Maxwell-Guo commented on code in PR #3908: URL: https://github.com/apache/cassandra/pull/3908#discussion_r1973535463
########## src/java/org/apache/cassandra/security/FileBasedSslContextFactory.java: ########## @@ -294,5 +301,38 @@ protected boolean passwordMatchesIfPresent(String keyPassword) { return StringUtils.isEmpty(password) || keyPassword.equals(password); } + + private static String resolvePassword(String keystoreFilePath, String password, String passwordFilePath) + { + if (password != null) + return password; + + if (StringUtils.isEmpty(passwordFilePath)) + return password; + + File keystorePasswordFile = new File(passwordFilePath); + + if (!keystorePasswordFile.exists()) + { + final String msg = format("keystore password file %s does not exist", keystorePasswordFile.path()); + throw new ConfigurationException(msg); + } + + try + { + // we expect a password to be on the first line + List<String> lines = FileUtils.readLines(keystorePasswordFile); Review Comment: should we skip the first line if it is empty ? I tested if we set two lines in a password_file with ``` cassandra ``` then I got two lines here with first line of "". So does this meet our expectations? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org For additional commands, e-mail: pr-h...@cassandra.apache.org