This is an automated email from the ASF dual-hosted git repository.
htowaileb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/asterixdb.git
The following commit(s) were added to refs/heads/master by this push:
new aba667bc4f [NO ISSUE][NET] Only use client certificates if configured
aba667bc4f is described below
commit aba667bc4fdf7760ecb8969d52b0a23b883cd4a0
Author: Ian Maxon <[email protected]>
AuthorDate: Tue Feb 25 23:51:44 2025 -0800
[NO ISSUE][NET] Only use client certificates if configured
Change-Id: Id46266849ded6d0ea632293e829aed78396e1ea2
Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/19471
Integration-Tests: Jenkins <[email protected]>
Reviewed-by: Michael Blow <[email protected]>
Tested-by: Michael Blow <[email protected]>
---
.../java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git
a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
index d8f5cff225..7a0e48292a 100644
---
a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
+++
b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
@@ -53,7 +53,8 @@ public class NetworkSecurityManager implements
INetworkSecurityManager {
@Override
public SSLEngine newSSLEngine(boolean clientMode) {
try {
- SSLEngine sslEngine = newSSLContext(clientMode).createSSLEngine();
+ boolean useClientCerts = clientMode && config.useMutualAuth();
+ SSLEngine sslEngine =
newSSLContext(useClientCerts).createSSLEngine();
sslEngine.setUseClientMode(clientMode);
return sslEngine;
} catch (Exception ex) {
