This is an automated email from the ASF dual-hosted git repository.

rawlin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git


The following commit(s) were added to refs/heads/master by this push:
     new 8bad27f  Traffic Portal controls for Delivery Service TLS Versions 
(#6054)
8bad27f is described below

commit 8bad27f3eff774e33f2ca30142b8b7caf402e44c
Author: ocket8888 <[email protected]>
AuthorDate: Thu Aug 12 09:38:38 2021 -0600

    Traffic Portal controls for Delivery Service TLS Versions (#6054)
    
    * Add local testing key/certs to gitignore
    
    * Update dev config to not use privileged network ports
    
    * Add controller code for editing/creating DSes with TLS versions
    
    * Add template markup for manipulating DS TLS Versions
    
    * Fix TLS version input box obscuring tooltip content
    
    * Cache TLS version restrictions on toggling them off for a DS
    
    * Add missing semicolons
    
    * Fix indentation using spaces instead of real indentation
---
 traffic_portal/.gitignore                          |   6 +
 .../app/src/common/modules/form/_form.scss         |   2 +-
 .../FormDeliveryServiceController.js               | 140 +++++++++++++++++++++
 .../clone/FormCloneDeliveryServiceController.js    |   2 +
 .../edit/FormEditDeliveryServiceController.js      |   9 +-
 .../form.deliveryService.DNS.tpl.html              |  84 +++++++++++++
 .../form.deliveryService.HTTP.tpl.html             |  84 +++++++++++++
 .../form.deliveryService.anyMap.tpl.html           |  84 +++++++++++++
 .../new/FormNewDeliveryServiceController.js        |   5 +
 traffic_portal/conf/configDev.js                   |   8 +-
 10 files changed, 419 insertions(+), 5 deletions(-)

diff --git a/traffic_portal/.gitignore b/traffic_portal/.gitignore
index a2b70c0..6089ad3 100644
--- a/traffic_portal/.gitignore
+++ b/traffic_portal/.gitignore
@@ -22,3 +22,9 @@ node_modules
 app/bower_components
 app/dist
 Gemfile.lock
+
+# SSL keys/certs for testing with the dev configuration
+localhost.cert
+localhost.crt
+localhost.key
+localhost.csr
diff --git a/traffic_portal/app/src/common/modules/form/_form.scss 
b/traffic_portal/app/src/common/modules/form/_form.scss
index e6c835b..5ba09e0 100644
--- a/traffic_portal/app/src/common/modules/form/_form.scss
+++ b/traffic_portal/app/src/common/modules/form/_form.scss
@@ -120,7 +120,7 @@ form label.has-tooltip {
                position: absolute;
                bottom: 2em;
                padding-bottom: 1em;
-               z-index: 2;
+               z-index: 3;
                color: default;
                background-color: transparent;
                transition: opacity 0.2s ease-in-out;
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
 
b/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
index 07f487a..ab71bb0 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/FormDeliveryServiceController.js
@@ -19,6 +19,106 @@
 
 var FormDeliveryServiceController = function(deliveryService, dsCurrent, 
origin, topologies, type, types, $scope, $location, $uibModal, $window, 
formUtils, locationUtils, tenantUtils, deliveryServiceUtils, cdnService, 
profileService, tenantService, propertiesModel, userModel, 
serviceCategoryService) {
 
