[6.x] Handle deprecated SSL config settings. (#26207)

2025-04-24 17:59:23 -04:00 · 2018-11-26 22:38:08 +01:00 · 2018-11-26 22:38:08 +01:00 · e082471ee8
commit e082471ee8
parent 6de1f6e4cd
3 changed files with 118 additions and 8 deletions
--- a/src/core/server/legacy_compat/config/snapshots/legacy_object_to_config_adapter.test.ts.snap
+++ b/src/core/server/legacy_compat/config/snapshots/legacy_object_to_config_adapter.test.ts.snap
@ -1,6 +1,6 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP

-exports[`#get correctly handles server config. 1`] = `
+exports[`#get correctly handles server config.: default 1`] = `
 Object {
  "autoListen": true,
  "basePath": "/abc",
@ -17,6 +17,57 @@ Object {
 }
 `;

+exports[`#get correctly handles server config.: deprecated missing ssl.enabled 1`] = `
+Object {
+  "autoListen": true,
+  "basePath": "/abc",
+  "cors": false,
+  "host": "host",
+  "maxPayload": 1000,
+  "port": 1234,
+  "rewriteBasePath": false,
+  "ssl": Object {
+    "certificate": "cert",
+    "enabled": true,
+    "key": "key",
+  },
+}
+`;
+
+exports[`#get correctly handles server config.: deprecated ssl.cert 1`] = `
+Object {
+  "autoListen": true,
+  "basePath": "/abc",
+  "cors": false,
+  "host": "host",
+  "maxPayload": 1000,
+  "port": 1234,
+  "rewriteBasePath": false,
+  "ssl": Object {
+    "certificate": "deprecated-cert",
+    "enabled": true,
+    "key": "key",
+  },
+}
+`;
+
+exports[`#get correctly handles server config.: disabled ssl 1`] = `
+Object {
+  "autoListen": true,
+  "basePath": "/abc",
+  "cors": false,
+  "host": "host",
+  "maxPayload": 1000,
+  "port": 1234,
+  "rewriteBasePath": false,
+  "ssl": Object {
+    "certificate": "cert",
+    "enabled": false,
+    "key": "key",
+  },
+}
+`;
+
 exports[`#get correctly handles silent logging config. 1`] = `
 Object {
  "appenders": Object {
--- a/src/core/server/legacy_compat/config/legacy_object_to_config_adapter.test.ts
+++ b/src/core/server/legacy_compat/config/legacy_object_to_config_adapter.test.ts
@ -71,16 +71,59 @@ describe('#get', () => {
        maxPayloadBytes: 1000,
        port: 1234,
        rewriteBasePath: false,
-        ssl: {
-          enabled: true,
-          keyPassphrase: 'some-phrase',
-          someNewValue: 'new',
-        },
+        ssl: { enabled: true, keyPassphrase: 'some-phrase', someNewValue: 'new' },
        someNotSupportedValue: 'val',
      },
    });

-    expect(configAdapter.get('server')).toMatchSnapshot();
+    const configAdapterWithDisabledSSL = new LegacyObjectToConfigAdapter({
+      server: {
+        autoListen: true,
+        basePath: '/abc',
+        cors: false,
+        host: 'host',
+        maxPayloadBytes: 1000,
+        port: 1234,
+        rewriteBasePath: false,
+        ssl: { enabled: false, certificate: 'cert', key: 'key' },
+        someNotSupportedValue: 'val',
+      },
+    });
+
+    const configAdapterWithCert = new LegacyObjectToConfigAdapter({
+      server: {
+        autoListen: true,
+        basePath: '/abc',
+        cors: false,
+        host: 'host',
+        maxPayloadBytes: 1000,
+        port: 1234,
+        rewriteBasePath: false,
+        ssl: { enabled: true, cert: 'deprecated-cert', key: 'key' },
+        someNotSupportedValue: 'val',
+      },
+    });
+
+    const configAdapterWithoutSSLEnabled = new LegacyObjectToConfigAdapter({
+      server: {
+        autoListen: true,
+        basePath: '/abc',
+        cors: false,
+        host: 'host',
+        maxPayloadBytes: 1000,
+        port: 1234,
+        rewriteBasePath: false,
+        ssl: { certificate: 'cert', key: 'key' },
+        someNotSupportedValue: 'val',
+      },
+    });
+
+    expect(configAdapter.get('server')).toMatchSnapshot('default');
+    expect(configAdapterWithDisabledSSL.get('server')).toMatchSnapshot('disabled ssl');
+    expect(configAdapterWithCert.get('server')).toMatchSnapshot('deprecated ssl.cert');
+    expect(configAdapterWithoutSSLEnabled.get('server')).toMatchSnapshot(
+      'deprecated missing ssl.enabled'
+    );
  });
 });

--- a/src/core/server/legacy_compat/config/legacy_object_to_config_adapter.ts
+++ b/src/core/server/legacy_compat/config/legacy_object_to_config_adapter.ts
@ -66,10 +66,26 @@ export class LegacyObjectToConfigAdapter extends ObjectToConfigAdapter {
      maxPayload: configValue.maxPayloadBytes,
      port: configValue.port,
      rewriteBasePath: configValue.rewriteBasePath,
-      ssl: configValue.ssl,
+      ssl: configValue.ssl && LegacyObjectToConfigAdapter.transformSSL(configValue.ssl),
    };
  }

+  private static transformSSL(configValue: Record<string, any>) {
+    // `server.ssl.cert` is deprecated, legacy platform will issue deprecation warning.
+    if (configValue.cert) {
+      configValue.certificate = configValue.cert;
+      delete configValue.cert;
+    }
+
+    // Enabling ssl by only specifying server.ssl.certificate and server.ssl.key is deprecated,
+    // legacy platform will issue deprecation warning.
+    if (typeof configValue.enabled !== 'boolean' && configValue.certificate && configValue.key) {
+      configValue.enabled = true;
+    }
+
+    return configValue;
+  }
+
  public get(configPath: ConfigPath) {
    const configValue = super.get(configPath);
    switch (configPath) {