[
https://issues.apache.org/jira/browse/DRILL-5431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16179374#comment-16179374
]
ASF GitHub Bot commented on DRILL-5431:
---------------------------------------
Github user parthchandra commented on a diff in the pull request:
https://github.com/apache/drill/pull/950#discussion_r140605580
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/user/UserServer.java ---
@@ -70,22 +78,80 @@
private static final org.slf4j.Logger logger =
org.slf4j.LoggerFactory.getLogger(UserServer.class);
private static final String SERVER_NAME = "Apache Drill Server";
+ private final BootStrapContext bootStrapContext;
+ private final BufferAllocator allocator;
private final UserConnectionConfig config;
+ private final SSLConfig sslConfig;
+ private Channel sslChannel;
private final UserWorker userWorker;
public UserServer(BootStrapContext context, BufferAllocator allocator,
EventLoopGroup eventLoopGroup,
UserWorker worker) throws DrillbitStartupException {
super(UserRpcConfig.getMapping(context.getConfig(),
context.getExecutor()),
allocator.getAsByteBufAllocator(),
eventLoopGroup);
+ this.bootStrapContext = context;
+ this.allocator = allocator;
this.config = new UserConnectionConfig(allocator, context, new
UserServerRequestHandler(worker));
+ this.sslChannel = null;
+ try {
+ this.sslConfig = new SSLConfigBuilder()
+ .config(bootStrapContext.getConfig())
+ .mode(SSLFactory.Mode.SERVER)
+ .initializeSSLContext(true)
+ .validateKeyStore(true)
+ .build();
+ } catch (DrillException e) {
+ throw new DrillbitStartupException(e.getMessage(), e.getCause());
+ }
this.userWorker = worker;
// Initialize Singleton instance of UserRpcMetrics.
((UserRpcMetrics)UserRpcMetrics.getInstance()).initialize(config.isEncryptionEnabled(),
allocator);
}
@Override
+ protected void setupSSL(ChannelPipeline pipe) {
+ if (sslConfig.isUserSslEnabled()) {
+
+ SSLEngine sslEngine = sslConfig.createSSLEngine(allocator, null, 0);
+ sslEngine.setUseClientMode(false);
+
+ // No need for client side authentication (HTTPS like behaviour)
+ sslEngine.setNeedClientAuth(false);
+
+ try {
+ sslEngine.setEnableSessionCreation(true);
+ } catch (Exception e) {
+ // Openssl implementation may throw this.
+ logger.debug("Session creation not enabled. Exception: {}",
e.getMessage());
+ }
--- End diff --
Fail to see why that would be better, but sure
> Support SSL
> -----------
>
> Key: DRILL-5431
> URL: https://issues.apache.org/jira/browse/DRILL-5431
> Project: Apache Drill
> Issue Type: New Feature
> Components: Client - Java, Client - ODBC
> Reporter: Sudheesh Katkam
> Assignee: Parth Chandra
>
> Support SSL between Drillbit and JDBC/ODBC drivers. Drill already supports
> HTTPS for web traffic.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
