This is an automated email from the ASF dual-hosted git repository.
rawlin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 8bad27f Traffic Portal controls for Delivery Service TLS Versions
(#6054)
8bad27f is described below
commit 8bad27f3eff774e33f2ca30142b8b7caf402e44c
Author: ocket8888 <[email protected]>
AuthorDate: Thu Aug 12 09:38:38 2021 -0600
Traffic Portal controls for Delivery Service TLS Versions (#6054)
* Add local testing key/certs to gitignore
* Update dev config to not use privileged network ports
* Add controller code for editing/creating DSes with TLS versions
* Add template markup for manipulating DS TLS Versions
* Fix TLS version input box obscuring tooltip content
* Cache TLS version restrictions on toggling them off for a DS
* Add missing semicolons
* Fix indentation using spaces instead of real indentation
---
traffic_portal/.gitignore | 6 +
.../app/src/common/modules/form/_form.scss | 2 +-
.../FormDeliveryServiceController.js | 140 +++++++++++++++++++++
.../clone/FormCloneDeliveryServiceController.js | 2 +
.../edit/FormEditDeliveryServiceController.js | 9 +-
.../form.deliveryService.DNS.tpl.html | 84 +++++++++++++
.../form.deliveryService.HTTP.tpl.html | 84 +++++++++++++
.../form.deliveryService.anyMap.tpl.html | 84 +++++++++++++
.../new/FormNewDeliveryServiceController.js | 5 +
traffic_portal/conf/configDev.js | 8 +-
10 files changed, 419 insertions(+), 5 deletions(-)
diff --git a/traffic_portal/.gitignore b/traffic_portal/.gitignore
index a2b70c0..6089ad3 100644
--- a/traffic_portal/.gitignore
+++ b/traffic_portal/.gitignore
@@ -22,3 +22,9 @@ node_modules
app/bower_components
app/dist
Gemfile.lock
+
+# SSL keys/certs for testing with the dev configuration
+localhost.cert
+localhost.crt
+localhost.key
+localhost.csr
diff --git a/traffic_portal/app/src/common/modules/form/_form.scss
b/traffic_portal/app/src/common/modules/form/_form.scss
index e6c835b..5ba09e0 100644
--- a/traffic_portal/app/src/common/modules/form/_form.scss
+++ b/traffic_portal/app/src/common/modules/form/_form.scss
@@ -120,7 +120,7 @@ form label.has-tooltip {
position: absolute;
bottom: 2em;
padding-bottom: 1em;
- z-index: 2;
+ z-index: 3;
color: default;
background-color: transparent;
transition: opacity 0.2s ease-in-out;
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
b/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
index 07f487a..ab71bb0 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
@@ -19,6 +19,106 @@
var FormDeliveryServiceController = function(deliveryService, dsCurrent,
origin, topologies, type, types, $scope, $location, $uibModal, $window,
formUtils, locationUtils, tenantUtils, deliveryServiceUtils, cdnService,
profileService, tenantService, propertiesModel, userModel,
serviceCategoryService) {
+ /**
+ * This is used to cache TLS version settings when the checkbox is toggled.
+ * @type null | [string, ...string[]]
+ */
+ let cachedTLSVersions = null;
+
+
+ const knownVersions = new Set(["1.0", "1.1", "1.2", "1.3"]);
+ $scope.tlsVersionUnknown = v => v && !knownVersions.has(v);
+
+ const insecureVersions = new Set(["1.0", "1.1"]);
+ $scope.tlsVersionInsecure = v => v && insecureVersions.has(v);
+
+ /**
+ * This toggles whether or not TLS versions are restricted for the Delivery
+ * Service.
+ *
+ * It uses cachedTLSVersions to cache TLS version restrictions, so that the
+ * DS is always ready to submit without manipulation, but the UI
"remembers"
+ * the TLS versions that existed on toggling restrictions off.
+ *
+ * This is called when the checkbox's 'change' event fires - that event is
+ * not handled here.
