Remove leftover guicyness from client ssl service
Original commit: elastic/x-pack-elasticsearch@f362097ad7
This commit is contained in:
Ryan Ernst
parent
07bb586f1e
commit
8407f6aaf6
|
|
@ -159,9 +159,10 @@ public class Security implements ActionPlugin {
|
|||
modules.add(new SecurityModule(settings));
|
||||
modules.add(new SecurityTransportModule(settings));
|
||||
modules.add(b -> {
|
||||
// for transport client we still must construct these ssl classes with guice
|
||||
// for transport client we still must inject these ssl classes with guice
|
||||
b.bind(ServerSSLService.class).toProvider(Providers.<ServerSSLService>of(null));
|
||||
b.bind(ClientSSLService.class).toInstance(new ClientSSLService(settings, new SSLConfiguration.Global(settings)));
|
||||
b.bind(ClientSSLService.class).toInstance(
|
||||
new ClientSSLService(settings, null, new SSLConfiguration.Global(settings), null));
|
||||
});
|
||||
|
||||
return modules;
|
||||
|
|
@ -206,10 +207,7 @@ public class Security implements ActionPlugin {
|
|||
}
|
||||
|
||||
final SSLConfiguration.Global globalSslConfig = new SSLConfiguration.Global(settings);
|
||||
// client ssl still has an injected ctor b/c it is used by transport client, and
|
||||
// there environmet and resource watcher do not exist, so we must set them after construction
|
||||
final ClientSSLService clientSSLService = new ClientSSLService(settings, globalSslConfig);
|
||||
clientSSLService.setEnvAndResourceWatcher(env, resourceWatcherService);
|
||||
final ClientSSLService clientSSLService = new ClientSSLService(settings, env, globalSslConfig, resourceWatcherService);
|
||||
final ServerSSLService serverSSLService = new ServerSSLService(settings, env, globalSslConfig, resourceWatcherService);
|
||||
|
||||
return Arrays.asList(clientSSLService, serverSSLService);
|
||||
|
|
|
|||
|
|
@ -151,8 +151,7 @@ public class ESNativeRealmMigrateTool extends MultiCommand {
|
|||
if ("https".equalsIgnoreCase(uri.getScheme())) {
|
||||
Settings sslSettings = settings.getByPrefix(setting("http.ssl."));
|
||||
SSLConfiguration.Global globalConfig = new SSLConfiguration.Global(settings);
|
||||
final ClientSSLService sslService = new ClientSSLService(sslSettings, globalConfig);
|
||||
sslService.setEnvAndResourceWatcher(env, null);
|
||||
final ClientSSLService sslService = new ClientSSLService(sslSettings, env, globalConfig, null);
|
||||
final HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection();
|
||||
AccessController.doPrivileged(new PrivilegedAction<Void>() {
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -42,9 +42,9 @@ public abstract class AbstractSSLService extends AbstractComponent {
|
|||
private final ConcurrentHashMap<SSLConfiguration, SSLContext> sslContexts = new ConcurrentHashMap<>();
|
||||
private final SSLContextCacheLoader cacheLoader = new SSLContextCacheLoader();
|
||||
|
||||
protected SSLConfiguration globalSSLConfiguration;
|
||||
protected Environment env;
|
||||
protected ResourceWatcherService resourceWatcherService;
|
||||
protected final SSLConfiguration globalSSLConfiguration;
|
||||
protected final Environment env;
|
||||
protected final ResourceWatcherService resourceWatcherService;
|
||||
|
||||
public AbstractSSLService(Settings settings, Environment environment, Global globalSSLConfiguration,
|
||||
ResourceWatcherService resourceWatcherService) {
|
||||
|
|
|
|||
|
|
@ -12,13 +12,9 @@ import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
|
|||
|
||||
public class ClientSSLService extends AbstractSSLService {
|
||||
|
||||
public ClientSSLService(Settings settings, Global globalSSLConfiguration) {
|
||||
super(settings, null, globalSSLConfiguration, null);
|
||||
}
|
||||
|
||||
public void setEnvAndResourceWatcher(Environment environment, ResourceWatcherService resourceWatcherService) {
|
||||
this.env = environment;
|
||||
this.resourceWatcherService = resourceWatcherService;
|
||||
public ClientSSLService(Settings settings, Environment env, Global globalSSLConfiguration,
|
||||
ResourceWatcherService resourceWatcherService) {
|
||||
super(settings, env, globalSSLConfiguration, resourceWatcherService);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -43,8 +43,7 @@ public class AbstractActiveDirectoryIntegTests extends ESTestCase {
|
|||
}
|
||||
globalSettings = builder.build();
|
||||
Environment environment = new Environment(globalSettings);
|
||||
clientSSLService = new ClientSSLService(globalSettings, new Global(globalSettings));
|
||||
clientSSLService.setEnvAndResourceWatcher(environment, null);
|
||||
clientSSLService = new ClientSSLService(globalSettings, environment, new Global(globalSettings), null);
|
||||
}
|
||||
|
||||
