Search in sources :

Example 1 with SSLContextAndOptions

use of org.apache.zookeeper.common.SSLContextAndOptions in project zookeeper by apache.

the class NettyServerCnxnFactory method initSSL.

private synchronized void initSSL(ChannelPipeline p, boolean supportPlaintext) throws X509Exception, KeyManagementException, NoSuchAlgorithmException {
    String authProviderProp = System.getProperty(x509Util.getSslAuthProviderProperty());
    SslContext nettySslContext;
    if (authProviderProp == null) {
        SSLContextAndOptions sslContextAndOptions = x509Util.getDefaultSSLContextAndOptions();
        nettySslContext = sslContextAndOptions.createNettyJdkSslContext(sslContextAndOptions.getSSLContext(), false);
    } else {
        SSLContext sslContext = SSLContext.getInstance(ClientX509Util.DEFAULT_PROTOCOL);
        X509AuthenticationProvider authProvider = (X509AuthenticationProvider) ProviderRegistry.getProvider(System.getProperty(x509Util.getSslAuthProviderProperty(), "x509"));
        if (authProvider == null) {
            LOG.error("Auth provider not found: {}", authProviderProp);
            throw new SSLContextException("Could not create SSLContext with specified auth provider: " + authProviderProp);
        }
        sslContext.init(new X509KeyManager[] { authProvider.getKeyManager() }, new X509TrustManager[] { authProvider.getTrustManager() }, null);
        nettySslContext = x509Util.getDefaultSSLContextAndOptions().createNettyJdkSslContext(sslContext, false);
    }
    if (supportPlaintext) {
        p.addLast("ssl", new DualModeSslHandler(nettySslContext));
        LOG.debug("dual mode SSL handler added for channel: {}", p.channel());
    } else {
        p.addLast("ssl", nettySslContext.newHandler(p.channel().alloc()));
        LOG.debug("SSL handler added for channel: {}", p.channel());
    }
}
Also used : SSLContextAndOptions(org.apache.zookeeper.common.SSLContextAndOptions) X509AuthenticationProvider(org.apache.zookeeper.server.auth.X509AuthenticationProvider) SSLContextException(org.apache.zookeeper.common.X509Exception.SSLContextException) SSLContext(javax.net.ssl.SSLContext) SslContext(io.netty.handler.ssl.SslContext)

Aggregations

SslContext (io.netty.handler.ssl.SslContext)1 SSLContext (javax.net.ssl.SSLContext)1 SSLContextAndOptions (org.apache.zookeeper.common.SSLContextAndOptions)1 SSLContextException (org.apache.zookeeper.common.X509Exception.SSLContextException)1 X509AuthenticationProvider (org.apache.zookeeper.server.auth.X509AuthenticationProvider)1