com.mapd.common.SockTransportProperties Class Reference

Collaboration diagram for com.mapd.common.SockTransportProperties:

Classes
enum	TransportType

Public Member Functions
	SockTransportProperties (String truststore_name, String truststore_passwd) throws Exception
TTransport	openClientTransport (String server_host, int port) throws org.apache.thrift.TException
TTransport	openHttpsClientTransport (String server_host, int port) throws Exception
TTransport	openHttpClientTransport (String server_host, int port) throws org.apache.thrift.TException
TServerTransport	openServerTransport (int port) throws org.apache.thrift.TException

Static Public Member Functions
static SockTransportProperties	getUnencryptedClient () throws Exception
static SockTransportProperties	getEncryptedClientDefaultTrustStore (boolean validate_server_name) throws Exception
static SockTransportProperties	getEncryptedClientSpecifiedTrustStore (String trustStoreName, String trustStorePassword) throws Exception
static SockTransportProperties	getEncryptedClientSpecifiedTrustStore (String trustStoreName, String trustStorePassword, boolean validate_server_name) throws Exception
static SockTransportProperties	getEncryptedServer (String keyStoreName, String keyStorePassword) throws Exception
static SockTransportProperties	getUnecryptedServer () throws Exception

Package Attributes
X509HostnameVerifier	x509HostnameVerifier_

Static Package Attributes
static final org.slf4j.Logger	HEAVYDBLOGGER

Private Member Functions
	SockTransportProperties (TransportType tT, String store_name, String passwd, boolean validate_server_name) throws Exception
	SockTransportProperties (TransportType transportType, boolean validate_server_name) throws Exception
void	initializeAcceptedIssuers (KeyStore trust_store) throws Exception
TTransport	openBinaryEncrypted (String server_host, int port) throws org.apache.thrift.TException
TServerTransport	openServerTransportEncrypted (int port) throws org.apache.thrift.TException

Private Attributes
TrustManager[]	trustManagers
TransportType	transportType = null
KeyManager[]	keyManagers
String	key_store_name = null
char[]	key_store_password = null

Detailed Description

Definition at line 34 of file SockTransportProperties.java.

Constructor & Destructor Documentation

com.mapd.common.SockTransportProperties.SockTransportProperties ( String  truststore_name, String  truststore_passwd  ) throws Exception

inline

public constructor (for backward compatibility)

Definition at line 107 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedClientSpecifiedTrustStore.

Referenced by com.mapd.common.SockTransportProperties.getEncryptedClientDefaultTrustStore(), com.mapd.common.SockTransportProperties.getEncryptedClientSpecifiedTrustStore(), com.mapd.common.SockTransportProperties.getEncryptedServer(), com.mapd.common.SockTransportProperties.getUnecryptedServer(), and com.mapd.common.SockTransportProperties.getUnencryptedClient().

                           {
    this(TransportType.encryptedClientSpecifiedTrustStore,
            truststore_name,
            truststore_passwd,
            true);
  }

Here is the caller graph for this function:

com.mapd.common.SockTransportProperties.SockTransportProperties ( TransportType  tT, String  store_name, String  passwd, boolean  validate_server_name  ) throws Exception

inlineprivate

private constructors called from public static methods

Definition at line 116 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.initializeAcceptedIssuers(), com.mapd.common.SockTransportProperties.key_store_name, com.mapd.common.SockTransportProperties.key_store_password, com.mapd.common.SockTransportProperties.transportType, and com.mapd.common.SockTransportProperties.x509HostnameVerifier_.

                                                         {
    x509HostnameVerifier_ = (validate_server_name == true)
            ? SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER
            : SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
    transportType = tT;

    char[] store_password = "".toCharArray();
    if (passwd != null && !passwd.isEmpty()) {
      store_password = passwd.toCharArray();
    }
    switch (transportType) {
      case encryptedServer: {
        key_store_password = store_password;
        key_store_name = store_name;
        break;
      }
      case encryptedClientSpecifiedTrustStore: {
        if (store_name == null) {
          initializeAcceptedIssuers(null);
        } else {
          KeyStore trust_store = KeyStore.getInstance(KeyStore.getDefaultType());
          try {
            java.io.FileInputStream fis = new java.io.FileInputStream(store_name);
            trust_store.load(fis, store_password);
          } catch (Exception eX) {
            String err_str =
                    new String("Error loading key/trust store [" + store_name + "]");
            HEAVYDBLOGGER.error(err_str, eX);
            throw(eX);
          }
          initializeAcceptedIssuers(trust_store);
        }
        break;
      }
      default: {
        String errStr = new String(
                "Invalid transportType [" + transportType + "] used in constructor");
        RuntimeException rE = new RuntimeException(errStr);
        HEAVYDBLOGGER.error(errStr, rE);
        throw(rE);
      }
    }
  }

Here is the call graph for this function:

com.mapd.common.SockTransportProperties.SockTransportProperties ( TransportType  transportType, boolean  validate_server_name  ) throws Exception

inlineprivate

Definition at line 163 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.initializeAcceptedIssuers(), com.mapd.common.SockTransportProperties.transportType, and com.mapd.common.SockTransportProperties.x509HostnameVerifier_.

                                                                                      {
    x509HostnameVerifier_ = (validate_server_name == true)
            ? SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER
            : SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
    this.transportType = transportType;
    switch (transportType) {
      case encryptedClientDefaultTrustStore:
        // load default trust_store
        initializeAcceptedIssuers((KeyStore) null);
        break;
      case unencryptedClient:
      case unencryptedServer:
        break;
      default:
        String errStr = new String(
                "Invalid transportType [" + transportType + "] used in constructor");
        RuntimeException rE = new RuntimeException(errStr);
        HEAVYDBLOGGER.error(errStr, rE);
        throw(rE);
    }
  }

Here is the call graph for this function:

Member Function Documentation

static SockTransportProperties com.mapd.common.SockTransportProperties.getEncryptedClientDefaultTrustStore ( boolean  validate_server_name ) throws Exception

inlinestatic

Encrypted Client method

Definition at line 52 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedClientDefaultTrustStore, and com.mapd.common.SockTransportProperties.SockTransportProperties().