Settings buildAdSettings(String ldapUrl, String adDomainName, String userSearchDN, LdapSearchScope scope,
|
||||
|
|
|
|||
|
|
@ -40,8 +40,7 @@ public abstract class GroupsResolverTestCase extends ESTestCase {
|
|||
}
|
||||
Settings settings = builder.build();
|
||||
Environment env = new Environment(settings);
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
|
||||
clientSSLService.setEnvAndResourceWatcher(env, null);
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, env, new Global(settings), null);
|
||||
|
||||
LDAPURL ldapurl = new LDAPURL(ldapUrl());
|
||||
LDAPConnectionOptions options = new LDAPConnectionOptions();
|
||||
|
|
|
|||
|
|
@ -75,8 +75,7 @@ public class LdapUserSearchSessionFactoryTests extends LdapTestCase {
|
|||
.put("xpack.security.ssl.keystore.path", keystore)
|
||||
.put("xpack.security.ssl.keystore.password", "changeit")
|
||||
.build();
|
||||
clientSSLService = new ClientSSLService(settings, new Global(settings));
|
||||
clientSSLService.setEnvAndResourceWatcher(env, null);
|
||||
clientSSLService = new ClientSSLService(settings, env, new Global(settings), null);
|
||||
|
||||
globalSettings = Settings.builder().put("path.home", createTempDir()).build();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -58,8 +58,7 @@ public class OpenLdapTests extends ESTestCase {
|
|||
}
|
||||
globalSettings = builder.build();
|
||||
Environment environment = new Environment(globalSettings);
|
||||
clientSSLService = new ClientSSLService(globalSettings, new Global(globalSettings));
|
||||
clientSSLService.setEnvAndResourceWatcher(environment, null);
|
||||
clientSSLService = new ClientSSLService(globalSettings, environment, new Global(globalSettings), null);
|
||||
}
|
||||
|
||||
public void testConnect() throws Exception {
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ public class ClientSSLServiceTests extends ESTestCase {
|
|||
.put("xpack.security.ssl.truststore.path", testclientStore)
|
||||
.put("xpack.security.ssl.truststore.password", "testclient")
|
||||
.build();
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, null, new Global(settings), null);
|
||||
clientSSLService.createSSLEngine();
|
||||
fail("expected an exception");
|
||||
} catch (ElasticsearchException e) {
|
||||
|
|
@ -284,8 +284,7 @@ public class ClientSSLServiceTests extends ESTestCase {
|
|||
}
|
||||
|
||||
private ClientSSLService createClientSSLService(Settings settings) {
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
|
||||
clientSSLService.setEnvAndResourceWatcher(env, null);
|
||||
ClientSSLService clientSSLService = new ClientSSLService(settings, env, new Global(settings), null);
|
||||
return clientSSLService;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,8 +44,7 @@ public class SecurityNetty3TransportTests extends ESTestCase {
|
|||
Environment env = new Environment(Settings.builder().put("path.home", createTempDir()).build());
|
||||
Global globalSSLConfiguration = new Global(settings);
|
||||
serverSSLService = new ServerSSLService(settings, env, globalSSLConfiguration, null);
|
||||
clientSSLService = new ClientSSLService(settings, globalSSLConfiguration);
|
||||
clientSSLService.setEnvAndResourceWatcher(env, null);
|
||||
clientSSLService = new ClientSSLService(settings, env, globalSSLConfiguration, null);
|
||||
}
|
||||
|
||||
public void testThatSSLCanBeDisabledByProfile() throws Exception {
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ public class SslClientAuthTests extends SecurityIntegTestCase {
|
|||
Settings settings = Settings.builder()
|
||||
.put(getSSLSettingsForStore("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testclient.jks", "testclient"))
|
||||
.build();
|
||||
ClientSSLService sslService = new ClientSSLService(settings, new Global(settings));
|
||||
ClientSSLService sslService = new ClientSSLService(settings, null, new Global(settings), null);
|
||||
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
|
||||
sslService.sslContext(),
|
||||
NoopHostnameVerifier.INSTANCE);
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ public class SslIntegrationTests extends SecurityIntegTestCase {
|
|||
Settings settings = Settings.builder()
|
||||
.put(getSSLSettingsForStore("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testclient.jks", "testclient"))
|
||||
.build();
|
||||
ClientSSLService service = new ClientSSLService(settings, new Global(settings));
|
||||
ClientSSLService service = new ClientSSLService(settings, null, new Global(settings), null);
|
||||
|
||||
CredentialsProvider provider = new BasicCredentialsProvider();
|
||||
provider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(nodeClientUsername(),
|
||||
|
|
|
|||
Loading…
Reference in New Issue