+    /**
+     * This is used to cache TLS version settings when the checkbox is toggled.
+     * @type null | [string, ...string[]]
+     */
+    let cachedTLSVersions = null;
+
+
+    const knownVersions = new Set(["1.0", "1.1", "1.2", "1.3"]);
+    $scope.tlsVersionUnknown = v => v && !knownVersions.has(v);
+
+    const insecureVersions = new Set(["1.0", "1.1"]);
+    $scope.tlsVersionInsecure = v => v && insecureVersions.has(v);
+
+    /**
+     * This toggles whether or not TLS versions are restricted for the Delivery
+     * Service.
+     *
+     * It uses cachedTLSVersions to cache TLS version restrictions, so that the
+     * DS is always ready to submit without manipulation, but the UI 
"remembers"
+     * the TLS versions that existed on toggling restrictions off.
+     *
+     * This is called when the checkbox's 'change' event fires - that event is
+     * not handled here.
+     */
+    function toggleTLSRestrict() {
+        if ($scope.restrictTLS) {
+            if (cachedTLSVersions instanceof Array && cachedTLSVersions.length 
> 0) {
+                deliveryService.tlsVersions = cachedTLSVersions;
+            } else {
+                deliveryService.tlsVersions = [""];
+            }
+            cachedTLSVersions = null;
+            return;
+        }
+        if (deliveryService.tlsVersions instanceof Array && 
deliveryService.tlsVersions.length > 0) {
+            cachedTLSVersions = deliveryService.tlsVersions;
+        } else {
+            cachedTLSVersions = null;
+        }
+
+        deliveryService.tlsVersions =  null;
+    }
+    $scope.toggleTLSRestrict = toggleTLSRestrict;
+
+    $scope.removeTLSVersion = function(index) {
+        deliveryService.tlsVersions.splice(index, 1);
+    };
+
+    $scope.addTLSVersion = function(index) {
+        deliveryService.tlsVersions.splice(index+1, 0, "");
+    };
+
+    /**
+     * This function is called on 'change' events for any and all TLS Version
+     * inputs, and sets validity states of duplicates.
+     *
+     * This can't use a normal validator because it depends on a value checking
+     * against a list containing itself. AngularJS sets values that fail
+     * validation to `undefined`, so if there's a set of TLS versions
+     * `["1.3", "1.3"]`, then the validator will set one of them to 
`undefined`.
+     * Now the set is `["1.3", undefined]`, so there are no more duplicates, so
+     * the set is marked as valid.
+     */
+    function validateTLS() {
+        if (!$scope.generalConfig || !($scope.deliveryService.tlsVersions 
instanceof Array)) {
+            return;
+        }
+
+        const verMap = new Map();
+        for (let i = 0; i < $scope.deliveryService.tlsVersions.length; ++i) {
+            const propName = `tlsVersion${i+1}`;
+            if (propName in $scope.generalConfig) {
+                $scope.generalConfig[propName].$setValidity("duplicates", 
true);
+            }
+
+            const ver = $scope.deliveryService.tlsVersions[i];
+            if (ver === undefined) {
+                continue;
+            }
+            const current = verMap.get(ver);
+            if (current) {
+                current.count++;
+                current.indices.push(i);
+            } else {
+                verMap.set(ver, {
+                    count: 1,
+                    indices: [i]
+                });
+            }
+        }
+
+        for (const index of 
Array.from(verMap).filter(v=>v[1].count>1).flatMap(v=>v[1].indices)) {
+            const propName = `tlsVersion${index+1}`;
+            if (propName in $scope.generalConfig) {
+                $scope.generalConfig[propName].$setValidity("duplicates", 
false);
+            }
+        }
+    }
+    $scope.validateTLS = validateTLS;
+
     var getCDNs = function() {
         cdnService.getCDNs()
             .then(function(result) {
@@ -301,6 +401,46 @@ var FormDeliveryServiceController = 
function(deliveryService, dsCurrent, origin,
 
     $scope.hasError = formUtils.hasError;
 
+    /**
+     * Checks if a TLS Version has a specific error.
+     *
+     * @param {number} index The index of the TLS Version to check into the
+     * form's Delivery Service's `tlsVersions` array.
+     * @param {string} property The name of the error to check.
+     * @returns {boolean} Whether or not the indicated TLS Version has the 
given
+     * error.
+     */
+    function tlsVersionHasPropertyError(index, property) {
+        if (!$scope.generalConfig) {
+            return false;
+        }
+        const propName = `tlsVersion${index+1}`;
+        if (!(propName in $scope.generalConfig)) {
+            return false;
+        }
+        return formUtils.hasPropertyError($scope.generalConfig[propName], 
property);
+    };
+    $scope.tlsVersionHasPropertyError = tlsVersionHasPropertyError;
+
+    /**
+     * Checks if a TLS Version has any error.
+     *
+     * @param {number} index The index of the TLS Version to check into the
+     * form's Delivery Service's `tlsVersions` array.
+     * @returns {boolean} Whether or not the indicated TLS Version has an 
error.
+     */
+     function tlsVersionHasError(index) {
+        if (!$scope.generalConfig) {
+            return false;
+        }
+        const propName = `tlsVersion${index+1}`;
+        if (!(propName in $scope.generalConfig)) {
+            return false;
+        }
+        return formUtils.hasError($scope.generalConfig[propName]);
+    };
+    $scope.tlsVersionHasError = tlsVersionHasError;
+
     $scope.hasPropertyError = formUtils.hasPropertyError;
 
