diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-06-10 16:32:43 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-06-10 16:46:10 +0200 |
commit | a804e2b7efa27e473bf9ab03ecb7fa506ab3879d (patch) | |
tree | f7132d5461d0b6ec2fdfcade2b4b244edb71a8e1 /vespa-feed-client | |
parent | 6973bff52e0287b1f060a52320e377c2aca9b4cd (diff) |
Move logic for constructing SSLContext to builder
Diffstat (limited to 'vespa-feed-client')
-rw-r--r-- | vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java | 19 | ||||
-rw-r--r-- | vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java | 16 |
2 files changed, 17 insertions, 18 deletions
diff --git a/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java b/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java index ae764bc9a3d..163da14cead 100644 --- a/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java +++ b/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java @@ -127,7 +127,7 @@ class ApacheCluster implements Cluster { .setInitialWindowSize(Integer.MAX_VALUE) .build()); - SSLContext sslContext = constructSslContext(builder); + SSLContext sslContext = builder.constructSslContext(); String[] allowedCiphers = excludeH2Blacklisted(excludeWeak(sslContext.getSupportedSSLParameters().getCipherSuites())); if (allowedCiphers.length == 0) throw new IllegalStateException("No adequate SSL cipher suites supported by the JVM"); @@ -142,23 +142,6 @@ class ApacheCluster implements Cluster { .build(); } - private static SSLContext constructSslContext(FeedClientBuilder builder) throws IOException { - if (builder.sslContext != null) return builder.sslContext; - SslContextBuilder sslContextBuilder = new SslContextBuilder(); - if (builder.certificateFile != null && builder.privateKeyFile != null) { - sslContextBuilder.withCertificateAndKey(builder.certificateFile, builder.privateKeyFile); - } else if (builder.certificate != null && builder.privateKey != null) { - sslContextBuilder.withCertificateAndKey(builder.certificate, builder.privateKey); - } - if (builder.caCertificatesFile != null) { - sslContextBuilder.withCaCertificates(builder.caCertificatesFile); - } else if (builder.caCertificates != null) { - sslContextBuilder.withCaCertificates(builder.caCertificates); - } - return sslContextBuilder.build(); - } - - private static class ApacheHttpResponse implements HttpResponse { private final SimpleHttpResponse wrapped; diff --git a/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java b/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java index 2c8e62d81c6..df1f3bcd54c 100644 --- a/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java +++ b/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java @@ -150,6 +150,22 @@ public class FeedClientBuilder { } } + SSLContext constructSslContext() throws IOException { + if (sslContext != null) return sslContext; + SslContextBuilder sslContextBuilder = new SslContextBuilder(); + if (certificateFile != null && privateKeyFile != null) { + sslContextBuilder.withCertificateAndKey(certificateFile, privateKeyFile); + } else if (certificate != null && privateKey != null) { + sslContextBuilder.withCertificateAndKey(certificate, privateKey); + } + if (caCertificatesFile != null) { + sslContextBuilder.withCaCertificates(caCertificatesFile); + } else if (caCertificates != null) { + sslContextBuilder.withCaCertificates(caCertificates); + } + return sslContextBuilder.build(); + } + private void validateConfiguration() { if (sslContext != null && ( certificateFile != null || caCertificatesFile != null || privateKeyFile != null || |