diff options
author | jonmv <venstad@gmail.com> | 2023-12-13 15:16:27 +0100 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2023-12-14 15:29:22 +0100 |
commit | cee303d96079ec1ba05f421ff2791105a8fc0ce4 (patch) | |
tree | a68d1387233d7ba58b49201fbe694d0651878ca0 /zookeeper-common | |
parent | c6e17fe52ba4ce72d3014b0c04fe9dee073d61d7 (diff) |
Look up TLS context directly in X509ClientUtil, which simplifies a lot!
Diffstat (limited to 'zookeeper-common')
-rw-r--r-- | zookeeper-common/OWNERS | 1 | ||||
-rw-r--r-- | zookeeper-common/README.md | 4 | ||||
-rw-r--r-- | zookeeper-common/pom.xml | 51 | ||||
-rw-r--r-- | zookeeper-common/src/main/java/com/yahoo/vespa/zookeeper/VespaZookeeperTlsContextUtils.java | 26 |
4 files changed, 82 insertions, 0 deletions
diff --git a/zookeeper-common/OWNERS b/zookeeper-common/OWNERS new file mode 100644 index 00000000000..d0a102ecbf4 --- /dev/null +++ b/zookeeper-common/OWNERS @@ -0,0 +1 @@ +jonmv diff --git a/zookeeper-common/README.md b/zookeeper-common/README.md new file mode 100644 index 00000000000..f0c7cee342d --- /dev/null +++ b/zookeeper-common/README.md @@ -0,0 +1,4 @@ +<!-- Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. --> +# zookeeper-common + +Shared configuration logic for ZooKeeper diff --git a/zookeeper-common/pom.xml b/zookeeper-common/pom.xml new file mode 100644 index 00000000000..2c8ed8fe476 --- /dev/null +++ b/zookeeper-common/pom.xml @@ -0,0 +1,51 @@ +<?xml version="1.0"?> +<!-- Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. --> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>com.yahoo.vespa</groupId> + <artifactId>parent</artifactId> + <version>8-SNAPSHOT</version> + <relativePath>../parent/pom.xml</relativePath> + </parent> + <artifactId>zookeeper-common</artifactId> + <packaging>jar</packaging> + <version>8-SNAPSHOT</version> + + <dependencies> + + <dependency> + <groupId>com.yahoo.vespa</groupId> + <artifactId>security-utils</artifactId> + <version>${project.version}</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>com.yahoo.vespa</groupId> + <artifactId>defaults</artifactId> + <version>${project.version}</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + </plugin> + </plugins> + </build> +</project> diff --git a/zookeeper-common/src/main/java/com/yahoo/vespa/zookeeper/VespaZookeeperTlsContextUtils.java b/zookeeper-common/src/main/java/com/yahoo/vespa/zookeeper/VespaZookeeperTlsContextUtils.java new file mode 100644 index 00000000000..493f80d2b40 --- /dev/null +++ b/zookeeper-common/src/main/java/com/yahoo/vespa/zookeeper/VespaZookeeperTlsContextUtils.java @@ -0,0 +1,26 @@ +package com.yahoo.vespa.zookeeper; + +import com.yahoo.security.tls.ConfigFileBasedTlsContext; +import com.yahoo.security.tls.TlsContext; +import com.yahoo.security.tls.TransportSecurityUtils; +import com.yahoo.vespa.defaults.Defaults; + +import java.nio.file.Files; +import java.nio.file.Path; +import java.util.Optional; + +/** + * @author jonmv + */ +public class VespaZookeeperTlsContextUtils { + + private static final Path ZOOKEEPER_TLS_CONFIG_FILE = Path.of(Defaults.getDefaults().underVespaHome("var/zookeeper/conf/tls.conf.json")); + private static final TlsContext tlsContext = Files.exists(ZOOKEEPER_TLS_CONFIG_FILE) + ? new ConfigFileBasedTlsContext(ZOOKEEPER_TLS_CONFIG_FILE, TransportSecurityUtils.getInsecureAuthorizationMode()) + : TransportSecurityUtils.getSystemTlsContext().orElse(null); + + public static Optional<TlsContext> tlsContext() { + return Optional.ofNullable(tlsContext); + } + +} |