From 22b2c633045efbe1a095660e1d0253c5420228f4 Mon Sep 17 00:00:00 2001 From: Ryan Uber Date: Fri, 3 Oct 2014 19:20:58 -0700 Subject: [PATCH] command/agent: fix up gossip encryption indicator --- command/agent/command.go | 7 ++++++- consul/client.go | 5 +++++ consul/server.go | 5 +++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/command/agent/command.go b/command/agent/command.go index 089f0a88ab..620389767e 100644 --- a/command/agent/command.go +++ b/command/agent/command.go @@ -619,6 +619,11 @@ func (c *Command) Run(args []string) int { }(wp) } + // Figure out if gossip is encrypted + gossipEncrypted := (config.Server && + c.agent.server.Encrypted() || + c.agent.client.Encrypted()) + // Let the agent know we've finished registration c.agent.StartSync() @@ -631,7 +636,7 @@ func (c *Command) Run(args []string) int { c.Ui.Info(fmt.Sprintf(" Cluster Addr: %v (LAN: %d, WAN: %d)", config.AdvertiseAddr, config.Ports.SerfLan, config.Ports.SerfWan)) c.Ui.Info(fmt.Sprintf("Gossip encrypt: %v, RPC-TLS: %v, TLS-Incoming: %v", - c.gossipEncrypted(), config.VerifyOutgoing, config.VerifyIncoming)) + gossipEncrypted, config.VerifyOutgoing, config.VerifyIncoming)) // Enable log streaming c.Ui.Info("") diff --git a/consul/client.go b/consul/client.go index be18541017..2c053513a3 100644 --- a/consul/client.go +++ b/consul/client.go @@ -211,6 +211,11 @@ func (c *Client) KeyManagerLAN() *serf.KeyManager { return c.serf.KeyManager() } +// Encrypted determines if gossip is encrypted +func (c *Client) Encrypted() bool { + return c.serf.EncryptionEnabled() +} + // lanEventHandler is used to handle events from the lan Serf cluster func (c *Client) lanEventHandler() { for { diff --git a/consul/server.go b/consul/server.go index 8f913ed464..cba7f11bad 100644 --- a/consul/server.go +++ b/consul/server.go @@ -561,6 +561,11 @@ func (s *Server) KeyManagerWAN() *serf.KeyManager { return s.serfWAN.KeyManager() } +// Encrypted determines if gossip is encrypted +func (s *Server) Encrypted() bool { + return s.serfLAN.EncryptionEnabled() && s.serfWAN.EncryptionEnabled() +} + // inmemCodec is used to do an RPC call without going over a network type inmemCodec struct { method string