Github user hanm commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/184#discussion_r114086721
--- Diff: src/java/main/org/apache/zookeeper/common/ZKConfig.java ---
@@ -107,14 +99,33 @@ private void init() {
* this configuration.
*/
protected void handleBackwardCompatibility() {
- properties.put(SSL_KEYSTORE_LOCATION,
System.getProperty(SSL_KEYSTORE_LOCATION));
- properties.put(SSL_KEYSTORE_PASSWD,
System.getProperty(SSL_KEYSTORE_PASSWD));
- properties.put(SSL_TRUSTSTORE_LOCATION,
System.getProperty(SSL_TRUSTSTORE_LOCATION));
- properties.put(SSL_TRUSTSTORE_PASSWD,
System.getProperty(SSL_TRUSTSTORE_PASSWD));
- properties.put(SSL_AUTHPROVIDER,
System.getProperty(SSL_AUTHPROVIDER));
properties.put(JUTE_MAXBUFFER, System.getProperty(JUTE_MAXBUFFER));
properties.put(KINIT_COMMAND, System.getProperty(KINIT_COMMAND));
properties.put(JGSS_NATIVE, System.getProperty(JGSS_NATIVE));
+
+ ClientX509Util clientX509Util = new ClientX509Util();
+ putSSLProperties(clientX509Util);
+ properties.put(clientX509Util.getSslAuthProviderProperty(),
+
System.getProperty(clientX509Util.getSslAuthProviderProperty()));
+
+ putSSLProperties(new QuorumX509Util());
--- End diff --
Do we need this call here? This function handles backward compatibility
between old way of extracting configs from system properties and the introduce
of ZKConfig class (which was done after client-server SSL was added). Quorum
ssl does not exist before, so there is no need to handle backward compatibility
for it.
If the purpose is to populate various system properties of quorum ssl then
maybe find another place to make the initialization call?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
