mirrors/etcd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tests/robustness: Encrypt peer traffic to prevent proxy manipulating packets

Browse Source 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
This commit is contained in:
Marek Siarkowicz
2023-04-01 16:17:30 +02:00
parent 5f99ffdba1
commit 71ba0873e3
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/framework/e2e/cluster.go
View File

@ -478,6 +478,9 @@ func (cfg *EtcdProcessClusterConfig) EtcdServerProcessConfig(tb testing.TB, i in
peerAdvertiseUrl := url.URL{Scheme: cfg.PeerScheme(), Host: fmt.Sprintf("localhost:%d", peerPort)} peerAdvertiseUrl := url.URL{Scheme: cfg.PeerScheme(), Host: fmt.Sprintf("localhost:%d", peerPort)}
var proxyCfg *proxy.ServerConfig var proxyCfg *proxy.ServerConfig
if cfg.PeerProxy { if cfg.PeerProxy {
if !cfg.IsPeerTLS {
panic("Can't use peer proxy without peer TLS as it can result in malformed packets")
}
peerAdvertiseUrl.Host = fmt.Sprintf("localhost:%d", peer2Port) peerAdvertiseUrl.Host = fmt.Sprintf("localhost:%d", peer2Port)
proxyCfg = &proxy.ServerConfig{ proxyCfg = &proxy.ServerConfig{
Logger: zap.NewNop(), Logger: zap.NewNop(),

1
tests/robustness/linearizability_test.go
View File

@ -103,6 +103,7 @@ func TestRobustness(t *testing.T) {
failpoint: RandomMultiNodeClusterFailpoint, failpoint: RandomMultiNodeClusterFailpoint,
traffic: &traffic, traffic: &traffic,
config: *e2e.NewConfig( config: *e2e.NewConfig(
e2e.WithIsPeerTLS(true),
e2e.WithSnapshotCount(100), e2e.WithSnapshotCount(100),
e2e.WithPeerProxy(true), e2e.WithPeerProxy(true),
e2e.WithGoFailEnabled(true), e2e.WithGoFailEnabled(true),