     $scope.rangeRequestSelected = function() {
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
 
b/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
index 8d3fea2..ee3a9b7 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/clone/FormCloneDeliveryServiceController.js
@@ -26,6 +26,8 @@ var FormCloneDeliveryServiceController = 
function(deliveryService, origin, topol
 
        $scope.advancedShowing = true;
 
+    $scope.restrictTLS = deliveryService.tlsVersions instanceof Array && 
deliveryService.tlsVersions.length > 0;
+
        $scope.settings = {
                isNew: true,
                saveLabel: 'Clone'
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
 
b/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
index b67b7e7..1aac4c1 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/edit/FormEditDeliveryServiceController.js
@@ -64,7 +64,7 @@ var FormEditDeliveryServiceController = 
function(deliveryService, origin, topolo
                                original: deliveryService
                        };
 
-                       // if the user chooses to complete/fulfill the delete 
request immediately, a delivery service request will be made and marked as 
complete, 
+                       // if the user chooses to complete/fulfill the delete 
request immediately, a delivery service request will be made and marked as 
complete,
                        // then if that is successful, the DS will be deleted
                        if (options.status.id === $scope.COMPLETE) {
                                // first create the ds request
@@ -167,6 +167,8 @@ var FormEditDeliveryServiceController = 
function(deliveryService, origin, topolo
                deleteLabel: 'Delete'
        };
 
