net/tsdial: do not use proxies when dialing out to PeerAPI

Found this when adding a test that does a ping over PeerAPI.

Our integration tests set up a trafficTrap to ensure that tailscaled
does not call out to the internet, and it does so via a HTTP_PROXY.

When adding a test for pings over PeerAPI, it triggered the trap and investigation
lead to the realization that we were not removing the Proxy when trying to
dial out to the PeerAPI.

Updates tailscale/corp#8020

Signed-off-by: Maisem Ali <maisem@tailscale.com>
pull/7931/head
Maisem Ali 2 years ago committed by Maisem Ali
parent d0906cda97
commit 85de580455

@ -367,6 +367,8 @@ func (d *Dialer) PeerAPIHTTPClient() *http.Client {
t := http.DefaultTransport.(*http.Transport).Clone() t := http.DefaultTransport.(*http.Transport).Clone()
t.Dial = nil t.Dial = nil
t.DialContext = d.dialPeerAPI t.DialContext = d.dialPeerAPI
// Do not use the environment proxy for PeerAPI.
t.Proxy = nil
d.peerClient = &http.Client{Transport: t} d.peerClient = &http.Client{Transport: t}
}) })
return d.peerClient return d.peerClient

Loading…
Cancel
Save