diff options
| author | Torsten Juergeleit <torsten.juergeleit@gmail.com> | 2017-05-31 16:34:05 +0200 |
|---|---|---|
| committer | Harrison Healey <harrisonmhealey@gmail.com> | 2017-05-31 10:34:05 -0400 |
| commit | fdf1164aee36d60b34ca82c07fe02b68e972f53a (patch) | |
| tree | decf173e9b6fb8d8f3c10463d065ad9234fc3391 /utils/httpclient.go | |
| parent | ddc996f33fc39b2b8f4705d6e1232ccbad1ee4c7 (diff) | |
| download | chat-fdf1164aee36d60b34ca82c07fe02b68e972f53a.tar.gz chat-fdf1164aee36d60b34ca82c07fe02b68e972f53a.tar.bz2 chat-fdf1164aee36d60b34ca82c07fe02b68e972f53a.zip | |
PLT-5705 Created a single source of http.Client creation logic with internet proxy support, reasonable timeouts and optional insecure connections (#6503)
Diffstat (limited to 'utils/httpclient.go')
| -rw-r--r-- | utils/httpclient.go | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/utils/httpclient.go b/utils/httpclient.go new file mode 100644 index 000000000..da366a29d --- /dev/null +++ b/utils/httpclient.go @@ -0,0 +1,60 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package utils + +import ( + "crypto/tls" + "net" + "net/http" + "time" +) + +const ( + connectTimeout = 3 * time.Second + requestTimeout = 5 * time.Second +) + +// HttpClient returns a variation the default implementation of Client. +// It uses a Transport with the same settings as the default Transport +// but with the following modifications: +// - shorter timeout for dial and TLS handshake (defined as constant +// "connectTimeout") +// - timeout for the end-to-end request (defined as constant +// "requestTimeout") +// - skipping server certificate check if specified in "config.json" +// via "ServiceSettings.EnableInsecureOutgoingConnections" +func HttpClient() *http.Client { + if Cfg.ServiceSettings.EnableInsecureOutgoingConnections != nil && *Cfg.ServiceSettings.EnableInsecureOutgoingConnections { + return insecureHttpClient + } + return secureHttpClient +} + +var ( + secureHttpClient = createHttpClient(false) + insecureHttpClient = createHttpClient(true) +) + +func createHttpClient(enableInsecureConnections bool) *http.Client { + client := &http.Client{ + Transport: &http.Transport{ + Proxy: http.ProxyFromEnvironment, + DialContext: (&net.Dialer{ + Timeout: connectTimeout, + KeepAlive: 30 * time.Second, + DualStack: true, + }).DialContext, + MaxIdleConns: 100, + IdleConnTimeout: 90 * time.Second, + TLSHandshakeTimeout: connectTimeout, + ExpectContinueTimeout: 1 * time.Second, + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: enableInsecureConnections, + }, + }, + Timeout: requestTimeout, + } + + return client +} |