flume-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hshreedha...@apache.org
Subject flume git commit: FLUME-2626. Remove trustmanager-type from Thrift RPC client and Thrift Source.
Date Fri, 13 Mar 2015 01:03:47 GMT
Repository: flume
Updated Branches:
  refs/heads/flume-1.6 f8065ef7a -> d0b7ceb61


FLUME-2626. Remove trustmanager-type from Thrift RPC client and Thrift Source.

(Johny Rufus via Hari)


Project: http://git-wip-us.apache.org/repos/asf/flume/repo
Commit: http://git-wip-us.apache.org/repos/asf/flume/commit/d0b7ceb6
Tree: http://git-wip-us.apache.org/repos/asf/flume/tree/d0b7ceb6
Diff: http://git-wip-us.apache.org/repos/asf/flume/diff/d0b7ceb6

Branch: refs/heads/flume-1.6
Commit: d0b7ceb615bec3606ae464a68ff7f173828fdafe
Parents: f8065ef
Author: Hari Shreedharan <hshreedharan@apache.org>
Authored: Thu Mar 12 18:02:47 2015 -0700
Committer: Hari Shreedharan <hshreedharan@apache.org>
Committed: Thu Mar 12 18:02:47 2015 -0700

----------------------------------------------------------------------
 .../java/org/apache/flume/source/ThriftSource.java    | 14 ++++++++++----
 .../java/org/apache/flume/api/ThriftRpcClient.java    | 12 +++---------
 2 files changed, 13 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/flume/blob/d0b7ceb6/flume-ng-core/src/main/java/org/apache/flume/source/ThriftSource.java
----------------------------------------------------------------------
diff --git a/flume-ng-core/src/main/java/org/apache/flume/source/ThriftSource.java b/flume-ng-core/src/main/java/org/apache/flume/source/ThriftSource.java
index 1d8bb33..7df5ddb 100644
--- a/flume-ng-core/src/main/java/org/apache/flume/source/ThriftSource.java
+++ b/flume-ng-core/src/main/java/org/apache/flume/source/ThriftSource.java
@@ -62,6 +62,7 @@ import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.ServerSocket;
 import java.security.KeyStore;
+import java.security.Security;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.LinkedList;
@@ -103,7 +104,6 @@ public class ThriftSource extends AbstractSource implements Configurable,
   private static final String KEYSTORE_KEY = "keystore";
   private static final String KEYSTORE_PASSWORD_KEY = "keystore-password";
   private static final String KEYSTORE_TYPE_KEY = "keystore-type";
-  private static final String KEYMANAGER_TYPE = "keymanager-type";
   private static final String EXCLUDE_PROTOCOLS = "exclude-protocols";
 
   private static final String KERBEROS_KEY = "kerberos";
@@ -120,7 +120,6 @@ public class ThriftSource extends AbstractSource implements Configurable,
   private String keystore;
   private String keystorePassword;
   private String keystoreType;
-  private String keyManagerType;
   private final List<String> excludeProtocols = new LinkedList<String>();
   private boolean enableSsl = false;
   private boolean enableKerberos = false;
@@ -165,7 +164,6 @@ public class ThriftSource extends AbstractSource implements Configurable,
       keystore = context.getString(KEYSTORE_KEY);
       keystorePassword = context.getString(KEYSTORE_PASSWORD_KEY);
       keystoreType = context.getString(KEYSTORE_TYPE_KEY, "JKS");
-      keyManagerType = context.getString(KEYMANAGER_TYPE, KeyManagerFactory.getDefaultAlgorithm());
       String excludeProtocolsStr = context.getString(EXCLUDE_PROTOCOLS);
       if (excludeProtocolsStr == null) {
         excludeProtocols.add("SSLv3");
@@ -253,12 +251,20 @@ public class ThriftSource extends AbstractSource implements Configurable,
     super.start();
   }
 
+  private String getkeyManagerAlgorithm() {
+    String algorithm = Security.getProperty(
+            "ssl.KeyManagerFactory.algorithm");
+    return (algorithm != null) ?
+            algorithm : KeyManagerFactory.getDefaultAlgorithm();
+  }
+
   private TServerTransport getSSLServerTransport() {
     try {
       TServerTransport transport;
       TSSLTransportFactory.TSSLTransportParameters params =
               new TSSLTransportFactory.TSSLTransportParameters();
-      params.setKeyStore(keystore, keystorePassword, keyManagerType, keystoreType);
+
+      params.setKeyStore(keystore, keystorePassword, getkeyManagerAlgorithm(), keystoreType);
       transport = TSSLTransportFactory.getServerSocket(
               port, 120000, InetAddress.getByName(bindAddress), params);
 

http://git-wip-us.apache.org/repos/asf/flume/blob/d0b7ceb6/flume-ng-sdk/src/main/java/org/apache/flume/api/ThriftRpcClient.java
----------------------------------------------------------------------
diff --git a/flume-ng-sdk/src/main/java/org/apache/flume/api/ThriftRpcClient.java b/flume-ng-sdk/src/main/java/org/apache/flume/api/ThriftRpcClient.java
index 5c4cc41..857948f 100644
--- a/flume-ng-sdk/src/main/java/org/apache/flume/api/ThriftRpcClient.java
+++ b/flume-ng-sdk/src/main/java/org/apache/flume/api/ThriftRpcClient.java
@@ -91,8 +91,6 @@ public class ThriftRpcClient extends AbstractRpcClient {
   private String truststore;
   private String truststorePassword;
   private String truststoreType;
-  private String trustManagerType;
-  private static final String TRUSTMANAGER_TYPE = "trustmanager-type";
   private final List<String> excludeProtocols = new LinkedList<String>();
 
   public ThriftRpcClient() {
@@ -338,8 +336,6 @@ public class ThriftRpcClient extends AbstractRpcClient {
                 RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_PASSWORD);
         truststoreType = properties.getProperty(
                 RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_TYPE, "JKS");
-        trustManagerType = properties.getProperty(
-                TRUSTMANAGER_TYPE, TrustManagerFactory.getDefaultAlgorithm());
         String excludeProtocolsStr = properties.getProperty(
                 RpcClientConfigurationConstants.CONFIG_EXCLUDE_PROTOCOLS);
         if (excludeProtocolsStr == null) {
@@ -392,7 +388,7 @@ public class ThriftRpcClient extends AbstractRpcClient {
         // properly so we have to do some magic to make sure that happens.
         // Not an issue in JDK7 Lifted from thrift-0.9.1 to make the SSLContext
         SSLContext sslContext = createSSLContext(truststore, truststorePassword,
-                trustManagerType, truststoreType);
+                truststoreType);
 
         // Create the factory from it
         SSLSocketFactory sslSockFactory = sslContext.getSocketFactory();
@@ -531,13 +527,11 @@ public class ThriftRpcClient extends AbstractRpcClient {
    *
    */
   private static SSLContext createSSLContext(String truststore,
-          String truststorePassword, String trustManagerType,
-          String truststoreType) throws FlumeException {
+    String truststorePassword, String truststoreType) throws FlumeException {
     SSLContext ctx;
     try {
       ctx = SSLContext.getInstance("TLS");
-      TrustManagerFactory tmf = null;
-      KeyManagerFactory kmf = null;
+      TrustManagerFactory tmf;
       tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
       KeyStore ts = null;
       if (truststore != null && truststoreType != null) {


Mime
View raw message