+       $scope.restrictTLS = deliveryService.tlsVersions instanceof Array && 
deliveryService.tlsVersions.length > 0;
+
        $scope.save = function(deliveryService) {
                if (deliveryService.sslKeyVersion !== null && 
deliveryService.sslKeyVersion !== 0 &&
                        ($scope.originalRoutingName !== 
deliveryService.routingName || $scope.originalCDN !== deliveryService.cdnId) &&
@@ -192,6 +194,11 @@ var FormEditDeliveryServiceController = 
function(deliveryService, origin, topolo
                        });
                        return;
                }
+
+               if (!$scope.restrictTLS) {
+                       deliveryService.tlsVersions = null;
+               }
+
                // if ds requests are enabled in 
traffic_portal_properties.json, we'll create a ds request, else just update the 
ds
                if ($scope.dsRequestsEnabled) {
                        var params = {
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
index e4a7185..14ec4f6 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.DNS.tpl.html
@@ -254,6 +254,90 @@ under the License.
                             </aside>
                         </div>
                     </div>
+                    <div class="form-group">
+                        <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="restrictTLS">
+                            Restrict TLS Versions
+                            <div class="helptooltip">
+                                <div class="helptext">
+                                    Limit the TLS versions that cache servers 
will accept for HTTPs connections.
+                                    <aside class="warning">
+                                        <h6>Warning</h6>
+                                        <p>Setting TLS Versions that are 
explicitly supported may break older clients that can't use the specified 
versions</p>
+                                    </aside>
+                                </div>
+                            </div>
+                        </label>
+                        <div class="col-md-10 col-sm-10 col-xs-12" 
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+                            <input
+                                type="checkbox"
+                                id="restrictTLS"
+                                name="restrictTLS"
+                                class="form-control"
+                                ng-model="restrictTLS"
+                                style="max-width: max-content; min-width: 1em;"
+                                ng-change="toggleTLSRestrict()"
+                            />
+                            <small class="input-warning" ng-if="restrictTLS && 
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have 
no effect</small>
+                        </div>
+                    </div>
+                    <div
+                        class="form-group"
+                        ng-if="restrictTLS"
+                        ng-repeat="ver in deliveryService.tlsVersions track by 
$index"
+                        ng-class="{'has-error': tlsVersionHasError($index), 
'has-feedback': tlsVersionHasError($index)}"
+                    >
+                        <div>
+                            <label class="control-label col-md-2 col-sm-2 
col-xs-12" for="tlsVersion1">
+                                TLS Version #{{$index+1}}
+                            </label>
+                            <div class="col-md-10 col-sm-10 col-xs-12">
+                                <div>
+                                    <div class="input-group add-more-inputs">
+                                        <input
+                                            id="tlsVersion{{$index+1}}"
+                                            name="tlsVersion{{$index+1}}"
+                                            type="text"
+                                            class="form-control"
+                                            
ng-model="deliveryService.tlsVersions[$index]"
+                                            pattern="[0-9]+\.[0-9]+"
+                                            placeholder="1.3"
+                                            required
+                                            ng-change="validateTLS()"
+                                        />
+                                        <span class="form-input-group-btn 
input-group-btn">
+                                            <button
+                                                type="button"
+                                                title="remove support for this 
TLS version"
+                                                class="btn btn-default"
+                                                
ng-show="deliveryService.tlsVersions.length > 1"
+                                                
ng-click="removeTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-minus"></i>
+                                            </button>
+                                            <button
+                                                type="button"
+                                                title="add a supported TLS 
version"
+                                                class="btn btn-default"
+                                                
ng-click="addTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-plus"></i>
+                                            </button>
+                                        </span>
+                                    </div>
+                                </div>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS 
Version</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number 
- must be "X.Y"</small>
+                                <small class="input-warning" 
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+                                <small class="input-warning" 
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be 
insecure!</small>
+                                <aside class="current-value" 
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array && 
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length && 
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+                                    <h3 ng-if="open()">Current Value</h3>
+                                    <h3 ng-if="!open()">Previous Value</h3>
+                                    
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+                                </aside>
+                            </div>
+                        </div>
+                    </div>
                     <div class="form-group" ng-class="{'has-error': 
hasError(generalConfig.serviceCategory), 'has-feedback': 
hasError(generalConfig.serviceCategory)}">
                         <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div 
class="helptooltip">
                                 <div class="helptext">The type of content 
being delivered. Some examples are linear and vod.</div>
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
index 5b7e0e0..06a219a 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.HTTP.tpl.html
@@ -254,6 +254,90 @@ under the License.
                             </aside>
                         </div>
                     </div>
+                    <div class="form-group">
+                        <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="restrictTLS">
+                            Restrict TLS Versions
+                            <div class="helptooltip">
+                                <div class="helptext">
+                                    Limit the TLS versions that cache servers 
will accept for HTTPs connections.
+                                    <aside class="warning">
+                                        <h6>Warning</h6>
+                                        <p>Setting TLS Versions that are 
explicitly supported may break older clients that can't use the specified 
versions</p>
+                                    </aside>
+                                </div>
+                            </div>
+                        </label>
+                        <div class="col-md-10 col-sm-10 col-xs-12" 
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+                            <input
+                                type="checkbox"
+                                id="restrictTLS"
+                                name="restrictTLS"
+                                class="form-control"
+                                ng-model="restrictTLS"
+                                style="max-width: max-content; min-width: 1em;"
+                                ng-change="toggleTLSRestrict()"
+                            />
+                            <small class="input-warning" ng-if="restrictTLS && 
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have 
no effect</small>
+                        </div>
+                    </div>
+                    <div
+                        class="form-group"
+                        ng-if="restrictTLS"
+                        ng-repeat="ver in deliveryService.tlsVersions track by 
$index"
+                        ng-class="{'has-error': tlsVersionHasError($index), 
'has-feedback': tlsVersionHasError($index)}"
+                    >
+                        <div>
+                            <label class="control-label col-md-2 col-sm-2 
col-xs-12" for="tlsVersion1">
+                                TLS Version #{{$index+1}}
+                            </label>
+                            <div class="col-md-10 col-sm-10 col-xs-12">
+                                <div>
+                                    <div class="input-group add-more-inputs">
+                                        <input
+                                            id="tlsVersion{{$index+1}}"