+ */
+ function toggleTLSRestrict() {
+ if ($scope.restrictTLS) {
+ if (cachedTLSVersions instanceof Array && cachedTLSVersions.length
> 0) {
+ deliveryService.tlsVersions = cachedTLSVersions;
+ } else {
+ deliveryService.tlsVersions = [""];
+ }
+ cachedTLSVersions = null;
+ return;
+ }
+ if (deliveryService.tlsVersions instanceof Array &&
deliveryService.tlsVersions.length > 0) {
+ cachedTLSVersions = deliveryService.tlsVersions;
+ } else {
+ cachedTLSVersions = null;
+ }
+
+ deliveryService.tlsVersions = null;
+ }
+ $scope.toggleTLSRestrict = toggleTLSRestrict;
+
+ $scope.removeTLSVersion = function(index) {
+ deliveryService.tlsVersions.splice(index, 1);
+ };
+
+ $scope.addTLSVersion = function(index) {
+ deliveryService.tlsVersions.splice(index+1, 0, "");
+ };
+
+ /**
+ * This function is called on 'change' events for any and all TLS Version
+ * inputs, and sets validity states of duplicates.
+ *
+ * This can't use a normal validator because it depends on a value checking
+ * against a list containing itself. AngularJS sets values that fail
+ * validation to `undefined`, so if there's a set of TLS versions
+ * `["1.3", "1.3"]`, then the validator will set one of them to
`undefined`.
+ * Now the set is `["1.3", undefined]`, so there are no more duplicates, so
+ * the set is marked as valid.
+ */
+ function validateTLS() {
+ if (!$scope.generalConfig || !($scope.deliveryService.tlsVersions
instanceof Array)) {
+ return;
+ }
+
+ const verMap = new Map();
+ for (let i = 0; i < $scope.deliveryService.tlsVersions.length; ++i) {
+ const propName = `tlsVersion${i+1}`;
+ if (propName in $scope.generalConfig) {
+ $scope.generalConfig[propName].$setValidity("duplicates",
true);
+ }
+
+ const ver = $scope.deliveryService.tlsVersions[i];
+ if (ver === undefined) {
+ continue;
+ }
+ const current = verMap.get(ver);
+ if (current) {
+ current.count++;
+ current.indices.push(i);
+ } else {
+ verMap.set(ver, {
+ count: 1,
+ indices: [i]
+ });
+ }
+ }
+
+ for (const index of
Array.from(verMap).filter(v=>v[1].count>1).flatMap(v=>v[1].indices)) {
+ const propName = `tlsVersion${index+1}`;
+ if (propName in $scope.generalConfig) {
+ $scope.generalConfig[propName].$setValidity("duplicates",
false);
+ }
+ }
+ }
+ $scope.validateTLS = validateTLS;
+
var getCDNs = function() {
cdnService.getCDNs()
.then(function(result) {
@@ -301,6 +401,46 @@ var FormDeliveryServiceController =
function(deliveryService, dsCurrent, origin,
$scope.hasError = formUtils.hasError;
+ /**
+ * Checks if a TLS Version has a specific error.
+ *
+ * @param {number} index The index of the TLS Version to check into the
+ * form's Delivery Service's `tlsVersions` array.
+ * @param {string} property The name of the error to check.
+ * @returns {boolean} Whether or not the indicated TLS Version has the
given
+ * error.
+ */
+ function tlsVersionHasPropertyError(index, property) {
+ if (!$scope.generalConfig) {
+ return false;
+ }
+ const propName = `tlsVersion${index+1}`;
+ if (!(propName in $scope.generalConfig)) {
+ return false;
+ }
+ return formUtils.hasPropertyError($scope.generalConfig[propName],
property);
+ };
+ $scope.tlsVersionHasPropertyError = tlsVersionHasPropertyError;
+
+ /**
+ * Checks if a TLS Version has any error.
+ *
+ * @param {number} index The index of the TLS Version to check into the
+ * form's Delivery Service's `tlsVersions` array.
+ * @returns {boolean} Whether or not the indicated TLS Version has an
error.
