aboutsummaryrefslogtreecommitdiffstats
path: root/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java
diff options
context:
space:
mode:
authorjonmv <venstad@gmail.com>2023-12-13 15:16:27 +0100
committerjonmv <venstad@gmail.com>2023-12-14 15:29:22 +0100
commitcee303d96079ec1ba05f421ff2791105a8fc0ce4 (patch)
treea68d1387233d7ba58b49201fbe694d0651878ca0 /zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java
parentc6e17fe52ba4ce72d3014b0c04fe9dee073d61d7 (diff)
Look up TLS context directly in X509ClientUtil, which simplifies a lot!
Diffstat (limited to 'zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java')
-rw-r--r--zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java17
1 files changed, 7 insertions, 10 deletions
diff --git a/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java b/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java
index 68f7459530e..90554910293 100644
--- a/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java
+++ b/zookeeper-server/zookeeper-server-3.8.0/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java
@@ -2,19 +2,24 @@
package com.yahoo.vespa.zookeeper;
import com.yahoo.security.X509SslContext;
+import com.yahoo.security.tls.TlsContext;
+import com.yahoo.security.tls.TransportSecurityUtils;
import org.apache.zookeeper.KeeperException;
+import org.apache.zookeeper.common.ClientX509Util;
+import org.apache.zookeeper.common.X509Exception;
import org.apache.zookeeper.data.Id;
import org.apache.zookeeper.server.ServerCnxn;
import org.apache.zookeeper.server.auth.AuthenticationProvider;
import org.apache.zookeeper.server.auth.X509AuthenticationProvider;
+import javax.net.ssl.KeyManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
import java.util.logging.Logger;
/**
- * A {@link AuthenticationProvider} to be used in combination with Vespa mTLS
+ * A {@link AuthenticationProvider} to be used in combination with Vespa mTLS.
*
* @author bjorncs
*/
@@ -23,15 +28,7 @@ public class VespaMtlsAuthenticationProvider extends X509AuthenticationProvider
private static final Logger log = Logger.getLogger(VespaMtlsAuthenticationProvider.class.getName());
public VespaMtlsAuthenticationProvider() {
- super(trustManager(), keyManager());
- }
-
- private static X509KeyManager keyManager() {
- return new VespaSslContextProvider().tlsContext().map(X509SslContext::keyManager).orElse(null);
- }
-
- private static X509TrustManager trustManager() {
- return new VespaSslContextProvider().tlsContext().map(X509SslContext::trustManager).orElse(null);
+ super(null, null);
}
@Override