+                                            name="tlsVersion{{$index+1}}"
+                                            type="text"
+                                            class="form-control"
+                                            
ng-model="deliveryService.tlsVersions[$index]"
+                                            pattern="[0-9]+\.[0-9]+"
+                                            placeholder="1.3"
+                                            required
+                                            ng-change="validateTLS()"
+                                        />
+                                        <span class="form-input-group-btn 
input-group-btn">
+                                            <button
+                                                type="button"
+                                                title="remove support for this 
TLS version"
+                                                class="btn btn-default"
+                                                
ng-show="deliveryService.tlsVersions.length > 1"
+                                                
ng-click="removeTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-minus"></i>
+                                            </button>
+                                            <button
+                                                type="button"
+                                                title="add a supported TLS 
version"
+                                                class="btn btn-default"
+                                                
ng-click="addTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-plus"></i>
+                                            </button>
+                                        </span>
+                                    </div>
+                                </div>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS 
Version</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number 
- must be "X.Y"</small>
+                                <small class="input-warning" 
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be 
insecure!</small>
+                                <small class="input-warning" 
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+                                <aside class="current-value" 
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array && 
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length && 
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+                                    <h3 ng-if="open()">Current Value</h3>
+                                    <h3 ng-if="!open()">Previous Value</h3>
+                                    
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+                                </aside>
+                            </div>
+                        </div>
+                    </div>
                     <div class="form-group" ng-class="{'has-error': 
hasError(generalConfig.serviceCategory), 'has-feedback': 
hasError(generalConfig.serviceCategory)}">
                         <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div 
class="helptooltip">
                                 <div class="helptext">The type of content 
being delivered. Some examples are linear and vod.</div>
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
index 14de98f..cbf2ab2 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/form.deliveryService.anyMap.tpl.html
@@ -191,6 +191,90 @@ under the License.
                             </aside>
                         </div>
                     </div>
+                    <div class="form-group">
+                        <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="restrictTLS">
+                            Restrict TLS Versions
+                            <div class="helptooltip">
+                                <div class="helptext">
+                                    Limit the TLS versions that cache servers 
will accept for HTTPs connections.
+                                    <aside class="warning">
+                                        <h6>Warning</h6>
+                                        <p>Setting TLS Versions that are 
explicitly supported may break older clients that can't use the specified 
versions</p>
+                                    </aside>
+                                </div>
+                            </div>
+                        </label>
+                        <div class="col-md-10 col-sm-10 col-xs-12" 
style="display:inline-grid;grid-template-columns:auto;justify-content:start;">
+                            <input
+                                type="checkbox"
+                                id="restrictTLS"
+                                name="restrictTLS"
+                                class="form-control"
+                                ng-model="restrictTLS"
+                                style="max-width: max-content; min-width: 1em;"
+                                ng-change="toggleTLSRestrict()"
+                            />
+                            <small class="input-warning" ng-if="restrictTLS && 
dsCurrent.protocol === 0">Delivery Service doesn't use HTTPS - this will have 
no effect</small>
+                        </div>
+                    </div>
+                    <div
+                        class="form-group"
+                        ng-if="restrictTLS"
+                        ng-repeat="ver in deliveryService.tlsVersions track by 
$index"
+                        ng-class="{'has-error': tlsVersionHasError($index), 
'has-feedback': tlsVersionHasError($index)}"
+                    >
+                        <div>
+                            <label class="control-label col-md-2 col-sm-2 
col-xs-12" for="tlsVersion1">
+                                TLS Version #{{$index+1}}
+                            </label>
+                            <div class="col-md-10 col-sm-10 col-xs-12">
+                                <div>
+                                    <div class="input-group add-more-inputs">
+                                        <input
+                                            id="tlsVersion{{$index+1}}"
+                                            name="tlsVersion{{$index+1}}"
+                                            type="text"
+                                            class="form-control"
+                                            
ng-model="deliveryService.tlsVersions[$index]"
+                                            pattern="[0-9]+\.[0-9]+"
+                                            placeholder="1.3"
+                                            required
+                                            ng-change="validateTLS()"
+                                        />
+                                        <span class="form-input-group-btn 
input-group-btn">
+                                            <button
+                                                type="button"
+                                                title="remove support for this 
TLS version"
+                                                class="btn btn-default"
+                                                
ng-show="deliveryService.tlsVersions.length > 1"
+                                                
ng-click="removeTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-minus"></i>
+                                            </button>
+                                            <button
+                                                type="button"
+                                                title="add a supported TLS 
version"
+                                                class="btn btn-default"
+                                                
ng-click="addTLSVersion($index)"
+                                            >
+                                                <i class="fa fa-plus"></i>
+                                            </button>
+                                        </span>
+                                    </div>
+                                </div>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'duplicates')">Duplicate TLS 
Version</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'required')">Required</small>
+                                <small class="input-error" 
ng-show="tlsVersionHasPropertyError($index, 'pattern')">Invalid version number 
- must be "X.Y"</small>
+                                <small class="input-warning" 
ng-show="tlsVersionInsecure(ver)">TLS Version {{ver}} is known to be 
insecure!</small>
+                                <small class="input-warning" 
ng-show="tlsVersionUnknown(ver)">Unknown version</small>
+                                <aside class="current-value" 
ng-if="settings.isRequest" ng-show="dsCurrent.tlsVersions instanceof Array && 
dsCurrent.tlsVersions.length === deliveryService.tlsVersions.length && 
dsCurrent.tlsVersions[$index] !== dsCurrent.tlsVersions[$index]">
+                                    <h3 ng-if="open()">Current Value</h3>
+                                    <h3 ng-if="!open()">Previous Value</h3>
+                                    
<pre>{{::dsCurrent.tlsVersions[$index]}}</pre>
+                                </aside>
+                            </div>
+                        </div>
+                    </div>
                     <div class="form-group" ng-class="{'has-error': 
hasError(generalConfig.serviceCategory), 'has-feedback': 
hasError(generalConfig.serviceCategory)}">
                         <label class="has-tooltip control-label col-md-2 
col-sm-2 col-xs-12" for="serviceCategory">Service Category<div 
class="helptooltip">
                                 <div class="helptext">The type of content 
being delivered. Some examples are linear and vod.</div>
diff --git 
a/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
 
