Re: [PR] ZOOKEEPER-4955 Add option for enabling/disabling certificate revocation check on custom trustmanagers [zookeeper]

Mon, 04 Aug 2025 16:33:55 -0700 


anmolnar commented on code in PR #2289:
URL: https://github.com/apache/zookeeper/pull/2289#discussion_r2252790455


##########
zookeeper-server/src/main/java/org/apache/zookeeper/common/ZKConfig.java:
##########
@@ -284,4 +308,29 @@ public int getInt(String key, int defaultValue) {
         return defaultValue;
     }
 
+    /**
+     * Get the value of the <code>key</code> property as an
+     * <code>SslRevocationEnabled</code> enum. If property is not set
+     * <code>SslRevocationEnabled.LEGACY</code> is returned.
+     *
+     * @param key
+     * @return the SslRevocationEnabled enum
+     * @throws IllegalArgumentException if the value cannot be parsed
+     */
+    public SslRevocationEnabled getSslRevocationEnabled(String key) throws 
SSLContextException {
+        String value = getTrimmedProperty(key);
+        if (value == null || 
value.equalsIgnoreCase(SslRevocationEnabled.LEGACY.toString())) {
+            return SslRevocationEnabled.LEGACY;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.JAVA_DEFAULT.toString())) {
+            return SslRevocationEnabled.JAVA_DEFAULT;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.TRUE.toString())) {
+            return SslRevocationEnabled.TRUE;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.FALSE.toString())) {
+            return SslRevocationEnabled.FALSE;

Review Comment:
   What if...?
   ```java
   SslRevocationEnabled value = SslRevocationEnabled.valueOf(getProperty(key, 
SslRevocationEnabled.LEGACY.toString()));
   if (value == null) {
     // Error handling...
   } else {
     return value;
   }
   ```



##########
zookeeper-server/src/main/java/org/apache/zookeeper/common/ZKConfig.java:
##########
@@ -284,4 +308,29 @@ public int getInt(String key, int defaultValue) {
         return defaultValue;
     }
 
+    /**
+     * Get the value of the <code>key</code> property as an
+     * <code>SslRevocationEnabled</code> enum. If property is not set
+     * <code>SslRevocationEnabled.LEGACY</code> is returned.
+     *
+     * @param key
+     * @return the SslRevocationEnabled enum
+     * @throws IllegalArgumentException if the value cannot be parsed
+     */
+    public SslRevocationEnabled getSslRevocationEnabled(String key) throws 
SSLContextException {
+        String value = getTrimmedProperty(key);
+        if (value == null || 
value.equalsIgnoreCase(SslRevocationEnabled.LEGACY.toString())) {
+            return SslRevocationEnabled.LEGACY;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.JAVA_DEFAULT.toString())) {
+            return SslRevocationEnabled.JAVA_DEFAULT;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.TRUE.toString())) {
+            return SslRevocationEnabled.TRUE;
+        } else if 
(value.equalsIgnoreCase(SslRevocationEnabled.FALSE.toString())) {
+            return SslRevocationEnabled.FALSE;

Review Comment:
   In this case you don't need `getTrimmedProperty()` at all.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to