+ */
+ function tlsVersionHasError(index) {
+ if (!$scope.generalConfig) {
+ return false;
+ }
+ const propName = `tlsVersion${index+1}`;
+ if (!(propName in $scope.generalConfig)) {
+ return false;
+ }
+ return formUtils.hasError($scope.generalConfig[propName]);
+ };
+ $scope.tlsVersionHasError = tlsVersionHasError;
+
$scope.hasPropertyError = formUtils.hasPropertyError;
$scope.rangeRequestSelected = function() {
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
b/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
index 8d3fea2..ee3a9b7 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
@@ -26,6 +26,8 @@ var FormCloneDeliveryServiceController =
function(deliveryService, origin, topol
$scope.advancedShowing = true;
+ $scope.restrictTLS = deliveryService.tlsVersions instanceof Array &&
deliveryService.tlsVersions.length > 0;
+
$scope.settings = {
isNew: true,
saveLabel: 'Clone'
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
b/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
index b67b7e7..1aac4c1 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
@@ -64,7 +64,7 @@ var FormEditDeliveryServiceController =
function(deliveryService, origin, topolo
original: deliveryService
};
- // if the user chooses to complete/fulfill the delete
request immediately, a delivery service request will be made and marked as
complete,
+ // if the user chooses to complete/fulfill the delete
request immediately, a delivery service request will be made and marked as
complete,
// then if that is successful, the DS will be deleted
if (options.status.id === $scope.COMPLETE) {
// first create the ds request
@@ -167,6 +167,8 @@ var FormEditDeliveryServiceController =
function(deliveryService, origin, topolo
deleteLabel: 'Delete'
};
+ $scope.restrictTLS = deliveryService.tlsVersions instanceof Array &&
deliveryService.tlsVersions.length > 0;
+
$scope.save = function(deliveryService) {
if (deliveryService.sslKeyVersion !== null &&
deliveryService.sslKeyVersion !== 0 &&
($scope.originalRoutingName !==
deliveryService.routingName || $scope.originalCDN !== deliveryService.cdnId) &&
@@ -192,6 +194,11 @@ var FormEditDeliveryServiceController =
function(deliveryService, origin, topolo
});
return;
}
+
+ if (!$scope.restrictTLS) {
+ deliveryService.tlsVersions = null;
+ }
+
// if ds requests are enabled in
traffic_portal_properties.json, we'll create a ds request, else just update the
ds
if ($scope.dsRequestsEnabled) {
var params = {
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
index e4a7185..14ec4f6 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
@@ -254,6 +254,90 @@ under the License.
</aside>
</div>
</div>
+ <div class="form-group">
+ <label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="restrictTLS">
+ Restrict TLS Versions
+ <div class="helptooltip">
+ <div class="helptext">
+ Limit the TLS versions that cache servers
will accept for HTTPs connections.
+ <aside class="warning">
+ <h6>Warning</h6>
+ <p>Setting TLS Versions that are
explicitly supported may break older clients that can't use the specified
versions</p>
+ </aside>
+ </div>
+ </div>
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12"
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+ <input
+ type="checkbox"
+ id="restrictTLS"
+ name="restrictTLS"
+ class="form-control"
+ ng-model="restrictTLS"
+ style="max-width: max-content; min-width: 1em;"
+ ng-change="toggleTLSRestrict()"
+ />
+ <small class="input-warning" ng-if="restrictTLS &&
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have
no effect</small>
+ </div>
+ </div>
+ <div
+ class="form-group"
+ ng-if="restrictTLS"
+ ng-repeat="ver in deliveryService.tlsVersions track by
$index"
+ ng-class="{'has-error': tlsVersionHasError($index),
'has-feedback': tlsVersionHasError($index)}"
+ >
+ <div>
+ <label class="control-label col-md-2 col-sm-2
col-xs-12" for="tlsVersion1">
+ TLS Version #{{$index+1}}
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12">
+ <div>
+ <div class="input-group add-more-inputs">
+ <input
+ id="tlsVersion{{$index+1}}"
+ name="tlsVersion{{$index+1}}"
+ type="text"
+ class="form-control"
+
ng-model="deliveryService.tlsVersions[$index]"
+ pattern="[0-9]+\.[0-9]+"
+ placeholder="1.3"
+ required
+ ng-change="validateTLS()"
+ />
+ <span class="form-input-group-btn
input-group-btn">
+ <button
+ type="button"
+ title="remove support for this
TLS version"
+ class="btn btn-default"
+
ng-show="deliveryService.tlsVersions.length > 1"
+
ng-click="removeTLSVersion($index)"
+ >
+ <i class="fa fa-minus"></i>
+ </button>
+ <button
+ type="button"
+ title="add a supported TLS
version"
+ class="btn btn-default"
+
ng-click="addTLSVersion($index)"
+ >
+ <i class="fa fa-plus"></i>
+ </button>
+ </span>
+ </div>
+ </div>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS
Version</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number
- must be "X.Y"</small>
+ <small class="input-warning"
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+ <small class="input-warning"
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be
insecure!</small>
+ <aside class="current-value"
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array &&
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length &&
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+ <h3 ng-if="open()">Current Value</h3>
+ <h3 ng-if="!open()">Previous Value</h3>
+
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+ </aside>
+ </div>
+ </div>
+ </div>
<div class="form-group" ng-class="{'has-error':
hasError(generalConfig.serviceCategory), 'has-feedback':
hasError(generalConfig.serviceCategory)}">
<label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div
class="helptooltip">
<div class="helptext">The type of content
being delivered. Some examples are linear and vod.</div>
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
index 5b7e0e0..06a219a 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
@@ -254,6 +254,90 @@ under the License.