b/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
index adb1d31..e33cb82 100644
--- 
a/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
+++ 
b/traffic_portal/app/src/common/modules/form/deliveryService/new/FormNewDeliveryServiceController.js
@@ -31,6 +31,8 @@ var FormNewDeliveryServiceController = 
function(deliveryService, origin, topolog
                saveLabel: 'Create'
        };
 
+       $scope.restrictTLS = false;
+
        var createDeliveryServiceCreateRequest = function(dsRequest, 
dsRequestComment, autoFulfilled) {
                
deliveryServiceRequestService.createDeliveryServiceRequest(dsRequest).
                        then(
@@ -64,6 +66,9 @@ var FormNewDeliveryServiceController = 
function(deliveryService, origin, topolog
 
 
        $scope.save = function(deliveryService) {
+               if (!$scope.restrictTLS) {
+                       deliveryService.tlsVersions = null;
+               }
                // if ds requests are enabled in 
traffic_portal_properties.json, we'll create a ds request, else just create the 
ds
                if ($scope.dsRequestsEnabled) {
                        var params = {
diff --git a/traffic_portal/conf/configDev.js b/traffic_portal/conf/configDev.js
index e1c12a0..091a1da 100644
--- a/traffic_portal/conf/configDev.js
+++ b/traffic_portal/conf/configDev.js
@@ -21,8 +21,10 @@
 module.exports = {
     timeout: '120s',
     useSSL: true, // set to true if you plan to use https (self-signed or 
trusted certs).
-    port: 80, // set to http port
-    sslPort: 443, // set to https port
+    // These ports are chosen to not collide with the default CDN-in-a-Box
+    // exposed port numbers
+    port: 60444,
+    sslPort: 60443,
     // if useSSL is true, generate ssl certs and provide the proper locations.
     ssl: {
         key:    './localhost.key',
@@ -30,6 +32,7 @@ module.exports = {
         ca:     [ './localhost.crt' ]
     },
     // set api 'base_url' to the traffic ops api url (all api calls made from 
the traffic portal will be proxied to the api base_url)
+    // this is the default exposed port for the CDN-in-a-Box Traffic Ops 
service
     api: {
         base_url: 'https://localhost:6443/api/'
     },
@@ -43,4 +46,3 @@ module.exports = {
     },
     reject_unauthorized: 0 // 0 if using self-signed certs, 1 if trusted certs
 };
-

Reply via email to