTP2); err != nil { + if err := newConn.open(newConn.severAddress, pool.conf.TimeOut, pool.sslConfig, + pool.conf.UseHTTP2, pool.conf.HttpHeader); err != nil { // If initialization failed, clean idle queue idleLen := pool.idleConnectionQueue.Len() for i := 0; i < idleLen; i++ { @@ -191,7 +194,7 @@ func (pool *ConnectionPool) releaseAndBack(conn *connection, pushBack bool) { // Ping checks availability of host func (pool *ConnectionPool) Ping(host HostAddress, timeout time.Duration) error { - return pingAddress(host, timeout, pool.sslConfig, pool.conf.UseHTTP2) + return pingAddress(host, timeout, pool.sslConfig, pool.conf.UseHTTP2, pool.conf.HttpHeader) } // Close closes all connection @@ -242,7 +245,8 @@ func (pool *ConnectionPool) newConnToHost() (*connection, error) { host := pool.getHost() newConn := newConnection(host) // Open connection to host - if err := newConn.open(newConn.severAddress, pool.conf.TimeOut, pool.sslConfig, pool.conf.UseHTTP2); err != nil { + if err := newConn.open(newConn.severAddress, pool.conf.TimeOut, pool.sslConfig, + pool.conf.UseHTTP2, pool.conf.HttpHeader); err != nil { return nil, err } // Add connection to active queue @@ -349,23 +353,25 @@ func (pool *ConnectionPool) timeoutConnectionList() (closing []*connection) { // checkAddresses checks addresses availability // It opens a temporary connection to each address and closes it immediately. // If no error is returned, the addresses are available. -func checkAddresses(confTimeout time.Duration, addresses []HostAddress, sslConfig *tls.Config, useHTTP2 bool) error { +func checkAddresses(confTimeout time.Duration, addresses []HostAddress, sslConfig *tls.Config, + useHTTP2 bool, httpHeader http.Header) error { var timeout = 3 * time.Second if confTimeout != 0 && confTimeout < timeout { timeout = confTimeout } for _, address := range addresses { - if err := pingAddress(address, timeout, sslConfig, useHTTP2); err != nil { + if err := pingAddress(address, timeout, sslConfig, useHTTP2, httpHeader); err != nil { return err } } return nil } -func pingAddress(address HostAddress, timeout time.Duration, sslConfig *tls.Config, useHTTP2 bool) error { +func pingAddress(address HostAddress, timeout time.Duration, sslConfig *tls.Config, + useHTTP2 bool, httpHeader http.Header) error { newConn := newConnection(address) // Open connection to host - if err := newConn.open(newConn.severAddress, timeout, sslConfig, useHTTP2); err != nil { + if err := newConn.open(newConn.severAddress, timeout, sslConfig, useHTTP2, httpHeader); err != nil { return err } defer newConn.close() diff --git a/nebula-docker-compose/secrets/client.crt b/nebula-docker-compose/secrets/client.crt index 215b9026..b1727a4a 100644 --- a/nebula-docker-compose/secrets/client.crt +++ b/nebula-docker-compose/secrets/client.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB+jCCAWOgAwIBAgIUGPV76GVV7ASOQ4OTmIrYLMUPS5IwDQYJKoZIhvcNAQEL +MIIB+jCCAWOgAwIBAgIUGPV76GVV7ASOQ4OTmIrYLMUPS5YwDQYJKoZIhvcNAQEL BQAwLjELMAkGA1UEBhMCQ0gxEDAOBgNVBAoMB3Rlc3QtY2ExDTALBgNVBAMMBHJv -b3QwHhcNMjMwODIzMDM0MTI5WhcNMjMwOTAyMDM0MTI5WjAwMQswCQYDVQQGEwJD +b3QwHhcNMjMwOTE1MTAwNjQ0WhcNMzMwOTEyMTAwNjQ0WjAwMQswCQYDVQQGEwJD SDEQMA4GA1UECgwHdGVzdC1jYTEPMA0GA1UEAwwGY2xpZW50MIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQCbKsaKHccqg6N3yl8C9fDk1xdlxdRax6fjvFll/QB/ -1INoKTqvDZZvok7gyJPC3i5vo24m9QMfv48TfTcSWzTeEifaqSdsKUCnJJk962Ur -Wdn2ta7Myk6fv4jHQJVil5etXvsASb9EPVRZ+4cQOINzkukk/+bMqm6p5DIbGC8F -1QIDAQABoxMwETAPBgNVHREECDAGhwR/AAABMA0GCSqGSIb3DQEBCwUAA4GBAErf -z7zH4Uir8wQH1/wgcDvqyZzRAgaHNP7X8U/E6Ainy6yX1vCe0Ee7M0Blmq6cgn8u -sGC74TC9hsQ4LL8JlvRA2ioJgnxL9wNe1E55hJvSj1SMWAjo8sHe63QJt354/enp -tmVysYqsZbC4Xu/hrko2FRJEvVD2m/VZ75ahqOLS +DQEBAQUAA4GNADCBiQKBgQDdmoS5JoZ+c61tsgl84hrddRZvVlsx9wL0dao6R+PK +3w3hEmSDJNPievEEY3eOKgU9PzXvcRPOuV/mXgJ47dqDwc459hss1UxrYzUCtSsK +2zPWIHksIb6b18LVSXV0hLjlH2rkz5AUT49EBpFSkSa87tNO9w0+GGzCtnavzwY9 +RwIDAQABoxMwETAPBgNVHREECDAGhwR/AAABMA0GCSqGSIb3DQEBCwUAA4GBAJGY +AUOjNBXtMXG8HNFk8aqABFsQuwL0oE5/q7Y6HJreHmecHSZXDdOXqPiZUaKizbtJ +cUFfaErn4PPSFxLIQP4CEGduuNdDxrfDJ3MRQCfY1M7ZGFWaFxkSW0EnN8ItVEcr +8umeK8H7bPq0kaskWbUl/ZjwkIsdVruYjHo7zF+X -----END CERTIFICATE----- diff --git a/nebula-docker-compose/secrets/client.key b/nebula-docker-compose/secrets/client.key index b74d03cc..6ba918e9 100644 --- a/nebula-docker-compose/secrets/client.key +++ b/nebula-docker-compose/secrets/client.