THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
| Table of Contents |
|---|
Status
Current state: VOTING ACCEPTED
Voting thread: https://www.mail-archive.com/dev@kafka.apache.org/msg104580.html
...
JIRA:
| Jira | ||||||
|---|---|---|---|---|---|---|
|
PR: https://github.com/apache/kafka/pull/8338
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
However, Kafka configures the SSLEngine for Client and Server both modes. Hence according to existing code it would be useful to make SslEngineBuilder pluggable. That will provide us a way to configure SSLContext object in a flexible way and at the same time will allow creation of SSLEngine with Client/Server mode.
...
| Code Block |
|---|
package org.apache.kafka.common.security.auth;
import org.apache.kafka.common.Configurable;
import javax.net.ssl.SSLEngine;
import java.io.Closeable;
import java.security.KeyStore;
import java.util.Map;
import java.util.Set;
/**
* Plugin interface for allowing creation of SSLEngine object in a custom way.
* Example: You want to use custom way to load your key material and trust material needed for SSLContext.
* However, keep in mind that this is complementary to the existing Java Security Provider's mechanism and not a competing
* solution.
*/
public interface SslEngineFactory extends Configurable, Closeable {
/**
* Create a new SSLEngine object to be used by the client.
*
* @param peerHost The peer host to use. This is used in client mode if endpoint validation is enabled.
* @param peerPort The peer port to use. This is a hint and not used for validation.
* @param endpointIdentification Endpoint identification algorithm for client mode.
* @return The new SSLEngine.
*/
SSLEngine createClientSslEngine(String peerHost, int peerPort, String endpointIdentification);
/**
* Create a new SSLEngine object to be used by the server.
*
* @param peerHost The peer host to use. This is used in client mode if endpoint validation is enabled.
* @param peerPort The peer port to use. This is a hint and not used for validation.
* @return The new SSLEngine.
*/
SSLEngine createServerSslEngine(String peerHost, int peerPort);
/**
* Returns true if SSLEngine needs to be rebuilt. This method will be called when reconfiguration is triggered on
* {@link org.apache.kafka.common.security.ssl.SslFactory}. Based on the <i>nextConfigs</i>, this method will
* decide whether underlying SSLEngine object needs to be rebuilt. If this method returns true, the
* {@link org.apache.kafka.common.security.ssl.SslFactory} will re-create instance of this object and run other
* checks before deciding to use the new object for the <i>new incoming connection</i> requests.The existing connections
* are not impacted by this and will not see any changes done as part of reconfiguration.
*
* <pre>
* Example: If the implementation depends on the file based key material it can check if the file is updated
* compared to the previous/last-loaded timestamp and return true.
* </pre>
*
* @param nextConfigs The configuration we want to use.
* @return True only if the thisunderlying SSLEngine builderobject should be rebuilt.
*/
boolean shouldBeRebuilt(Map<String, Object> nextConfigs);
/**
* Returns the names of configs that may be reconfigured.
*/
Set<String> reconfigurableConfigs();
/**
* Returns keystore.
* @return
*/
KeyStore keystore();
/**
* Returns truststore.
* @return
*/
KeyStore truststore();
} |
...
This is because currently SslFactory does certain validations which we want to keep separate and mandate those checks across any possible implementation of pluggable ssl context class. Also, once we start writing the reconfigurable classes we realize that we need two classes - 1) SslEngineFactory implementation and 2) Container of the factory implementation. We believe that keeping SslFactory as Reconfigurable object and help reconfigure the underlying SslEngineFactory will simplify the implementations of SslEngineFactory.
...