</aside>
</div>
</div>
+ <div class="form-group">
+ <label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="restrictTLS">
+ Restrict TLS Versions
+ <div class="helptooltip">
+ <div class="helptext">
+ Limit the TLS versions that cache servers
will accept for HTTPs connections.
+ <aside class="warning">
+ <h6>Warning</h6>
+ <p>Setting TLS Versions that are
explicitly supported may break older clients that can't use the specified
versions</p>
+ </aside>
+ </div>
+ </div>
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12"
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+ <input
+ type="checkbox"
+ id="restrictTLS"
+ name="restrictTLS"
+ class="form-control"
+ ng-model="restrictTLS"
+ style="max-width: max-content; min-width: 1em;"
+ ng-change="toggleTLSRestrict()"
+ />
+ <small class="input-warning" ng-if="restrictTLS &&
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have
no effect</small>
+ </div>
+ </div>
+ <div
+ class="form-group"
+ ng-if="restrictTLS"
+ ng-repeat="ver in deliveryService.tlsVersions track by
$index"
+ ng-class="{'has-error': tlsVersionHasError($index),
'has-feedback': tlsVersionHasError($index)}"
+ >
+ <div>
+ <label class="control-label col-md-2 col-sm-2
col-xs-12" for="tlsVersion1">
+ TLS Version #{{$index+1}}
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12">
+ <div>
+ <div class="input-group add-more-inputs">
+ <input
+ id="tlsVersion{{$index+1}}"
+ name="tlsVersion{{$index+1}}"
+ type="text"
+ class="form-control"
+
ng-model="deliveryService.tlsVersions[$index]"
+ pattern="[0-9]+\.[0-9]+"
+ placeholder="1.3"
+ required
+ ng-change="validateTLS()"
+ />
+ <span class="form-input-group-btn
input-group-btn">
+ <button
+ type="button"
+ title="remove support for this
TLS version"
+ class="btn btn-default"
+
ng-show="deliveryService.tlsVersions.length > 1"
+
ng-click="removeTLSVersion($index)"
+ >
+ <i class="fa fa-minus"></i>
+ </button>
+ <button
+ type="button"
+ title="add a supported TLS
version"
+ class="btn btn-default"
+
ng-click="addTLSVersion($index)"
+ >
+ <i class="fa fa-plus"></i>
+ </button>
+ </span>
+ </div>
+ </div>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS
Version</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number
- must be "X.Y"</small>
+ <small class="input-warning"
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be
insecure!</small>
+ <small class="input-warning"
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+ <aside class="current-value"
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array &&
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length &&
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+ <h3 ng-if="open()">Current Value</h3>
+ <h3 ng-if="!open()">Previous Value</h3>
+
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+ </aside>
+ </div>
+ </div>
+ </div>
<div class="form-group" ng-class="{'has-error':
hasError(generalConfig.serviceCategory), 'has-feedback':
hasError(generalConfig.serviceCategory)}">
<label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div
class="helptooltip">
<div class="helptext">The type of content
being delivered. Some examples are linear and vod.</div>
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
index 14de98f..cbf2ab2 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
@@ -191,6 +191,90 @@ under the License.
</aside>
</div>
</div>
+ <div class="form-group">
+ <label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="restrictTLS">
+ Restrict TLS Versions
+ <div class="helptooltip">
+ <div class="helptext">
+ Limit the TLS versions that cache servers
will accept for HTTPs connections.