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCbKsaKHccqg6N3yl8C9fDk1xdlxdRax6fjvFll/QB/1INoKTqv -DZZvok7gyJPC3i5vo24m9QMfv48TfTcSWzTeEifaqSdsKUCnJJk962UrWdn2ta7M -yk6fv4jHQJVil5etXvsASb9EPVRZ+4cQOINzkukk/+bMqm6p5DIbGC8F1QIDAQAB -AoGAEzTIPnBRJsIEid9Sw1sN5kV5b+98yX/NGDNIHYejeC8l1M7FpMVZyZedi9VH -9ObreIYSLGBHcraTTyZAmtUPRfxB8b9g+2c37wuFt+bRyDbHpznusM68ekollMED -h/wJTrV1lizKZ3J8275BqPUO43YLifjoVK48MqBHyyvJQEECQQDI2kfQxdT2qc7k -trOwEcTYVrJeY7oY0rlC4EDb012Swv5SX1eeB4FnqeXuqQvQT7xyP6nHSkosQ9of -MCsjm0XzAkEAxcVOIgPWj2QnaiYXuL98c+JBxCvu7KWGV0woRK+O4PCe7i03fcA2 -DpZP2XI9QJHeW0P9Wl56ti/Vb1hsj3OPFwJACXhRPoS1X9Ptz1bV7g1IbLLZwh2N -nrIAzihopnS2yr6q4xNfvDG6ZjrafoA18GJyDij2RlE4YhHo7OOGhS1DBQJBAJ++ -p0XCY+SeuVd8PVz1Dslr0ENsWSi86q5IzZ3tUDNRKI6p51CjmQZfU1AIfoFRUZHW -cSY1elj+eh/eBJI6fTECQQC8bOWvOcn/Epm5vvn3l3f0G67IXhZTX0ZCfRtuuF8e -xe+j+aPflVteUBylgOfJ5oJ+hmmv3XfdUWrD5mfHfsVv +MIICXQIBAAKBgQDdmoS5JoZ+c61tsgl84hrddRZvVlsx9wL0dao6R+PK3w3hEmSD +JNPievEEY3eOKgU9PzXvcRPOuV/mXgJ47dqDwc459hss1UxrYzUCtSsK2zPWIHks +Ib6b18LVSXV0hLjlH2rkz5AUT49EBpFSkSa87tNO9w0+GGzCtnavzwY9RwIDAQAB +AoGASd2YgfLCf+HlHBxtJzBizhCaQtBhI313ga666CRQXK4O/UfZMxGSgvqB3fmd +v0hoaKrqOn7RoGWP/sS1REPcQtG5Zt7Al6Qojqcp8qwPOkZQQReTs939keuSyvBy +klqAA/2iOCmMHVtDTvWA1PGZbp9VPgLUlKckerk1qwWecPECQQD98y5mCrb4Ywq6 +24zsydARe6olbU296yepSP+eF/19nBYVEV4zLw3EwI5P0ZXtHPF7lq9uHI59TwkC +DfK1HQfvAkEA32R9UQvTqgaVVmRWUTwQo+5v+dF61FuU+yx+1E4XkIY8+tTVtGNJ +1vADLZ3UKtYxlVcpm0L7ej4zO9EX0GeIKQJBAPbKAhhGZ2PhlEbdIAnpYhvrawFu +RLPBOEzqVQeFVuJf8pHMzBe/rYi8fFCTZDkG/KJXYOsIM20RhraJaYmayd8CQC/K +C5T+9rT025WzuVN/if/HzmSfD6vGO8TP7AH3AsuELB9s0Jracr1scwGbNfxD/i94 +igoQ9kNccxFk1bdbrqECQQDHPJ4H8FeXlKAVDFiKIlDQOru2JXlEMtJAW73kTdAx +12+U7lhLXAbtXyFIWTQw8ixz4c2qr5xrpc2ARfKC29BU -----END RSA PRIVATE KEY----- diff --git a/nebula-docker-compose/secrets/root.crt b/nebula-docker-compose/secrets/root.crt index 71ab903c..39275109 100644 --- a/nebula-docker-compose/secrets/root.crt +++ b/nebula-docker-compose/secrets/root.crt @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE----- -MIIChDCCAe2gAwIBAgIUXQxeBP1zbaGeVEtKjV+EncGlWfAwDQYJKoZIhvcNAQEL +MIIChDCCAe2gAwIBAgIUT4WG4t/9uIG9JAUwmmV/C0mw4zQwDQYJKoZIhvcNAQEL BQAwLjELMAkGA1UEBhMCQ0gxEDAOBgNVBAoMB3Rlc3QtY2ExDTALBgNVBAMMBHJv -b3QwHhcNMjMwODIzMDM0MDQ5WhcNMzMwODIwMDM0MDQ5WjAuMQswCQYDVQQGEwJD +b3QwHhcNMjMwOTE1MTAwNTUyWhcNMzMwOTEyMTAwNTUyWjAuMQswCQYDVQQGEwJD SDEQMA4GA1UECgwHdGVzdC1jYTENMAsGA1UEAwwEcm9vdDCBnzANBgkqhkiG9w0B -AQEFAAOBjQAwgYkCgYEAt+CM4IZKC0poJKHUFhbZw7+I213gwDQARHsNy0n70q4B -yiw8MXLHIfXCYXhmviay1dyPYT/HTxf/a4rRedvLLPHzrGiLR6HdkNqt11ZnLHau -tpgaui2RNPedkPA6Rsiy0tVJB+HU6Oy3Z/nOodKe6mcpChHetB2yvApQYn9kQfEC -AwEAAaOBnjCBmzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMEQlAQDTclq+d -vBcrCfykTBpn6zBpBgNVHSMEYjBggBTMEQlAQDTclq+dvBcrCfykTBpn66EypDAw +AQEFAAOBjQAwgYkCgYEA4MqwdRop7iY9GpwFhncFDSvrSi7Y3jwyO1s5xocB2y+8 +Rwhcm8Pln4u2y8jE+oFcYFdKtbM/aol+f0KjbX0Vshws1AHgmcxtuBP0TVVK8wfp +wgF28JPgkTvbFzFekmggGlTCfyQ/ehTx6j56Ti5UkLs9Q4BeErN3xShen0x0sucC +AwEAAaOBnjCBmzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBToP7wyTiF5ua6c +4uS+WIYSWtpK3TBpBgNVHSMEYjBggBToP7wyTiF5ua6c4uS+WIYSWtpK3aEypDAw LjELMAkGA1UEBhMCQ0gxEDAOBgNVBAoMB3Rlc3QtY2ExDTALBgNVBAMMBHJvb3SC -FF0MXgT9c22hnlRLSo1fhJ3BpVnwMA0GCSqGSIb3DQEBCwUAA4GBAG46WEPWLn9g -ob2gE1V3Op5/YwkAeiBBcLho94CY3niGE9JLe5AgQqFG10PM9IMSOemuvoJHuCND -LNyoMh4D73fRToUIMKPCVoboWLFX9kpaMAwBylAEmAVhyVotKfSXVXNOMRg5Idto -GcO6tFTbpyZtONufp+BNWjNI7+ZkcvoD +FE+FhuLf/biBvSQFMJplfwtJsOM0MA0GCSqGSIb3DQEBCwUAA4GBAI6EifIhcv+z +jz863TFmbJ/68kjPiiRvBplxr0kURGJGBUefutjiI4dJ1K/PcGKoTuzKI57huX9+ +v0FMN/rztBJCQZbDhrObjNoaU+bBIj0msY99uCkB3HWILe31fQQv5IecvsUq38tB +PWK1fn+LuzKq5AT+PNzogg4zz3JQSMgl -----END CERTIFICATE----- diff --git a/nebula-docker-compose/secrets/root.key b/nebula-docker-compose/secrets/root.key index 7c8ef65d..afe364aa 100644 --- a/nebula-docker-compose/secrets/root.key +++ b/nebula-docker-compose/secrets/root.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC34IzghkoLSmgkodQWFtnDv4jbXeDANABEew3LSfvSrgHKLDwx -csch9cJheGa+JrLV3I9hP8dPF/9ritF528ss8fOsaItHod2Q2q3XVmcsdq62mBq6 -LZE0952Q8DpGyLLS1UkH4dTo7Ldn+c6h0p7qZykKEd60HbK8ClBif2RB8QIDAQAB -AoGBAKsiN5tkAJffiWvGncBtRgG0Sqh4CAx6mWEi8eSpF9GuF4ZVgzQ2cfU+aMoU -p/MDy1/VpjBJjrMjT5qEmY+Dq+S1a5OvVEhA50pHmyMxI/9droqdTB/H5/z5LyjO -ZvNAYnpL9eYbOUugdRs6q2K2vOO3HQbO9R+Z9uc9WNYhrqztAkEA5GHIP9KgPm+5 -I96L0TGAKNpfZNyr9jqolNdLlmOV7T/jG1kqDA3g6jP6nNeWY3c6qnQCeKN1ri53 -k05wp5T8dwJBAM4c/oAP95fx1drwxp1q48UDj4ElLd/fSPrxV1qezMuxvzGdj9Le -AbPh6sOVutquaiD40AeMIJxjux56hBd+FtcCQDBGTwrWndK00QC5APr2KK36AuIS -FzNUEOBtZefjIwTkVUApp86mfF1lIVtX4s0hnb/8B62yd6Sa4+G6WevCfV8CQQCu -1ueIaIMF8E4RiBdjJ24JDIkp6wjsFDOLMzh/lZ9x1tix1M9Q96QIHEcSHCxCHpvG -VmnZTSPIpczwAMuWRg5HAkAn/326/DImJHYn2x/rMH72YRBz2/7O2kPETgqJCUmB -X6vHHHcKLWaeeSJJMHkhz5diexalrTDrS0CocoRO3CQr +MIICXAIBAAKBgQDgyrB1GinuJj0anAWGdwUNK+tKLtjePDI7WznGhwHbL7xHCFyb +w+Wfi7bLyMT6gVxgV0q1sz9qiX5/QqNtfRWyHCzUAeCZzG24E/RNVUrzB+nCAXbw +k+CRO9sXMV6SaCAaVMJ/JD96FPHqPnpOLlSQuz1DgF4Ss3fFKF6fTHSy5wIDAQAB +AoGABWfaZnaCm59/yKwH1fv2uyJbPiVyQaXg71x6PzPv731uYabp0zUayINrmery +EbQarJZszYHJ/J3h1N2dYHypkNthd6G7ksFMDJm3gZVeZQaY7gZ5+Rh02JOWZvjr +0tPuS4xX5lfNhMuClvXvATazFQSteR+TvKWYH5iLebl++sECQQD3pduACRczd9I6 +Xcd+1cCRRMDppaF1Ssexs3CBdZzvcJqCG9vFzF4TWT+ocoiUmc2qbPiVLXuF9TRl +PRYxnNvdAkEA6F9/InVRuaRfEMyQvcVgby3/49aTmRJe6S8IQkxpKoiZYlWiHiWx +R95wBh4Ac1iyNhgfNxIEHnDUOi92GrqPkwJBALkpmKH1qhRAbb5YKfZKig3T002f +GsahIAhcuy0ArFNW5R+NBtiwwlJDM9aVtEsvaFgZ3A9mD2qMeR2M/BAiUT0CQE4h +7gmUEQqurhhj8Dce6rH3cZcWS0Ko3qjhW5GPR705ePmLeZtRaS6VKG2mINin9iQi +MDzAHgpuPa3iz39lQ2kCQCUlkHY+6sii77hkV2BOir4aG+Sp1O+tlHkHFlF5FDH5 +4q3Ojbhpp7xVaAbWBcPoq9JaI04Jctb1y6A/oVfrUm0= -----END RSA PRIVATE KEY----- diff --git a/nebula-docker-compose/secrets/run.sh b/nebula-docker-compose/secrets/run.sh index c933d9c9..a906cdd1 100755 --- a/nebula-docker-compose/secrets/run.sh +++ b/nebula-docker-compose/secrets/run.sh @@ -81,7 +81,7 @@ EOF if [ ${cert_type} == "root" ]; then openssl x509 -req -in ${cert_type}.csr -out ${cert_type}.crt -extfile ${cert_type}.cnf -extensions v3_ca -signkey ${cert_type}.key -CAcreateserial -days 3650 else - openssl x509 -req -in ${cert_type}.csr -out ${cert_type}.crt -CA root.crt -CAkey root.key -CAcreateserial -days 10 -extfile ${cert_type}.cnf -extensions req_ext + openssl x509 -req -in ${cert_type}.csr -out ${cert_type}.crt -CA root.crt -CAkey root.key -CAcreateserial -days 3650 -extfile ${cert_type}.cnf -extensions req_ext fi } diff --git a/nebula-docker-compose/secrets/server.crt b/nebula-docker-compose/secrets/server.crt index 69e53c55..bafb36ac 100644 --- a/nebula-docker-compose/secrets/server.crt +++ b/nebula-docker-compose/secrets/server.