summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKiran Kamineni <kiran.k.kamineni@intel.com>2018-03-27 22:42:51 -0700
committerKiran Kamineni <kiran.k.kamineni@intel.com>2018-03-27 22:42:56 -0700
commitab6708f3627b8763848cd09d31d7dd1382dda7dc (patch)
treecced70e4710ebc34f5f23dbbd83e69b8906f6407
parent70329f54da15d773718e6de13f51b42d02d5f1a1 (diff)
Adding a disable tls flag to sms
Adding a disable_tls flag to allow running the service in tests and other non production environments. Also, CSIT tests may not support TLS tests Issue-ID: AAF-189 Change-Id: I936b3b887104f2b041a8c73909951a25494eebeb Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
-rw-r--r--sms-service/src/sms/config/config.go4
-rw-r--r--sms-service/src/sms/sms.go27
-rw-r--r--sms-service/src/sms/smsconfig.json.template3
3 files changed, 22 insertions, 12 deletions
diff --git a/sms-service/src/sms/config/config.go b/sms-service/src/sms/config/config.go
index 23af251..58597f6 100644
--- a/sms-service/src/sms/config/config.go
+++ b/sms-service/src/sms/config/config.go
@@ -31,6 +31,7 @@ type SMSConfiguration struct {
VaultAddress string `json:"vaultaddress"`
VaultToken string `json:"vaulttoken"`
+ DisableTLS bool `json:"disable_tls"`
}
// SMSConfig is the structure that stores the configuration
@@ -45,7 +46,8 @@ func ReadConfigFile(file string) (*SMSConfiguration, error) {
}
defer f.Close()
- SMSConfig = &SMSConfiguration{}
+ // Default behaviour is to enable TLS
+ SMSConfig = &SMSConfiguration{DisableTLS: false}
decoder := json.NewDecoder(f)
err = decoder.Decode(SMSConfig)
if err != nil {
diff --git a/sms-service/src/sms/sms.go b/sms-service/src/sms/sms.go
index de9d0a7..fea6b10 100644
--- a/sms-service/src/sms/sms.go
+++ b/sms-service/src/sms/sms.go
@@ -47,16 +47,9 @@ func main() {
httpRouter := smshandler.CreateRouter(backendImpl)
- // TODO: Use CA certificate from AAF
- tlsConfig, err := smsauth.GetTLSConfig(smsConf.CAFile)
- if err != nil {
- log.Fatal(err)
- }
-
httpServer := &http.Server{
- Handler: httpRouter,
- Addr: ":10443",
- TLSConfig: tlsConfig,
+ Handler: httpRouter,
+ Addr: ":10443",
}
// Listener for SIGINT so that it returns cleanly
@@ -69,7 +62,21 @@ func main() {
close(connectionsClose)
}()
- err = httpServer.ListenAndServeTLS(smsConf.ServerCert, smsConf.ServerKey)
+ // Start in TLS mode by default
+ if smsConf.DisableTLS == true {
+ smslogger.WriteWarn("TLS is Disabled")
+ err = httpServer.ListenAndServe()
+ } else {
+ // TODO: Use CA certificate from AAF
+ tlsConfig, err := smsauth.GetTLSConfig(smsConf.CAFile)
+ if err != nil {
+ log.Fatal(err)
+ }
+
+ httpServer.TLSConfig = tlsConfig
+ err = httpServer.ListenAndServeTLS(smsConf.ServerCert, smsConf.ServerKey)
+ }
+
if err != nil && err != http.ErrServerClosed {
log.Fatal(err)
}
diff --git a/sms-service/src/sms/smsconfig.json.template b/sms-service/src/sms/smsconfig.json.template
index 9afa299..0f335f6 100644
--- a/sms-service/src/sms/smsconfig.json.template
+++ b/sms-service/src/sms/smsconfig.json.template
@@ -4,5 +4,6 @@
"serverkey": "auth/server.key",
"vaultaddress": "http://localhost:8200",
- "vaulttoken": "f56d2c0e-d58d-2be2-aed4-bb9931bedad2"
+ "vaulttoken": "f56d2c0e-d58d-2be2-aed4-bb9931bedad2",
+ "disable_tls": false
}