Merge pull request #25690 from fabianofranz/fixes_panic_on_roundtripper_when_tls_under_proxy

Automatic merge from submit-queue Fixes panic on round tripper when TLS under a proxy When under a proxy with a valid cert from a trusted authority, the `SpdyRoundTripper` will likely not have a `*tls.Config` (no cert verification nor `InsecureSkipVerify` happened), which will result in a panic. So we have to create a new `*tls.Config` to be able to create a TLS client right after. If `RootCAs` in that new config is nil, the system pool will be used. @ncdc PTAL [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-05-20 05:31:42 -07:00 · 2016-05-20 05:31:42 -07:00 · b7a31ad261
parent 27512dd0a1 5940040c96
commit b7a31ad261
1 changed files with 4 additions and 0 deletions
--- a/pkg/util/httpstream/spdy/roundtripper.go
+++ b/pkg/util/httpstream/spdy/roundtripper.go
@ -125,6 +125,10 @@ func (s *SpdyRoundTripper) dial(req *http.Request) (net.Conn, error) {
 		return nil, err
 	}

+	if s.tlsConfig == nil {
+		s.tlsConfig = &tls.Config{}
+	}
+
 	if len(s.tlsConfig.ServerName) == 0 {
 		s.tlsConfig.ServerName = host
 	}