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICIDCCAYmgAwIBAgIUGPV76GVV7ASOQ4OTmIrYLMUPS5MwDQYJKoZIhvcNAQEL +MIICIDCCAYmgAwIBAgIUGPV76GVV7ASOQ4OTmIrYLMUPS5cwDQYJKoZIhvcNAQEL BQAwLjELMAkGA1UEBhMCQ0gxEDAOBgNVBAoMB3Rlc3QtY2ExDTALBgNVBAMMBHJv -b3QwHhcNMjMwODIzMDM0MzAzWhcNMjMwOTAyMDM0MzAzWjAwMQswCQYDVQQGEwJD +b3QwHhcNMjMwOTE1MTAwNjQ3WhcNMzMwOTEyMTAwNjQ3WjAwMQswCQYDVQQGEwJD SDEQMA4GA1UECgwHdGVzdC1jYTEPMA0GA1UEAwwGc2VydmVyMIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQDuxsEJMhvp3NvPIJTzc9QaER/q6BEtslmXdLTKT6jO -KsQ6hmsJseUEfjVFus3IJmoYyefkIhwrljT/24bdx0Aj26A43kHN6SGcHDfgrDDr -rZLDH7GVypojFi1hFmoIMy+Xk+FcH5lgVpcAl3VVQDIHBtUCpZSYls8KHcGFWTxr -cQIDAQABozkwNzA1BgNVHREELjAshwR/AAABgglsb2NhbGhvc3SCB2dyYXBoZDCC -B2dyYXBoZDGCB2dyYXBoZDIwDQYJKoZIhvcNAQELBQADgYEAOZd+3PJEpejVkb+v -Pb4sgnptYoeAPHmCLsa9A8fD2allHxPSSgi7rk5h79PR9fcKP4FzBbfwUKR6lc7s -Mmo06CApTQXjUOOz1KFitou6JIAa58NVcHoNcKSOHynwJEi9hON+DGZxleU4X1SC -nnva1E6RoCUmG4Qa3ezPnoQy5ao= +DQEBAQUAA4GNADCBiQKBgQDJxTV8cv5+3YgPft2jebm3WFPw2bsdoZMu6C3NF5By +SQJaWY75KRDPx1DHqnWFhpH96gRpr9UAiBWuPrOqV5AH4ZHhqIF5Ss0OePYQvpzf +C0MCt1JDqcg0692RuVDLTH1flSIdYAE2VPTygd1+DXqxxxKIASIxbW4QNq6Mc6KK +pwIDAQABozkwNzA1BgNVHREELjAshwR/AAABgglsb2NhbGhvc3SCB2dyYXBoZDCC +B2dyYXBoZDGCB2dyYXBoZDIwDQYJKoZIhvcNAQELBQADgYEAY8yRSFEzV+wxNdMG +3745FqntuKXTPzL2trWfgHnbGjqqoECiEn2D/h2F2zVboUz+F06CW66XaIXP4iac +Ff6YNWP9eVaO2xzSDeGkZ2ME5gNgiXc2taZipBDwlp8fm0bH7RhExJn3dSVKtP6Q +Ikk2wvBDxc3NKXkXKxKM1sDjyLs= -----END CERTIFICATE----- diff --git a/nebula-docker-compose/secrets/server.key b/nebula-docker-compose/secrets/server.key index 73325b2b..b0839c4d 100644 --- a/nebula-docker-compose/secrets/server.key +++ b/nebula-docker-compose/secrets/server.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDuxsEJMhvp3NvPIJTzc9QaER/q6BEtslmXdLTKT6jOKsQ6hmsJ -seUEfjVFus3IJmoYyefkIhwrljT/24bdx0Aj26A43kHN6SGcHDfgrDDrrZLDH7GV -ypojFi1hFmoIMy+Xk+FcH5lgVpcAl3VVQDIHBtUCpZSYls8KHcGFWTxrcQIDAQAB -AoGBAN2dtW6uhn/hkFZHPFhVSihDeqdRaxhJr6PGG0Km+tsXkHdtaQ1fgltQNGua -vQImvVRymXsBObouuNQ8UYmoNFsIge/GxFewOouVhVhju6F1RXBja0zJtV8tSfWJ -dhvxXflMaHXo0C3Zbg1jtFnQ48kSQzlwJ/nh5mQ3mwWd31HBAkEA/yGEKI+ql4Wn -aG7W6xNzNtdTt6s3y3IxjmV7mt5l1Mzx1oN2FgxUD+3ySryzNLVOVbbJaH7y413x -p4JT4rXxCQJBAO+W+d0KxkrcmxhxrevOwmsyWRe3chBEi8ZgKYOGy/tdSXjCHjWH -8+N0Tiie1f/ukNgWx5yXAjQbkijRtVEDiSkCQD3Q2huVy6iQ2qIEERC+ErFb9M3Q -r2Ec1wMAdbVtY1DvIz1tdsQa0pdVeNpA5E7GCyfbdOtbrvAGCBIlErwghzkCQQDJ -+ayJ+xtO4MqewLato4+ibr9MjwlJTX/HrClTB7/OF8ZoVrzAw+uGQ/XfqIcfSi4w -/IMqLuNcqiF858zCjwiBAkEAts+c+3pJXOZr18Wadn5tquh5d8cFVg6DVBp10JXc -ZYDDMtfYbwPxGX7M104wUwKTXxNvddA00NsGgrbTEnUvHQ== +MIICXQIBAAKBgQDJxTV8cv5+3YgPft2jebm3WFPw2bsdoZMu6C3NF5BySQJaWY75 +KRDPx1DHqnWFhpH96gRpr9UAiBWuPrOqV5AH4ZHhqIF5Ss0OePYQvpzfC0MCt1JD +qcg0692RuVDLTH1flSIdYAE2VPTygd1+DXqxxxKIASIxbW4QNq6Mc6KKpwIDAQAB +AoGABH99+sFBhSiBIP9OB5fuGPVCIctozXdNpa0NYFYXJUUVZVg7xLgypL8nwNu+ +9PQUCxoNcSG3WOSvvwusy65aCpjNchd6jTBjBUrvBla/ZS94BUsTOOkEDnC5RZHn +qhMlrUDfvVIObUOux+jxjbGRVBlLPmyqjiuCZGV0IiW2oKkCQQDl9K5SEmvmWdCh +OOpvHwSskPzOOHwICh3zvhfW0D2vIrggr+6sDrTbQJSSpelmyb169SQY4xHwmasz +1vO4AR8rAkEA4J9SXYFVa2wdFYlpSQ4So99FrLvc95t9sCgvjzr+UNNP7B/LNlto +Zj826Ho6kMjXzV5yd2gnXH2AMpXIa5fkdQJBAMS1wIEYnRCZ+CxSQcj44ci05m2K +SB+gd+rPzBjIXlv4+UWM+kBY/EEqR24DW1vAa8RI+64GYIxPB/L6h9X5r60CQBlq +DVClDHwd/GBubqokXHmMDn8Ptl2RizP+J/tlqlaMwhMuObjJuNMwvc6p3ax5/Oiw +kfTupN1zGakfh1CdG+0CQQDfhISnuYZSko5KpfUKbe8MOMbEXl9CopMe15Kp2YAf +/ylMfZ3FzF2/Aj6dOoetLXhypS3Jxu58WHHg64L64Vvf -----END RSA PRIVATE KEY----- diff --git a/session_pool.go b/session_pool.go index 7121b348..877dcab6 100644 --- a/session_pool.go +++ b/session_pool.go @@ -78,7 +78,8 @@ func NewSessionPool(conf SessionPoolConf, log Logger) (*SessionPool, error) { // init initializes the session pool. func (pool *SessionPool) init() error { // check the hosts status - if err := checkAddresses(pool.conf.timeOut, pool.conf.serviceAddrs, pool.conf.sslConfig, pool.conf.useHTTP2); err != nil { + if err := checkAddresses(pool.conf.timeOut, pool.conf.serviceAddrs, pool.conf.sslConfig, + pool.conf.useHTTP2, pool.conf.httpHeader); err != nil { return fmt.Errorf("failed to initialize the session pool, %s", err.Error()) } @@ -285,7 +286,8 @@ func (pool *SessionPool) newSession() (*pureSession, error) { } // open a new connection - if err := cn.open(cn.severAddress, pool.conf.timeOut, pool.conf.sslConfig, pool.conf.useHTTP2); err != nil { + if err := cn.open(cn.severAddress, pool.conf.timeOut, pool.conf.sslConfig, + pool.conf.useHTTP2, pool.conf.httpHeader); err != nil { return nil, fmt.Errorf("failed to create a net.Conn-backed Transport,: %s", err.Error()) }