alleeclark
commented
4 years ago After running make validate a new lint error showed due to my change:
pkg/vegeta/vegeta.go:18:2: if statements should only be cuddled with assignments used in the if statement itself (wsl)
if key != "" && cert != "" {
^What are the recommendations? Should I just set insecure in attackWithOpts
When submitting an attack request with insecure for TLS configuration set to true does not get set. By default in the go language if insecure is not set, it will look to verify TLS if the target is serving https. This propose change sets insecure regardless if certs are found or not which is done in the vegeta library https://github.com/tsenart/vegeta/blob/19b74586217105bbde8ded6077c70095e97146bf/attack.go#L43 .
To Reproduce: Submit an attack where insecure is true
curl --header "Content-Type: application/json" --request POST --data '{"rate": 5,"duration":"10s","body":"eyJ1c2VyX2lkIjWJhOjYmFhOCJ9Cg==","insecure":true,"target":{"method":"POST","URL":"https://localhost:8500/login","scheme":"http"}}' http://localhost:8080/api/v1/attackView the report of the attack
Expected behavior: Status codes should return a non zero value as well as no errors from the request.
After building and running the change the expected output returned
{"id":"feb089a7-b6ab-49bf-bc9f-0b45e9c6721a","latencies":{"total":991264253,"mean":19825285,"max":24151538,"50th":19546985,"95th":23186075,"99th":24151538},"bytes_in":{"total":0,"mean":0},"bytes_out":{"total":2600,"mean":52},"earliest":"2020-09-08T14:00:13.920450625-04:00","latest":"2020-09-08T14:00:23.718906389-04:00","end":"2020-09-08T14:00:23.73893505-04:00","duration":9798455764,"wait":20028661,"requests":50,"rate":5.102844897631973,"success":1,"status_codes":{"200":50},"errors":[]}