Github user hanm commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/184#discussion_r220733326
--- Diff:
src/java/main/org/apache/zookeeper/server/quorum/QuorumCnxManager.java ---
@@ -632,37 +639,49 @@ synchronized private boolean connectOne(long sid,
InetSocketAddress electionAddr
Socket sock = null;
try {
- LOG.debug("Opening channel to server " + sid);
- sock = new Socket();
- setSockOpts(sock);
- sock.connect(electionAddr, cnxTO);
- LOG.debug("Connected to server " + sid);
+ LOG.debug("Opening channel to server " + sid);
+ if (self.isSslQuorum()) {
+ SSLSocket sslSock = x509Util.createSSLSocket();
+ setSockOpts(sslSock);
+ sslSock.connect(electionAddr, cnxTO);
+ sslSock.startHandshake();
+ sock = sslSock;
+ } else {
+ sock = new Socket();
+ setSockOpts(sock);
+ sock.connect(electionAddr, cnxTO);
+
+ }
+ LOG.debug("Connected to server " + sid);
// Sends connection request asynchronously if the quorum
// sasl authentication is enabled. This is required because
// sasl server authentication process may take few seconds to
// finish, this may delay next peer connection requests.
if (quorumSaslAuthEnabled) {
initiateConnectionAsync(sock, sid);
- } else {
- initiateConnection(sock, sid);
- }
- return true;
- } catch (UnresolvedAddressException e) {
- // Sun doesn't include the address that causes this
- // exception to be thrown, also UAE cannot be wrapped cleanly
- // so we log the exception in order to capture this critical
- // detail.
- LOG.warn("Cannot open channel to " + sid
- + " at election address " + electionAddr, e);
- closeSocket(sock);
- throw e;
- } catch (IOException e) {
- LOG.warn("Cannot open channel to " + sid
- + " at election address " + electionAddr,
- e);
+ } else { initiateConnection(sock, sid);
+ } return true;
+ } catch (UnresolvedAddressException e) {
+ // Sun doesn't include the address that causes this
+ // exception to be thrown, also UAE cannot be wrapped cleanly
+ // so we log the exception in order to capture this critical
+ // detail.
+ LOG.warn("Cannot open channel to " + sid
+ + " at election address " + electionAddr, e);
+ closeSocket(sock);
+ throw e;} catch (X509Exception e) {
--- End diff --
nit: start a new line for `} catch (X509Exception e) {`
---
