From 36527846e5fb5beca27269312a20cd8d22b80d7a Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 23 Dec 2024 14:33:42 -0500 Subject: [PATCH] fix(agent): fix TLS enforcement for Agent instances --- .../java/io/cryostat/targets/AgentConnection.java | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/main/java/io/cryostat/targets/AgentConnection.java b/src/main/java/io/cryostat/targets/AgentConnection.java index 7b5331c41..09e1805f0 100644 --- a/src/main/java/io/cryostat/targets/AgentConnection.java +++ b/src/main/java/io/cryostat/targets/AgentConnection.java @@ -51,9 +51,6 @@ class AgentConnection implements JFRConnection { private final TemplateService customTemplateService; private final Logger logger = Logger.getLogger(getClass()); - @ConfigProperty(name = ConfigProperties.AGENT_TLS_REQUIRED) - private static boolean TLS_REQUIRED; - AgentConnection(AgentClient client, TemplateService customTemplateService) { this.client = client; this.customTemplateService = customTemplateService; @@ -158,19 +155,21 @@ public MBeanMetrics getMBeanMetrics() @ApplicationScoped public static class Factory { + @ConfigProperty(name = ConfigProperties.AGENT_TLS_REQUIRED) + boolean tlsRequired; + @Inject AgentClient.Factory clientFactory; @Inject S3TemplateService customTemplateService; @Inject Logger logger; public AgentConnection createConnection(Target target) throws MalformedURLException { - if (TLS_REQUIRED && target.connectUrl.getScheme().equals("https")) { - return new AgentConnection(clientFactory.create(target), customTemplateService); - } else { + if (tlsRequired && !target.connectUrl.getScheme().equals("https")) { throw new MalformedURLException( String.format( "Agent connections are required to be TLS by (%s)", ConfigProperties.AGENT_TLS_REQUIRED)); } + return new AgentConnection(clientFactory.create(target), customTemplateService); } } }