Disallow configuring a custom root CA with a custom RoundTripper #593

yec-akamai · 2024-10-24T18:06:57Z

📝 Description

Disallow that presenting custom root CA and custom http transport together. Print a warning and return when this happens.

✔️ How to Test

make testunit

lgarber-akamai · 2024-10-25T16:57:34Z

client.go

@@ -743,6 +744,11 @@ func NewClient(hc *http.Client) (client Client) {
 			log.Fatalf("[ERROR] Error when reading cert at %s: %s\n", certPath, err.Error())
 		}

+		if hc.Transport != http.DefaultTransport.(*http.Transport) {
+			log.Println("[WARN] Custom transport is not allowed with a custom root CA.")
+			return


Would it make sense to break this logic out into a separate function so the Client can still finish initializing if this condition is met?

yec-akamai added 2 commits October 24, 2024 13:58

strict transport

fdab981

add doc

9eefaca

yec-akamai added the improvement for improvements in existing functionality in the changelog. label Oct 24, 2024

yec-akamai requested a review from a team as a code owner October 24, 2024 18:06

yec-akamai requested review from lgarber-akamai and ykim-1 and removed request for a team October 24, 2024 18:06

lgarber-akamai reviewed Oct 25, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Disallow configuring a custom root CA with a custom RoundTripper #593

Disallow configuring a custom root CA with a custom RoundTripper #593

yec-akamai commented Oct 24, 2024

lgarber-akamai Oct 25, 2024

Disallow configuring a custom root CA with a custom RoundTripper #593

Are you sure you want to change the base?

Disallow configuring a custom root CA with a custom RoundTripper #593

Conversation

yec-akamai commented Oct 24, 2024

📝 Description

✔️ How to Test

lgarber-akamai Oct 25, 2024

Choose a reason for hiding this comment