-
Notifications
You must be signed in to change notification settings - Fork 7.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ZOOKEEPER-3443: Add support of PKCS12 trust/key stores #1003
Conversation
I didn't go super deep into this but at a superficial glance, it seems pretty straightforward. Nice addition. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
I am asking you to take the chance to clean up a bit current code and use try-with-resources.
Thank you
zookeeper-server/src/main/java/org/apache/zookeeper/common/StandardTypeFileKeyStoreLoader.java
Outdated
Show resolved
Hide resolved
zookeeper-server/src/main/java/org/apache/zookeeper/common/StandardTypeFileKeyStoreLoader.java
Outdated
Show resolved
Hide resolved
zookeeper-server/src/test/java/org/apache/zookeeper/common/X509TestContext.java
Outdated
Show resolved
Hide resolved
ed2f6d7
to
dc763d6
Compare
I guess Travis Java 11 failure is related to #1005 |
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm
This is great. Thanks @ivanyu ! |
Thank you for the approval! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 lgtm
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader. Author: Ivan Yurchenko <ivanyu@aiven.io> Reviewers: eolivelli@apache.org, andor@apache.org Closes #1003 from ivanyu/ZOOKEEPER-3443 (cherry picked from commit 1c83846) Signed-off-by: Andor Molnar <andor@apache.org>
@ivanyu Merged to master and 3.5 branches, because it's relatively straightforward and part of Quorum TLS efforts. Thanks! |
Thank you! |
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader. Author: Ivan Yurchenko <ivanyu@aiven.io> Reviewers: eolivelli@apache.org, andor@apache.org Closes apache#1003 from ivanyu/ZOOKEEPER-3443
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader. Author: Ivan Yurchenko <ivanyu@aiven.io> Reviewers: eolivelli@apache.org, andor@apache.org Closes apache#1003 from ivanyu/ZOOKEEPER-3443
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader. Author: Ivan Yurchenko <ivanyu@aiven.io> Reviewers: eolivelli@apache.org, andor@apache.org Closes apache#1003 from ivanyu/ZOOKEEPER-3443
This commit adds support of PKCS12 trust store and key store type. The existing mechanism for trust/key store types that support JKS and PEM were extended with PKCS12. The implementations of JKSFileLoader and PKCS12FileLoader were almost identical so most of it were abstracted away in StandardTypeFileKeyStoreLoader. Author: Ivan Yurchenko <ivanyu@aiven.io> Reviewers: eolivelli@apache.org, andor@apache.org Closes apache#1003 from ivanyu/ZOOKEEPER-3443 Change-Id: Ida22313eac4f69c1a678dc4ce0c7f7e329f1b2a0 (cherry picked from commit 979cb85)
This commit adds support of PKCS12 trust store and key store type.
The existing mechanism for trust/key store types that support JKS and
PEM were extended with PKCS12.
The implementations of JKSFileLoader and PKCS12FileLoader were almost
identical so most of it were abstracted away in
StandardTypeFileKeyStoreLoader.