Adding TLS for NettyMessaging and configurable on NettyMessagingManager through JAVA_OPTS Change-Id: I5e77658cbae70d3facbe9e1f56c9fa9fcf0e00cc

commit: 39eb4295db164a60981f14076df8ec293b9c66d4 [log] [tgz]
author: JunHuy Lam <junhuy@yahoo.com> Fri Jun 26 17:24:23 2015 +0900
committer: Gerrit Code Review <gerrit@onlab.us> Tue Jun 30 18:09:14 2015 +0000
tree: c6f2e7eaa2a8e48a24832ae7d6d079ce48964b42
parent: 3d76c942c4542de8a1797200f8f9001c3721a55c [diff] [blame]
diff --git a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java
index 4777fdb..8b2cc8e 100644
--- a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java
+++ b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java

@@ -1,5 +1,6 @@
 package org.onosproject.store.cluster.messaging.impl;
 
+import com.google.common.base.Strings;
 import org.apache.felix.scr.annotations.Activate;
 import org.apache.felix.scr.annotations.Component;
 import org.apache.felix.scr.annotations.Deactivate;
@@ -22,12 +23,15 @@
 
     private final Logger log = LoggerFactory.getLogger(getClass());
 
+    private static final short MIN_KS_LENGTH = 6;
+
     @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
     protected ClusterDefinitionService clusterDefinitionService;
 
     @Activate
     public void activate() throws Exception {
         ControllerNode localNode = clusterDefinitionService.localNode();
+        getTLSParameters();
         super.start(new Endpoint(localNode.ip(), localNode.tcpPort()));
         log.info("Started");
     }
@@ -37,4 +41,32 @@
         super.stop();
         log.info("Stopped");
     }
-}
\ No newline at end of file
+
+    private void getTLSParameters() {
+        String tempString = System.getProperty("enableNettyTLS");
+        enableNettyTLS = Strings.isNullOrEmpty(tempString) ? TLS_DISABLED : Boolean.parseBoolean(tempString);
+        log.info("enableNettyTLS = {}", enableNettyTLS);
+        if (enableNettyTLS) {
+            ksLocation = System.getProperty("javax.net.ssl.keyStore");
+            if (Strings.isNullOrEmpty(ksLocation)) {
+                enableNettyTLS = TLS_DISABLED;
+                return;
+            }
+            tsLocation = System.getProperty("javax.net.ssl.trustStore");
+            if (Strings.isNullOrEmpty(tsLocation)) {
+                enableNettyTLS = TLS_DISABLED;
+                return;
+            }
+            ksPwd = System.getProperty("javax.net.ssl.keyStorePassword").toCharArray();
+            if (MIN_KS_LENGTH > ksPwd.length) {
+                enableNettyTLS = TLS_DISABLED;
+                return;
+            }
+            tsPwd = System.getProperty("javax.net.ssl.trustStorePassword").toCharArray();
+            if (MIN_KS_LENGTH > tsPwd.length) {
+                enableNettyTLS = TLS_DISABLED;
+                return;
+            }
+        }
+    }
+}
commit	39eb4295db164a60981f14076df8ec293b9c66d4	[log] [tgz]
author	JunHuy Lam <junhuy@yahoo.com>	Fri Jun 26 17:24:23 2015 +0900
committer	Gerrit Code Review <gerrit@onlab.us>	Tue Jun 30 18:09:14 2015 +0000
tree	c6f2e7eaa2a8e48a24832ae7d6d079ce48964b42
parent	3d76c942c4542de8a1797200f8f9001c3721a55c [diff] [blame]