diff --git a/internal/client/observe/observe.go b/internal/client/observe/observe.go index bb12540c6..b78753d7c 100644 --- a/internal/client/observe/observe.go +++ b/internal/client/observe/observe.go @@ -16,12 +16,11 @@ package observe import ( "encoding/json" + "internal/apiclient" "net/url" "path" "strconv" "strings" - - "internal/apiclient" ) type Action uint8 diff --git a/internal/client/targetservers/targetservers.go b/internal/client/targetservers/targetservers.go index 3604c3b94..5962740fc 100644 --- a/internal/client/targetservers/targetservers.go +++ b/internal/client/targetservers/targetservers.go @@ -60,7 +60,10 @@ type commonName struct { } // Create -func Create(name string, description string, host string, port int, enable bool, protocol string, keyStore string, keyAlias string, trustStore string, tlsenabled string, tlsenforce string, clientAuthEnabled string, ignoreValidationErrors string) (respBody []byte, err error) { +func Create(name string, description string, host string, port int, enable bool, protocol string, + keyStore string, keyAlias string, trustStore string, tlsenabled string, tlsenforce string, + clientAuthEnabled string, tlsVersions []string, ignoreValidationErrors string, +) (respBody []byte, err error) { e := new(bool) *e = enable @@ -69,11 +72,15 @@ func Create(name string, description string, host string, port int, enable bool, IsEnabled: e, } - return createOrUpdate("create", targetsvr, name, description, host, port, protocol, keyStore, keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, ignoreValidationErrors) + return createOrUpdate("create", targetsvr, name, description, host, port, protocol, + keyStore, keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, tlsVersions, ignoreValidationErrors) } // Update -func Update(name string, description string, host string, port int, enable bool, protocol string, keyStore string, keyAlias string, trustStore string, tlsenabled string, tlsenforce string, clientAuthEnabled string, ignoreValidationErrors string) (respBody []byte, err error) { +func Update(name string, description string, host string, port int, enable bool, protocol string, + keyStore string, keyAlias string, trustStore string, tlsenabled string, tlsenforce string, + clientAuthEnabled string, tlsVersions []string, ignoreValidationErrors string, +) (respBody []byte, err error) { apiclient.ClientPrintHttpResponse.Set(false) targetRespBody, err := Get(name) if err != nil { @@ -88,10 +95,15 @@ func Update(name string, description string, host string, port int, enable bool, targetsvr.IsEnabled = &enable - return createOrUpdate("update", targetsvr, name, description, host, port, protocol, keyStore, keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, ignoreValidationErrors) + return createOrUpdate("update", targetsvr, name, description, host, port, protocol, keyStore, + keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, tlsVersions, ignoreValidationErrors) } -func createOrUpdate(action string, targetsvr targetserver, name string, description string, host string, port int, protocol string, keyStore string, keyAlias string, trustStore string, tlsenabled string, tlsenforce string, clientAuthEnabled string, ignoreValidationErrors string) (respBody []byte, err error) { +func createOrUpdate(action string, targetsvr targetserver, name string, description string, + host string, port int, protocol string, keyStore string, keyAlias string, trustStore string, + tlsenabled string, tlsenforce string, clientAuthEnabled string, tlsVersions []string, + ignoreValidationErrors string, +) (respBody []byte, err error) { if description != "" { targetsvr.Description = description } @@ -126,6 +138,9 @@ func createOrUpdate(action string, targetsvr targetserver, name string, descript if ignoreValidationErrors != "" { targetsvr.SslInfo.IgnoreValidationErrors = getBool(ignoreValidationErrors) } + if len(tlsVersions) != 0 { + targetsvr.SslInfo.Protocols = tlsVersions + } } reqBody, err := json.Marshal(targetsvr) diff --git a/internal/cmd/targetservers/crtts.go b/internal/cmd/targetservers/crtts.go index 726bb2450..b4265eeaa 100644 --- a/internal/cmd/targetservers/crtts.go +++ b/internal/cmd/targetservers/crtts.go @@ -64,6 +64,7 @@ var CreateCmd = &cobra.Command{ protocol, keyStore, keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, + tlsVersions, ignoreValidationErrors) return err }, @@ -72,6 +73,7 @@ var CreateCmd = &cobra.Command{ var ( tlsenabled, tlsenforce, clientAuthEnabled, description, host, keyStore, keyAlias string trustStore, protocol, ignoreValidationErrors string + tlsVersions []string enable bool port int ) @@ -107,6 +109,9 @@ func init() { CreateCmd.Flags().StringVarP(&protocol, "protocol", "", "HTTP", "Protocol for a TargetServer; default is HTTP") + CreateCmd.Flags().StringArrayVarP(&tlsVersions, "tls-versions", "", + nil, "TLS versions for the target server") + _ = CreateCmd.MarkFlagRequired("name") _ = CreateCmd.MarkFlagRequired("host") } diff --git a/internal/cmd/targetservers/updatets.go b/internal/cmd/targetservers/updatets.go index 9aeaa323e..fe1607d5c 100644 --- a/internal/cmd/targetservers/updatets.go +++ b/internal/cmd/targetservers/updatets.go @@ -64,6 +64,7 @@ var UpdateCmd = &cobra.Command{ protocol, keyStore, keyAlias, trustStore, tlsenabled, tlsenforce, clientAuthEnabled, + tlsVersions, ignoreValidationErrors) return err }, @@ -100,5 +101,8 @@ func init() { UpdateCmd.Flags().StringVarP(&protocol, "protocol", "", "", "Protocol for a TargetServer") + UpdateCmd.Flags().StringArrayVarP(&tlsVersions, "tls-versions", "", + nil, "TLS versions for the target server") + _ = UpdateCmd.MarkFlagRequired("name") }