[GitHub] flink pull request #6355: [FLINK-9878][network][ssl] add more low-level ssl ...

Mon, 23 Jul 2018 02:29:53 -0700 

Github user pnowojski commented on a diff in the pull request:

    https://github.com/apache/flink/pull/6355#discussion_r204326191
  
    --- Diff: 
flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java ---
    @@ -163,80 +163,188 @@ public static void 
setSSLVerifyHostname(Configuration sslConfig, SSLParameters s
        }
     
        /**
    -    * Creates the SSL Context for the client if SSL is configured.
    +    * Configuration settings and key/trustmanager instances to set up an 
SSL client connection.
    +    */
    +   public static class SSLClientConfiguration {
    +           public final String sslProtocolVersion;
    +           public final TrustManagerFactory trustManagerFactory;
    +           public final int sessionCacheSize;
    +           public final int sessionTimeoutMs;
    +           public final int handshakeTimeoutMs;
    +           public final int closeNotifyFlushTimeoutMs;
    +
    +           public SSLClientConfiguration(
    +                           String sslProtocolVersion,
    +                           TrustManagerFactory trustManagerFactory,
    +                           int sessionCacheSize,
    +                           int sessionTimeoutMs,
    +                           int handshakeTimeoutMs,
    +                           int closeNotifyFlushTimeoutMs) {
    +                   this.sslProtocolVersion = sslProtocolVersion;
    +                   this.trustManagerFactory = trustManagerFactory;
    +                   this.sessionCacheSize = sessionCacheSize;
    +                   this.sessionTimeoutMs = sessionTimeoutMs;
    +                   this.handshakeTimeoutMs = handshakeTimeoutMs;
    +                   this.closeNotifyFlushTimeoutMs = 
closeNotifyFlushTimeoutMs;
    +           }
    +   }
    +
    +   /**
    +    * Creates necessary helper objects to use for creating an SSL Context 
for the client if SSL is
    +    * configured.
         *
         * @param sslConfig
         *        The application configuration
    -    * @return The SSLContext object which can be used by the ssl transport 
client
    -    *             Returns null if SSL is disabled
    +    * @return The SSLClientConfiguration object which can be used for 
creating some SSL context object;
    +    *             returns <tt>null</tt> if SSL is disabled.
         * @throws Exception
         *         Thrown if there is any misconfiguration
         */
        @Nullable
    -   public static SSLContext createSSLClientContext(Configuration 
sslConfig) throws Exception {
    -
    +   public static SSLClientConfiguration 
createSSLClientConfiguration(Configuration sslConfig) throws Exception {
                Preconditions.checkNotNull(sslConfig);
    -           SSLContext clientSSLContext = null;
     
                if (getSSLEnabled(sslConfig)) {
    --- End diff --
    
    reverse if/else conditions and `Optional`
    ```
    if (!getSSLEnabled(...)) {
      return Optional.empty();
    }


---

Reply via email to