Rename 'ReloadingTlsContext' -> 'ConfigFiledBasedTlsContext'

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-07-02 15:21:04 +0200
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-07-03 15:15:56 +0200
commit: 11a5942edc867ef783568e0c5f43c571895232d1 (patch)
tree: c53cbe88817c179dec6ca2bfe3b3dd48e34d4419
parent: 76f07e1fdafcda1bcf1c178b2fc8d32b30d9b681 (diff)
5 files changed, 12 insertions, 11 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider.java
index 0bbe6207294..a3c1c79fa76 100644
--- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider.java
+++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider.java
@@ -3,7 +3,7 @@ package com.yahoo.jdisc.http.ssl.impl;
 
 import com.yahoo.component.AbstractComponent;
 import com.yahoo.jdisc.http.ssl.SslContextFactoryProvider;
-import com.yahoo.security.tls.ReloadingTlsContext;
+import com.yahoo.security.tls.ConfigFiledBasedTlsContext;
 import com.yahoo.security.tls.TlsContext;
 import com.yahoo.security.tls.TransportSecurityUtils;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
@@ -16,7 +16,7 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
 public class DefaultSslContextFactoryProvider extends AbstractComponent implements SslContextFactoryProvider {
 
     private final TlsContext tlsContext = TransportSecurityUtils.getConfigFile()
-            .map(configFile -> new ReloadingTlsContext(configFile, TransportSecurityUtils.getInsecureAuthorizationMode()))
+            .map(configFile -> new ConfigFiledBasedTlsContext(configFile, TransportSecurityUtils.getInsecureAuthorizationMode()))
             .orElse(null);
 
     @Override
diff --git a/jrt/src/com/yahoo/jrt/CryptoEngine.java b/jrt/src/com/yahoo/jrt/CryptoEngine.java
index 81bf10be187..16ebdf105fc 100644
--- a/jrt/src/com/yahoo/jrt/CryptoEngine.java
+++ b/jrt/src/com/yahoo/jrt/CryptoEngine.java
@@ -4,7 +4,7 @@ package com.yahoo.jrt;
 
 import com.yahoo.security.tls.AuthorizationMode;
 import com.yahoo.security.tls.MixedMode;
-import com.yahoo.security.tls.ReloadingTlsContext;
+import com.yahoo.security.tls.ConfigFiledBasedTlsContext;
 import com.yahoo.security.tls.TlsContext;
 import com.yahoo.security.tls.TransportSecurityUtils;
 
@@ -24,7 +24,7 @@ public interface CryptoEngine extends AutoCloseable {
             return new NullCryptoEngine();
         }
         AuthorizationMode mode = TransportSecurityUtils.getInsecureAuthorizationMode();
-        TlsContext tlsContext = new ReloadingTlsContext(TransportSecurityUtils.getConfigFile().get(), mode);
+        TlsContext tlsContext = new ConfigFiledBasedTlsContext(TransportSecurityUtils.getConfigFile().get(), mode);
         TlsCryptoEngine tlsCryptoEngine = new TlsCryptoEngine(tlsContext);
         MixedMode mixedMode = TransportSecurityUtils.getInsecureMixedMode();
         switch (mixedMode) {
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ReloadingTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFiledBasedTlsContext.java
index 7e60abb2ee6..c30f92cec63 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/ReloadingTlsContext.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFiledBasedTlsContext.java
@@ -31,20 +31,21 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 /**
- * A {@link TlsContext} that regularly reloads the credentials referred to from the transport security options file.
+ * A {@link TlsContext} that uses the tls configuration specified in the transport security options file.
+ * The credentials are regularly reloaded to support short-lived certificates.
  *
  * @author bjorncs
  */
-public class ReloadingTlsContext implements TlsContext {
+public class ConfigFiledBasedTlsContext implements TlsContext {
 
     private static final Duration UPDATE_PERIOD = Duration.ofHours(1);
 
-    private static final Logger log = Logger.getLogger(ReloadingTlsContext.class.getName());
+    private static final Logger log = Logger.getLogger(ConfigFiledBasedTlsContext.class.getName());
 
     private final TlsContext tlsContext;
     private final ScheduledExecutorService scheduler = Executors.newSingleThreadScheduledExecutor(new ReloaderThreadFactory());
 
-    public ReloadingTlsContext(Path tlsOptionsConfigFile, AuthorizationMode mode) {
+    public ConfigFiledBasedTlsContext(Path tlsOptionsConfigFile, AuthorizationMode mode) {
         TransportSecurityOptions options = TransportSecurityOptions.fromJsonFile(tlsOptionsConfigFile);
         MutableX509TrustManager trustManager = new MutableX509TrustManager();
         MutableX509KeyManager keyManager = new MutableX509KeyManager();
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityUtils.java b/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityUtils.java
index a4e508e0d2a..514a538f0f9 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityUtils.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityUtils.java
@@ -66,7 +66,7 @@ public class TransportSecurityUtils {
 
     public static Optional<TlsContext> createTlsContext() {
         return getConfigFile()
-                .map(configFile -> new ReloadingTlsContext(configFile, getInsecureAuthorizationMode()));
+                .map(configFile -> new ConfigFiledBasedTlsContext(configFile, getInsecureAuthorizationMode()));
     }
 
     private static Optional<String> getEnvironmentVariable(Map<String, String> environmentVariables, String variableName) {
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/ReloadingTlsContextTest.java b/security-utils/src/test/java/com/yahoo/security/tls/ConfigFiledBasedTlsContextTest.java
index bcdb0793348..5b0fcfc9d65 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/ReloadingTlsContextTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/ConfigFiledBasedTlsContextTest.java
@@ -26,7 +26,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 /**
  * @author bjorncs
  */
-public class ReloadingTlsContextTest {
+public class ConfigFiledBasedTlsContextTest {
 
     @Rule
     public TemporaryFolder tempDirectory = new TemporaryFolder();
@@ -55,7 +55,7 @@ public class ReloadingTlsContextTest {
         Path optionsFile = tempDirectory.newFile().toPath();
         options.toJsonFile(optionsFile);
 
-        try (TlsContext tlsContext = new ReloadingTlsContext(optionsFile, AuthorizationMode.ENFORCE)) {
+        try (TlsContext tlsContext = new ConfigFiledBasedTlsContext(optionsFile, AuthorizationMode.ENFORCE)) {
             SSLEngine sslEngine = tlsContext.createSslEngine();
             assertThat(sslEngine).isNotNull();
             String[] enabledCiphers = sslEngine.getEnabledCipherSuites();
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-07-02 15:21:04 +0200
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-07-03 15:15:56 +0200
commit	11a5942edc867ef783568e0c5f43c571895232d1 (patch)
tree	c53cbe88817c179dec6ca2bfe3b3dd48e34d4419
parent	76f07e1fdafcda1bcf1c178b2fc8d32b30d9b681 (diff)