You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@zookeeper.apache.org by GitBox <gi...@apache.org> on 2020/01/16 15:01:11 UTC
[GitHub] [zookeeper] symat commented on a change in pull request #1170:
ZOOKEEPER-3643: Testing and documenting secure and unsecure ZK client
connections
symat commented on a change in pull request #1170: ZOOKEEPER-3643: Testing and documenting secure and unsecure ZK client connections
URL: https://github.com/apache/zookeeper/pull/1170#discussion_r367466370
##########
File path: zookeeper-server/src/main/java/org/apache/zookeeper/ClientCnxn.java
##########
@@ -1679,6 +1680,13 @@ States getState() {
return state;
}
+ /**
+ * Returns true if SSL connection was requested and the actual ClientCnxnSocket supports SSL
+ */
+ public boolean isSSL() {
Review comment:
well... I actually added this after your comment / change request. I thought you would think this to be a good idea :)
> Is there a way to check that we are using a secure connection?
I can imagine a use-case, when the application wants to really verify that the channel is secure before sending any sensitive data to ZooKeeper. You can simply override the SSL related config with a system property when you start the application (even by accident, simply just by forgetting to specify the system property to use Netty socket implementation), and then you run your application assuming you use SSL, but you don't.
But anyway, I don't want to make the API more complex... if you think it is unnecessary, we can drop it and revert my last commit.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services