From db6754258b06be89d574ab69758b9d4b9bc6b58f Mon Sep 17 00:00:00 2001 From: Bjørn Christian Seime Date: Mon, 17 Jul 2023 13:25:35 +0200 Subject: Always use `CloudSslContextProvider` --- .../vespa/model/container/http/ssl/CloudSslProvider.java | 12 ++---------- .../model/container/http/ssl/HostedSslConnectorFactory.java | 4 +--- .../vespa/model/container/xml/ContainerModelBuilder.java | 1 - 3 files changed, 3 insertions(+), 14 deletions(-) (limited to 'config-model') diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/CloudSslProvider.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/CloudSslProvider.java index b231a4ad847..ae60ed77a7a 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/CloudSslProvider.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/CloudSslProvider.java @@ -2,8 +2,6 @@ package com.yahoo.vespa.model.container.http.ssl; import com.yahoo.jdisc.http.ConnectorConfig; -import com.yahoo.jdisc.http.ssl.impl.CloudSslContextProvider; -import com.yahoo.jdisc.http.ssl.impl.ConfiguredSslContextFactoryProvider; import java.util.Optional; @@ -17,8 +15,6 @@ import static com.yahoo.jdisc.http.ConnectorConfig.Ssl.ClientAuth; */ public class CloudSslProvider extends SslProvider { public static final String COMPONENT_ID_PREFIX = "configured-ssl-provider@"; - public static final String MTLSONLY_COMPONENT_CLASS = ConfiguredSslContextFactoryProvider.class.getName(); - public static final String TOKEN_COMPONENT_CLASS = CloudSslContextProvider.class.getName(); private final String privateKey; private final String certificate; @@ -27,8 +23,8 @@ public class CloudSslProvider extends SslProvider { private final ClientAuth.Enum clientAuthentication; public CloudSslProvider(String servername, String privateKey, String certificate, String caCertificatePath, - String caCertificate, ClientAuth.Enum clientAuthentication, boolean enableTokenSupport) { - super(COMPONENT_ID_PREFIX, servername, componentClass(enableTokenSupport), null); + String caCertificate, ClientAuth.Enum clientAuthentication) { + super(COMPONENT_ID_PREFIX, servername, "com.yahoo.jdisc.http.ssl.impl.CloudSslContextProvider", null); this.privateKey = privateKey; this.certificate = certificate; this.caCertificatePath = caCertificatePath; @@ -36,10 +32,6 @@ public class CloudSslProvider extends SslProvider { this.clientAuthentication = clientAuthentication; } - private static String componentClass(boolean enableTokenSupport) { - return enableTokenSupport ? TOKEN_COMPONENT_CLASS : MTLSONLY_COMPONENT_CLASS; - } - @Override public void amendConnectorConfig(ConnectorConfig.Builder builder) { builder.ssl.enabled(true); diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java index 76014181558..4f11611541d 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java @@ -38,7 +38,7 @@ public class HostedSslConnectorFactory extends ConnectorFactory { ? ConnectorConfig.Ssl.ClientAuth.Enum.NEED_AUTH : ConnectorConfig.Ssl.ClientAuth.Enum.WANT_AUTH; return new CloudSslProvider( builder.name, builder.endpointCertificate.key(), builder.endpointCertificate.certificate(), - builder.tlsCaCertificatesPath, builder.tlsCaCertificatesPem, clientAuthentication, builder.tokenEndpoint); + builder.tlsCaCertificatesPath, builder.tlsCaCertificatesPem, clientAuthentication); } @Override @@ -72,7 +72,6 @@ public class HostedSslConnectorFactory extends ConnectorFactory { EndpointCertificateSecrets endpointCertificate; String tlsCaCertificatesPem; String tlsCaCertificatesPath; - boolean tokenEndpoint; private Builder(String name, int port) { this.name = name; this.port = port; } public Builder requireTlsClientAuthDuringTlsHandshake(boolean enable) {this.requireTlsClientAuthDuringTlsHandshake = enable; return this; } @@ -82,7 +81,6 @@ public class HostedSslConnectorFactory extends ConnectorFactory { public Builder endpointCertificate(EndpointCertificateSecrets cert) { this.endpointCertificate = cert; return this; } public Builder tlsCaCertificatesPath(String path) { this.tlsCaCertificatesPath = path; return this; } public Builder tlsCaCertificatesPem(String pem) { this.tlsCaCertificatesPem = pem; return this; } - public Builder tokenEndpoint(boolean enable) { this.tokenEndpoint = enable; return this; } public HostedSslConnectorFactory build() { return new HostedSslConnectorFactory(this); } } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java index 1e45e7d397c..3318138ebd7 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java @@ -639,7 +639,6 @@ public class ContainerModelBuilder extends ConfigModelBuilder { endpointCert.certificate(), endpointCert.key()); cluster.addComponent(dataplaneProxy); - builder.tokenEndpoint(true); } } var connectorFactory = builder.build(); -- cgit v1.2.3