+ <aside class="warning">
+ <h6>Warning</h6>
+ <p>Setting TLS Versions that are
explicitly supported may break older clients that can't use the specified
versions</p>
+ </aside>
+ </div>
+ </div>
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12"
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+ <input
+ type="checkbox"
+ id="restrictTLS"
+ name="restrictTLS"
+ class="form-control"
+ ng-model="restrictTLS"
+ style="max-width: max-content; min-width: 1em;"
+ ng-change="toggleTLSRestrict()"
+ />
+ <small class="input-warning" ng-if="restrictTLS &&
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have
no effect</small>
+ </div>
+ </div>
+ <div
+ class="form-group"
+ ng-if="restrictTLS"
+ ng-repeat="ver in deliveryService.tlsVersions track by
$index"
+ ng-class="{'has-error': tlsVersionHasError($index),
'has-feedback': tlsVersionHasError($index)}"
+ >
+ <div>
+ <label class="control-label col-md-2 col-sm-2
col-xs-12" for="tlsVersion1">
+ TLS Version #{{$index+1}}
+ </label>
+ <div class="col-md-10 col-sm-10 col-xs-12">
+ <div>
+ <div class="input-group add-more-inputs">
+ <input
+ id="tlsVersion{{$index+1}}"
+ name="tlsVersion{{$index+1}}"
+ type="text"
+ class="form-control"
+
ng-model="deliveryService.tlsVersions[$index]"
+ pattern="[0-9]+\.[0-9]+"
+ placeholder="1.3"
+ required
+ ng-change="validateTLS()"
+ />
+ <span class="form-input-group-btn
input-group-btn">
+ <button
+ type="button"
+ title="remove support for this
TLS version"
+ class="btn btn-default"
+
ng-show="deliveryService.tlsVersions.length > 1"
+
ng-click="removeTLSVersion($index)"
+ >
+ <i class="fa fa-minus"></i>
+ </button>
+ <button
+ type="button"
+ title="add a supported TLS
version"
+ class="btn btn-default"
+
ng-click="addTLSVersion($index)"
+ >
+ <i class="fa fa-plus"></i>
+ </button>
+ </span>
+ </div>
+ </div>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS
Version</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+ <small class="input-error"
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number
- must be "X.Y"</small>
+ <small class="input-warning"
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be
insecure!</small>
+ <small class="input-warning"
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+ <aside class="current-value"
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array &&
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length &&
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+ <h3 ng-if="open()">Current Value</h3>
+ <h3 ng-if="!open()">Previous Value</h3>
+
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+ </aside>
+ </div>
+ </div>
+ </div>
<div class="form-group" ng-class="{'has-error':
hasError(generalConfig.serviceCategory), 'has-feedback':
hasError(generalConfig.serviceCategory)}">
<label class="has-tooltip control-label col-md-2
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div
class="helptooltip">
<div class="helptext">The type of content
being delivered. Some examples are linear and vod.</div>
diff --git
a/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
b/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
index adb1d31..e33cb82 100644
---
a/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
+++
b/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
@@ -31,6 +31,8 @@ var FormNewDeliveryServiceController =
function(deliveryService, origin, topolog
saveLabel: 'Create'
};
+ $scope.restrictTLS = false;
+
var createDeliveryServiceCreateRequest = function(dsRequest,
dsRequestComment, autoFulfilled) {
deliveryServiceRequestService.createDeliveryServiceRequest(dsRequest).
then(
@@ -64,6 +66,9 @@ var FormNewDeliveryServiceController =
function(deliveryService, origin, topolog
$scope.save = function(deliveryService) {
+ if (!$scope.restrictTLS) {
+ deliveryService.tlsVersions = null;
+ }
// if ds requests are enabled in
traffic_portal_properties.json, we'll create a ds request, else just create the
ds
if ($scope.dsRequestsEnabled) {
var params = {
diff --git a/traffic_portal/conf/configDev.js b/traffic_portal/conf/configDev.js
index e1c12a0..091a1da 100644
--- a/traffic_portal/conf/configDev.js
+++ b/traffic_portal/conf/configDev.js
@@ -21,8 +21,10 @@
module.exports = {
timeout: '120s',
useSSL: true, // set to true if you plan to use https (self-signed or
trusted certs).
- port: 80, // set to http port
- sslPort: 443, // set to https port
+ // These ports are chosen to not collide with the default CDN-in-a-Box
+ // exposed port numbers
+ port: 60444,
+ sslPort: 60443,
// if useSSL is true, generate ssl certs and provide the proper locations.
ssl: {
key: './localhost.key',
@@ -30,6 +32,7 @@ module.exports = {
ca: [ './localhost.crt' ]
},
// set api 'base_url' to the traffic ops api url (all api calls made from
the traffic portal will be proxied to the api base_url)
+ // this is the default exposed port for the CDN-in-a-Box Traffic Ops
service
api: {
base_url: 'https://localhost:6443/api/'
},
@@ -43,4 +46,3 @@ module.exports = {
},
reject_unauthorized: 0 // 0 if using self-signed certs, 1 if trusted certs
};
-
