Skip to content

Commit

Permalink
hostindex: Passthrough displaces path-based TLS
Browse files Browse the repository at this point in the history 
Ensure that a passthrough route displaces any path-based TLS routes with
the same host, because passthrough is incompatible with path-based routing.

This commit fixes bug 1691190.

https://bugzilla.redhat.com/show_bug.cgi?id=1691190

* pkg/router/controller/hostindex/activation.go (hasExistingMatch): Return
true if both routes are TLS and the existing route is a passthrough route.
* pkg/router/controller/hostindex/hostindex_test.go (Test_hostIndex):
Verify that a passthrough route displaces path-based TLS routes with the
same host, but does not displace non-TLS routes.
  • Loading branch information
@Miciah
Miciah committed Oct 28, 2019
1 parent 98703dc commit 65e784f
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 0 deletions.
5 changes: 5 additions & 0 deletions pkg/router/controller/hostindex/activation.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,11 @@ func hasExistingMatch(exists []*routev1.Route, route *routev1.Route) bool {
if existing.Spec.Path == route.Spec.Path {
return true
}
// Path-based TLS routes cannot have the same host as a
// passthrough route.
if existing.Spec.TLS != nil && route.Spec.TLS != nil && existing.Spec.TLS.Termination == routev1.TLSTerminationPassthrough {
return true
}
}
return false
}
13 changes: 13 additions & 0 deletions pkg/router/controller/hostindex/hostindex_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,19 @@ func Test_hostIndex(t *testing.T) {
displaces: map[string]struct{}{"002": {}},
inactive: map[string][]string{"test.com": {"002"}},
},
{
name: "path-based route that conflicts with passthrough route",
activateFn: SameNamespace,
steps: []step{
{route: newRoute("test", "1", 1, 1, routev1.RouteSpec{Host: "test.com", TLS: &routev1.TLSConfig{Termination: routev1.TLSTerminationPassthrough}})},
{route: newRoute("test", "2", 2, 1, routev1.RouteSpec{Host: "test.com", Path: "/bar"})},
{route: newRoute("test", "3", 3, 1, routev1.RouteSpec{Host: "test.com", TLS: &routev1.TLSConfig{Termination: routev1.TLSTerminationEdge}, Path: "/foo"})},
},
newRoute: true,
active: map[string][]string{"test.com": {"001", "002"}},
displaces: map[string]struct{}{"003": {}},
inactive: map[string][]string{"test.com": {"003"}},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
Expand Down

0 comments on commit 65e784f

Please sign in to comment.