digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-09-20 01:07:18 +03:00
Code Issues Projects Releases Wiki Activity

Support TLS in Daml Helper --json-api requests (#10709)

Browse Source 
This PR accepts the --tls flag but rejects the flags to set certs
because those don’t really make sense here (or are at least not easily
settable).

Unfortunately no great way to test this without a huge amount of test
infrastructure to setup a custom TLS reverse proxy for tests.

If someone has an idea to add a reasonable test, I’m all ears.

changelog_begin

- [Daml Assistant] The `daml ledger` commands now accepts `--tls` in
  combination with `--json-api` to access a JSON API behind a TLS
  reverse proxy.

changelog_end
This commit is contained in:
Moritz Kiefer 2021-09-01 08:45:42 +02:00 committed by GitHub
parent f058c2f16f
commit b748fd6b67
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
daml-assistant/daml-helper/src/DA/Daml/Helper/Ledger.hs
View File

@ -594,9 +594,12 @@ httpBsRequest args method path modify = do
makeRequest :: LedgerArgs -> Method -> Path -> (Request -> Request) -> IO Request
makeRequest LedgerArgs {sslConfigM, tokM, port, host} method path modify = do
when (isJust sslConfigM) $
fail "The HTTP JSON API doesn't support TLS requests, but a TLS flag was set."
secure <- case sslConfigM of
Nothing -> pure False
Just (L.ClientSSLConfig Nothing Nothing Nothing) -> pure True
Just _ -> fail "The HTTP JSON API does not support --pem, --crt and --cacrt flags."
pure $
setRequestSecure secure $
setRequestPort port $
setRequestHost (BSC.pack host) $
setRequestMethod (unMethod method) $