diff options
| author | jonmv <venstad@gmail.com> | 2023-11-24 09:20:26 +0100 |
|---|---|---|
| committer | jonmv <venstad@gmail.com> | 2023-11-24 09:20:26 +0100 |
| commit | 485d4235f75dad465fedf6dec546407ba5780faf (patch) | |
| tree | b0345ff43be89c67908ff0baa165e99b80c67640 /zookeeper-server | |
| parent | ed825288c63e8e6e30d19c0e939c2e5cd66db144 (diff) | |
Handle non-vespa-mtls scenario during setup of providers
Diffstat (limited to 'zookeeper-server')
4 files changed, 13 insertions, 10 deletions
diff --git a/zookeeper-server/zookeeper-server-3.8.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java b/zookeeper-server/zookeeper-server-3.8.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java index 8bb88a83b10..68f7459530e 100644 --- a/zookeeper-server/zookeeper-server-3.8.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java +++ b/zookeeper-server/zookeeper-server-3.8.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java @@ -1,6 +1,7 @@ // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.zookeeper; +import com.yahoo.security.X509SslContext; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.data.Id; import org.apache.zookeeper.server.ServerCnxn; @@ -26,11 +27,11 @@ public class VespaMtlsAuthenticationProvider extends X509AuthenticationProvider } private static X509KeyManager keyManager() { - return new VespaSslContextProvider().tlsContext().keyManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::keyManager).orElse(null); } private static X509TrustManager trustManager() { - return new VespaSslContextProvider().tlsContext().trustManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::trustManager).orElse(null); } @Override diff --git a/zookeeper-server/zookeeper-server-3.9.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java b/zookeeper-server/zookeeper-server-3.9.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java index f51b076a262..100de4894ae 100644 --- a/zookeeper-server/zookeeper-server-3.9.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java +++ b/zookeeper-server/zookeeper-server-3.9.1/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java @@ -1,6 +1,7 @@ // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.zookeeper; +import com.yahoo.security.X509SslContext; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.common.X509Exception; import org.apache.zookeeper.data.Id; @@ -28,11 +29,11 @@ public class VespaMtlsAuthenticationProvider extends X509AuthenticationProvider } private static X509KeyManager keyManager() { - return new VespaSslContextProvider().tlsContext().keyManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::keyManager).orElse(null); } private static X509TrustManager trustManager() { - return new VespaSslContextProvider().tlsContext().trustManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::trustManager).orElse(null); } @Override diff --git a/zookeeper-server/zookeeper-server-common/src/main/java/com/yahoo/vespa/zookeeper/VespaSslContextProvider.java b/zookeeper-server/zookeeper-server-common/src/main/java/com/yahoo/vespa/zookeeper/VespaSslContextProvider.java index b50cbdbdbdf..71cc81a0db0 100644 --- a/zookeeper-server/zookeeper-server-common/src/main/java/com/yahoo/vespa/zookeeper/VespaSslContextProvider.java +++ b/zookeeper-server/zookeeper-server-common/src/main/java/com/yahoo/vespa/zookeeper/VespaSslContextProvider.java @@ -5,6 +5,7 @@ import com.yahoo.security.X509SslContext; import com.yahoo.security.tls.TlsContext; import javax.net.ssl.SSLContext; +import java.util.Optional; import java.util.function.Supplier; /** @@ -18,13 +19,12 @@ public class VespaSslContextProvider implements Supplier<SSLContext> { @Override public SSLContext get() { - return tlsContext().context(); + return tlsContext().orElseThrow(() -> new IllegalStateException("Vespa TLS is not enabled")).context(); } - public X509SslContext tlsContext() { + public Optional<X509SslContext> tlsContext() { synchronized (VespaSslContextProvider.class) { - if (tlsContext == null) throw new IllegalStateException("Vespa TLS is not enabled"); - return tlsContext.sslContext(); + return Optional.ofNullable(tlsContext.sslContext()); } } diff --git a/zookeeper-server/zookeeper-server/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java b/zookeeper-server/zookeeper-server/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java index 8bb88a83b10..68f7459530e 100644 --- a/zookeeper-server/zookeeper-server/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java +++ b/zookeeper-server/zookeeper-server/src/main/java/com/yahoo/vespa/zookeeper/VespaMtlsAuthenticationProvider.java @@ -1,6 +1,7 @@ // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.zookeeper; +import com.yahoo.security.X509SslContext; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.data.Id; import org.apache.zookeeper.server.ServerCnxn; @@ -26,11 +27,11 @@ public class VespaMtlsAuthenticationProvider extends X509AuthenticationProvider } private static X509KeyManager keyManager() { - return new VespaSslContextProvider().tlsContext().keyManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::keyManager).orElse(null); } private static X509TrustManager trustManager() { - return new VespaSslContextProvider().tlsContext().trustManager(); + return new VespaSslContextProvider().tlsContext().map(X509SslContext::trustManager).orElse(null); } @Override |