You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by jb...@apache.org on 2013/12/19 01:01:43 UTC
[2/3] git commit: add SSLTransportFactory.java
add SSLTransportFactory.java
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/4a6f8a66
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/4a6f8a66
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/4a6f8a66
Branch: refs/heads/trunk
Commit: 4a6f8a6610aacbe2c518bb6f8533ee5bdb943f41
Parents: 1b2a190
Author: Jonathan Ellis <jb...@apache.org>
Authored: Wed Dec 18 18:01:28 2013 -0600
Committer: Jonathan Ellis <jb...@apache.org>
Committed: Wed Dec 18 18:01:28 2013 -0600
----------------------------------------------------------------------
.../cassandra/thrift/SSLTransportFactory.java | 86 ++++++++++++++++++++
1 file changed, 86 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/4a6f8a66/src/java/org/apache/cassandra/thrift/SSLTransportFactory.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/thrift/SSLTransportFactory.java b/src/java/org/apache/cassandra/thrift/SSLTransportFactory.java
new file mode 100644
index 0000000..f828600
--- /dev/null
+++ b/src/java/org/apache/cassandra/thrift/SSLTransportFactory.java
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cassandra.thrift;
+
+import com.google.common.collect.Sets;
+import org.apache.cassandra.cli.transport.FramedTransportFactory;
+import org.apache.thrift.transport.TSSLTransportFactory;
+import org.apache.thrift.transport.TTransport;
+import org.apache.thrift.transport.TTransportException;
+
+import java.util.Map;
+import java.util.Set;
+
+public class SSLTransportFactory implements ITransportFactory
+{
+ public static final String TRUSTSTORE = "enc.truststore";
+ public static final String TRUSTSTORE_PASSWORD = "enc.truststore.password";
+ public static final String KEYSTORE = "enc.keystore";
+ public static final String KEYSTORE_PASSWORD = "enc.keystore.password";
+ public static final String PROTOCOL = "enc.protocol";
+ public static final String CIPHER_SUITES = "enc.cipher.suites";
+ public static final int SOCKET_TIMEOUT = 0;
+
+ private static final Set<String> SUPPORTED_OPTIONS = Sets.newHashSet(TRUSTSTORE,
+ TRUSTSTORE_PASSWORD,
+ KEYSTORE,
+ KEYSTORE_PASSWORD,
+ PROTOCOL,
+ CIPHER_SUITES);
+
+ private String truststore;
+ private String truststorePassword;
+ private String keystore;
+ private String keystorePassword;
+ private String protocol;
+ private String[] cipherSuites;
+
+ @Override
+ public TTransport openTransport(String host, int port) throws Exception
+ {
+ TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters(protocol, cipherSuites);
+ params.setTrustStore(truststore, truststorePassword);
+ if (null != keystore)
+ params.setKeyStore(keystore, keystorePassword);
+ TTransport trans = TSSLTransportFactory.getClientSocket(host, port, SOCKET_TIMEOUT, params);
+ return new FramedTransportFactory().getTransport(trans);
+ }
+
+ @Override
+ public void setOptions(Map<String, String> options)
+ {
+ if (options.containsKey(TRUSTSTORE))
+ truststore = options.get(TRUSTSTORE);
+ if (options.containsKey(TRUSTSTORE_PASSWORD))
+ truststorePassword = options.get(TRUSTSTORE_PASSWORD);
+ if (options.containsKey(KEYSTORE))
+ keystore = options.get(KEYSTORE);
+ if (options.containsKey(KEYSTORE_PASSWORD))
+ keystorePassword = options.get(KEYSTORE_PASSWORD);
+ if (options.containsKey(PROTOCOL))
+ protocol = options.get(PROTOCOL);
+ if (options.containsKey(CIPHER_SUITES))
+ cipherSuites = options.get(CIPHER_SUITES).split(",");
+ }
+
+ @Override
+ public Set<String> supportedOptions()
+ {
+ return SUPPORTED_OPTIONS;
+ }
+}