public void initChannel(SocketChannel ch) throws Exception { if (conf.isUseTls()) { SslContext sslCtx; // Set client certificate if available AuthenticationDataProvider authData = conf.getAuthentication().getAuthData(); if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath(), (X509Certificate[]) authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath()); } ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc())); ch.pipeline().addLast("ByteBufPairEncoder", ByteBufPair.COPYING_ENCODER); } else { ch.pipeline().addLast("ByteBufPairEncoder", ByteBufPair.ENCODER); } ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(MaxMessageSize, 0, 4, 0, 4)); ch.pipeline().addLast("handler", clientCnxSupplier.get()); } });
if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createNettySslContextForClient(tlsAllowInsecureConnection, tlsTrustCertsFilePath, authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContextForClient(tlsAllowInsecureConnection, tlsTrustCertsFilePath);
public void initChannel(SocketChannel ch) throws Exception { if (conf.isUseTls()) { SslContext sslCtx; // Set client certificate if available AuthenticationDataProvider authData = conf.getAuthentication().getAuthData(); if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath(), (X509Certificate[]) authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath()); } ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc())); ch.pipeline().addLast("ByteBufPairEncoder", ByteBufPair.COPYING_ENCODER); } else { ch.pipeline().addLast("ByteBufPairEncoder", ByteBufPair.ENCODER); } ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(MaxMessageSize, 0, 4, 0, 4)); ch.pipeline().addLast("handler", clientCnxSupplier.get()); } });
@Override protected void initChannel(SocketChannel ch) throws Exception { if (config.isTlsEnabledWithBroker()) { SslContext sslCtx; // Set client certificate if available AuthenticationDataProvider authData = authentication.getAuthData(); if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createNettySslContextForClient(config.isTlsAllowInsecureConnection(), config.getBrokerClientTrustCertsFilePath(), (X509Certificate[]) authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContextForClient(config.isTlsAllowInsecureConnection(), config.getBrokerClientTrustCertsFilePath()); } ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc())); } ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4)); ch.pipeline().addLast("proxyOutboundHandler", new ProxyBackendHandler(config, protocolVersion)); } });
trustCertificates, authData.getTlsCertificates(), authData.getTlsPrivateKey() ); } else {
if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createNettySslContextForClient(tlsAllowInsecureConnection, tlsTrustCertsFilePath, authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContextForClient(tlsAllowInsecureConnection, tlsTrustCertsFilePath);
if (authData.hasDataForTls()) { sslCtx = SecurityUtility.createSslContext(clientConfigData.isTlsAllowInsecureConnection(), trustCertificates, authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createSslContext(clientConfigData.isTlsAllowInsecureConnection(),