diff --git a/ltm.go b/ltm.go index 4e57c32..5530761 100644 --- a/ltm.go +++ b/ltm.go @@ -130,6 +130,7 @@ type ClientSSLProfile struct { Key string `json:"key,omitempty"` ModSslMethods string `json:"modSslMethods,omitempty"` Mode string `json:"mode,omitempty"` + OcspStapling string `json:"ocspStapling,omitempty"` TmOptions interface{} `json:"tmOptions,omitempty"` Passphrase string `json:"passphrase,omitempty"` PeerCertMode string `json:"peerCertMode,omitempty"` @@ -1808,33 +1809,56 @@ type HttpProfiles struct { } type HttpProfile struct { - AcceptXff string `json:"acceptXff,omitempty"` - AppService string `json:"appService,omitempty"` - BasicAuthRealm string `json:"basicAuthRealm,omitempty"` - DefaultsFrom string `json:"defaultsFrom,omitempty"` - Description string `json:"description,omitempty"` - EncryptCookieSecret string `json:"encryptCookieSecret,omitempty"` - EncryptCookies []string `json:"encryptCookies,omitempty"` - FallbackHost string `json:"fallbackHost,omitempty"` - FallbackStatusCodes []string `json:"fallbackStatusCodes,omitempty"` - HeaderErase string `json:"headerErase,omitempty"` - HeaderInsert string `json:"headerInsert,omitempty"` - InsertXforwardedFor string `json:"insertXforwardedFor,omitempty"` - LwsSeparator string `json:"lwsSeparator,omitempty"` - LwsWidth int `json:"lwsWidth,omitempty"` - Name string `json:"name,omitempty"` - OneconnectTransformations string `json:"oneconnectTransformations,omitempty"` - TmPartition string `json:"tmPartition,omitempty"` - ProxyType string `json:"proxyType,omitempty"` - RedirectRewrite string `json:"redirectRewrite,omitempty"` - RequestChunking string `json:"requestChunking,omitempty"` - ResponseChunking string `json:"responseChunking,omitempty"` - ResponseHeadersPermitted []interface{} `json:"responseHeadersPermitted,omitempty"` - ServerAgentName string `json:"serverAgentName,omitempty"` - ViaHostName string `json:"viaHostName,omitempty"` - ViaRequest string `json:"viaRequest,omitempty"` - ViaResponse string `json:"viaResponse,omitempty"` - XffAlternativeNames []interface{} `json:"xffAlternativeNames,omitempty"` + AcceptXff string `json:"acceptXff,omitempty"` + AppService string `json:"appService,omitempty"` + BasicAuthRealm string `json:"basicAuthRealm,omitempty"` + DefaultsFrom string `json:"defaultsFrom,omitempty"` + Description string `json:"description,omitempty"` + EncryptCookieSecret string `json:"encryptCookieSecret,omitempty"` + EncryptCookies []string `json:"encryptCookies,omitempty"` + FallbackHost string `json:"fallbackHost,omitempty"` + FallbackStatusCodes []string `json:"fallbackStatusCodes,omitempty"` + HeaderErase string `json:"headerErase,omitempty"` + HeaderInsert string `json:"headerInsert,omitempty"` + InsertXforwardedFor string `json:"insertXforwardedFor,omitempty"` + LwsSeparator string `json:"lwsSeparator,omitempty"` + LwsWidth int `json:"lwsWidth,omitempty"` + Name string `json:"name,omitempty"` + OneconnectTransformations string `json:"oneconnectTransformations,omitempty"` + TmPartition string `json:"tmPartition,omitempty"` + ProxyType string `json:"proxyType,omitempty"` + RedirectRewrite string `json:"redirectRewrite,omitempty"` + RequestChunking string `json:"requestChunking,omitempty"` + ResponseChunking string `json:"responseChunking,omitempty"` + ResponseHeadersPermitted []interface{} `json:"responseHeadersPermitted,omitempty"` + ServerAgentName string `json:"serverAgentName,omitempty"` + ViaHostName string `json:"viaHostName,omitempty"` + ViaRequest string `json:"viaRequest,omitempty"` + ViaResponse string `json:"viaResponse,omitempty"` + XffAlternativeNames []interface{} `json:"xffAlternativeNames,omitempty"` + Hsts HTTPStrictTransportSecurity `json:"hsts,omitempty"` + Enforcement Enforcement `json:"enforcement,omitempty"` +} + +type HTTPStrictTransportSecurity struct { + IncludeSubdomains string `json:"includeSubdomains,omitempty"` + MaximumAge int `json:"maximumAge,omitempty"` + Mode string `json:"mode,omitempty"` + Preload string `json:"preload,omitempty"` +} + +type Enforcement struct { + KnownMethods []string `json:"knownMethods,omitempty"` + ExcessClientHeaders string + ExcessServerHeaders string + MaxHeaderCount int `json:"maxHeaderCount,omitempty"` + MaxHeaderSize int `json:"maxHeaderSize,omitempty"` + MaxRequests int + OversizeClientHeaders string + OversizeServerHeaders string + Pipeline string + TruncatedRedirects string + UnknownMethod string `json:"unknownMethod,omitempty"` } type OneconnectProfiles struct { @@ -2100,7 +2124,7 @@ func (b *BigIP) GetClientSSLProfile(name string) (*ClientSSLProfile, error) { if !ok { return nil, nil } - log.Printf("------------------ssl profile: %+v-----------------", clientSSLProfile) + return &clientSSLProfile, nil } @@ -4006,4 +4030,4 @@ func (b *BigIP) GetLtmCipherGroup(name string) (*CipherGroupReq, error) { } return &cipherGroup, nil -} \ No newline at end of file +} diff --git a/sys.go b/sys.go index b9bfc76..a69f2ea 100644 --- a/sys.go +++ b/sys.go @@ -239,6 +239,28 @@ type ExternalDGFile struct { Type string `json:"type"` } +type OCSP struct { + Name string `json:"name,omitempty"` + FullPath string `json:"fullPath,omitempty"` + Partition string `json:"partition,omitempty"` + ProxyServerPool string `json:"proxyServerPool,omitempty"` + DnsResolver string `json:"dnsResolver,omitempty"` + RouteDomain string `json:"routeDomain,omitempty"` + ConcurrentConnectionsLimit int64 `json:"concurrentConnectionsLimit,omitempty"` + ResponderUrl string `json:"responderUrl,omitempty"` + ConnectionTimeout int64 `json:"timeout,omitempty"` + TrustedResponders string `json:"trustedResponders,omitempty"` + ClockSkew int64 `json:"clockSkew,omitempty"` + StatusAge int64 `json:"statusAge,omitempty"` + StrictRespCertCheck string `json:"strictRespCertCheck,omitempty"` + CacheTimeout string `json:"cacheTimeout,omitempty"` + CacheErrorTimeout int64 `json:"cacheErrorTimeout,omitempty"` + SignerCert string `json:"signerCert,omitempty"` + SignerKey string `json:"signerKey,omitempty"` + Passphrase string `json:"passphrase,omitempty"` + SignHash string `json:"signHash,omitempty"` +} + func (p *LogPublisher) MarshalJSON() ([]byte, error) { return json.Marshal(destinationsDTO{ Name: p.Name, @@ -995,3 +1017,36 @@ func (b *BigIP) UploadDataGroupFile(f *os.File, tmpName string) (*Upload, error) log.Printf("tmpName:%+v", tmpName) return b.Upload(f, info.Size(), uriShared, uriFileTransfer, uriUploads, fmt.Sprintf("%s", tmpName)) } + +func (b *BigIP) CreateOCSP(ocsp *OCSP) error { + return b.post(ocsp, uriSys, "crypto", "cert-validator", "ocsp") +} + +func (b *BigIP) ModifyOCSP(name string, ocsp *OCSP) error { + return b.put(ocsp, uriSys, "crypto", "cert-validator", "ocsp", name) +} + +func (b *BigIP) GetOCSP(name string) (*OCSP, error) { + var ocsp OCSP + err, _ := b.getForEntity(&ocsp, uriSys, "crypto", "cert-validator", "ocsp", name) + + if err != nil { + return nil, err + } + + js, err := json.Marshal(ocsp) + + if err != nil { + return nil, fmt.Errorf("error encountered while marshalling ocsp: %v", err) + } + + if string(js) == "{}" { + return nil, nil + } + + return &ocsp, nil +} + +func (b *BigIP) DeleteOCSP(name string) error { + return b.delete(uriSys, "crypto", "cert-validator", "ocsp", name) +}