diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-03-05 13:44:01 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-03-05 13:44:01 +0100 |
commit | 6a622451462340fe9bb7a5d885651d87404b59d7 (patch) | |
tree | ad898480c738f31d4062828759e5d53c7e10d186 /jdisc_http_service | |
parent | edaf4365b0736c4fb57c359f8cd12c149a76e343 (diff) |
Handle SslConnectionFactory wrapped in DetectorConnectionFactory
Support TLS mixed mode after recent Jetty upgrade in health check proxy handler.
SslConnectionFactory is no longer a top-level connection factory in connector if mixed mode is enabled.
Diffstat (limited to 'jdisc_http_service')
-rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java index aeb08e042a1..9dc3380baac 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java @@ -13,6 +13,7 @@ import org.apache.http.conn.ssl.TrustAllStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.ssl.SSLContexts; +import org.eclipse.jetty.server.DetectorConnectionFactory; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.server.handler.HandlerWrapper; @@ -74,6 +75,8 @@ class HealthCheckProxyHandler extends HandlerWrapper { .orElseThrow(() -> new IllegalArgumentException("Could not find any connector with listen port " + targetPort)); SslContextFactory.Server sslContextFactory = Optional.ofNullable(targetConnector.getConnectionFactory(SslConnectionFactory.class)) + .or(() -> Optional.ofNullable(targetConnector.getConnectionFactory(DetectorConnectionFactory.class)) + .map(detectorConnFactory -> detectorConnFactory.getBean(SslConnectionFactory.class))) .map(connFactory -> (SslContextFactory.Server) connFactory.getSslContextFactory()) .orElseThrow(() -> new IllegalArgumentException("Health check proxy can only target https port")); return new ProxyTarget(targetPort, sslContextFactory); |