zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ivmaykov <...@git.apache.org>
Subject [GitHub] zookeeper pull request #679: ZOOKEEPER-3172: Quorum TLS - fix port unificati...
Date Wed, 14 Nov 2018 23:14:14 GMT
Github user ivmaykov commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/679#discussion_r233656201
  
    --- Diff: zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java ---
    @@ -350,14 +389,22 @@ public static X509TrustManager createTrustManager(
         public SSLSocket createSSLSocket() throws X509Exception, IOException {
             SSLSocket sslSocket = (SSLSocket) getDefaultSSLContext().getSocketFactory().createSocket();
             configureSSLSocket(sslSocket);
    -
    +        sslSocket.setUseClientMode(true);
             return sslSocket;
         }
     
    -    public SSLSocket createSSLSocket(Socket socket) throws X509Exception, IOException
{
    -        SSLSocket sslSocket = (SSLSocket) getDefaultSSLContext().getSocketFactory().createSocket(socket,
null, socket.getPort(), true);
    +    public SSLSocket createSSLSocket(Socket socket, byte[] pushbackBytes) throws X509Exception,
IOException {
    +        SSLSocket sslSocket;
    +        if (pushbackBytes != null && pushbackBytes.length > 0) {
    +            sslSocket = (SSLSocket) getDefaultSSLContext().getSocketFactory().createSocket(
    +                    socket, new ByteArrayInputStream(pushbackBytes), true);
    +        } else {
    +            sslSocket = (SSLSocket) getDefaultSSLContext().getSocketFactory().createSocket(
    +                    socket, null, socket.getPort(), true);
    +        }
             configureSSLSocket(sslSocket);
    -
    +        sslSocket.setUseClientMode(false);
    --- End diff --
    
    Yes and yes. In #681 I make the client auth setting configurable.


---

Mime
View raw message