diff options
author | jonmv <venstad@gmail.com> | 2023-12-13 15:16:27 +0100 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2023-12-14 15:29:22 +0100 |
commit | cee303d96079ec1ba05f421ff2791105a8fc0ce4 (patch) | |
tree | a68d1387233d7ba58b49201fbe694d0651878ca0 /zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java | |
parent | c6e17fe52ba4ce72d3014b0c04fe9dee073d61d7 (diff) |
Look up TLS context directly in X509ClientUtil, which simplifies a lot!
Diffstat (limited to 'zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java')
-rw-r--r-- | zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java b/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java index 68f7459530e..90554910293 100644 --- a/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java +++ b/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java @@ -2,19 +2,24 @@ package com.yahoo.vespa.zookeeper; import com.yahoo.security.X509SslContext; +import com.yahoo.security.tls.TlsContext; +import com.yahoo.security.tls.TransportSecurityUtils; import org.apache.zookeeper.KeeperException; +import org.apache.zookeeper.common.ClientX509Util; +import org.apache.zookeeper.common.X509Exception; import org.apache.zookeeper.data.Id; import org.apache.zookeeper.server.ServerCnxn; import org.apache.zookeeper.server.auth.AuthenticationProvider; import org.apache.zookeeper.server.auth.X509AuthenticationProvider; +import javax.net.ssl.KeyManager; import javax.net.ssl.X509KeyManager; import javax.net.ssl.X509TrustManager; import java.security.cert.X509Certificate; import java.util.logging.Logger; /** - * A {@link AuthenticationProvider} to be used in combination with Vespa mTLS + * A {@link AuthenticationProvider} to be used in combination with Vespa mTLS. * * @author bjorncs */ @@ -23,15 +28,7 @@ public class VespaMtlsAuthenticationProvider extends X509AuthenticationProvider private static final Logger log = Logger.getLogger(VespaMtlsAuthenticationProvider.class.getName()); public VespaMtlsAuthenticationProvider() { - super(trustManager(), keyManager()); - } - - private static X509KeyManager keyManager() { - return new VespaSslContextProvider().tlsContext().map(X509SslContext::keyManager).orElse(null); - } - - private static X509TrustManager trustManager() { - return new VespaSslContextProvider().tlsContext().map(X509SslContext::trustManager).orElse(null); + super(null, null); } @Override |