smiklosovic commented on code in PR #3908:
URL: https://github.com/apache/cassandra/pull/3908#discussion_r1975004720


##########
src/java/org/apache/cassandra/security/FileBasedSslContextFactory.java:
##########
@@ -294,5 +301,38 @@ protected boolean passwordMatchesIfPresent(String 
keyPassword)
         {
             return StringUtils.isEmpty(password) || 
keyPassword.equals(password);
         }
+
+        private static String resolvePassword(String keystoreFilePath, String 
password, String passwordFilePath)
+        {
+            if (password != null)
+                return password;
+
+            if (StringUtils.isEmpty(passwordFilePath))
+                return password;

Review Comment:
   I have tested that it is indeed true, `a_config:` will be `null` in the code 
and `a_config:""` will be `""` (empty string) in the code.
   
   What we do not seem to support is "empty string in a file". If a `password` 
config is commented out and `password_file` is not, then it will read it and it 
will get 0 lines. So in that case, I think that we should return `""` - empty 
password. Because having empty file (its size is 0) represents a file _with an 
empty password_. Not _null password_.
   
   If there is no password at all, both password and password_file 
configuration properties will be commented out. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org
For additional commands, e-mail: pr-h...@cassandra.apache.org

Reply via email to