                                                         {
    return new SockTransportProperties(
            TransportType.encryptedClientDefaultTrustStore, validate_server_name);
  }

Here is the call graph for this function:

static SockTransportProperties com.mapd.common.SockTransportProperties.getEncryptedClientSpecifiedTrustStore ( String  trustStoreName, String  trustStorePassword  ) throws Exception

inlinestatic

Definition at line 59 of file SockTransportProperties.java.

                                                                             {
    return getEncryptedClientSpecifiedTrustStore(
            trustStoreName, trustStorePassword, true);
  }

static SockTransportProperties com.mapd.common.SockTransportProperties.getEncryptedClientSpecifiedTrustStore ( String  trustStoreName, String  trustStorePassword, boolean  validate_server_name  ) throws Exception

inlinestatic

Definition at line 64 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedClientSpecifiedTrustStore, and com.mapd.common.SockTransportProperties.SockTransportProperties().

                           {
    return new SockTransportProperties(TransportType.encryptedClientSpecifiedTrustStore,
            trustStoreName,
            trustStorePassword,
            validate_server_name);
  }

Here is the call graph for this function:

static SockTransportProperties com.mapd.common.SockTransportProperties.getEncryptedServer ( String  keyStoreName, String  keyStorePassword  ) throws Exception

inlinestatic

Server methods

Definition at line 74 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedServer, and com.mapd.common.SockTransportProperties.SockTransportProperties().

                                                                         {
    boolean validate_server_name = false;
    if (keyStoreName == null || keyStorePassword == null) {
      String errStr = new String(
              "Invalid null parameter(s) used for getEncryptedServer. Both keyStoreName and keyStorePassword must be specified");
      RuntimeException rE = new RuntimeException(errStr);
      HEAVYDBLOGGER.error(errStr, rE);
      throw(rE);
    }
    return new SockTransportProperties(TransportType.encryptedServer,
            keyStoreName,
            keyStorePassword,
            validate_server_name);
  }

Here is the call graph for this function:

static SockTransportProperties com.mapd.common.SockTransportProperties.getUnecryptedServer ( ) throws Exception

inlinestatic

Definition at line 90 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.SockTransportProperties(), and com.mapd.common.SockTransportProperties.TransportType.unencryptedServer.

                                                                               {
    boolean validate_server_name = false;
    return new SockTransportProperties(
            TransportType.unencryptedServer, validate_server_name);
  }

Here is the call graph for this function:

static SockTransportProperties com.mapd.common.SockTransportProperties.getUnencryptedClient ( ) throws Exception

inlinestatic

Unencrypted Client method

Definition at line 46 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.SockTransportProperties(), and com.mapd.common.SockTransportProperties.TransportType.unencryptedClient.

Referenced by com.mapd.parser.extension.ddl.DDLTest.setup().

                                                                                {
    boolean validate_server_name = false;
    return new SockTransportProperties(
            TransportType.unencryptedClient, validate_server_name);
  }

Here is the call graph for this function:

Here is the caller graph for this function:

void com.mapd.common.SockTransportProperties.initializeAcceptedIssuers ( KeyStore  trust_store ) throws Exception

inlineprivate

end private constructors

Definition at line 187 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.trustManagers.

Referenced by com.mapd.common.SockTransportProperties.SockTransportProperties().

                                                                                {
    // Initialize a trust manager to either the  trust store already loaded or the
    // default trust store. Order of searching for  default is:
    // 1. system property javax.net.ssl.trustStore
    // 2. <java-home>/lib/security/jssecacerts
    // 3. <java-home</lib/security/cacerts

    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
    // If trust_store is null init will load the default trust_store
    trustManagerFactory.init(trust_store);
    trustManagers = trustManagerFactory.getTrustManagers();
  }

Here is the caller graph for this function:

TTransport com.mapd.common.SockTransportProperties.openBinaryEncrypted ( String  server_host, int  port  ) throws org.apache.thrift.TException

inlineprivate

Definition at line 228 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.trustManagers.

Referenced by com.mapd.common.SockTransportProperties.openClientTransport().

                                              {
    // Used to set Socket.setSoTimeout ms. 0 == inifinite.
    int socket_so_timeout_ms = 0;
    TSocket tsocket = null;
    try {
      SSLContext sc = SSLContext.getInstance("TLS");
      sc.init(null, trustManagers, new java.security.SecureRandom());

      SSLSocket sx = (SSLSocket) sc.getSocketFactory().createSocket(server_host, port);
      sx.setSoTimeout(socket_so_timeout_ms);
      tsocket = new TSocket(sx);
    } catch (Exception ex) {
      String errStr = new String("Error openBinaryEncrypted [" + server_host + ":" + port
              + "] used in openClientTransport - ");
      errStr += ex.toString();
      RuntimeException rE = new RuntimeException(errStr);
      HEAVYDBLOGGER.error(errStr, rE);
      throw(rE);
    }
    return tsocket;
  }

Here is the caller graph for this function:

TTransport com.mapd.common.SockTransportProperties.openClientTransport ( String  server_host, int  port  ) throws org.apache.thrift.TException

inline

Definition at line 207 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.openBinaryEncrypted(), and com.mapd.common.SockTransportProperties.transportType.

                                              {
    TTransport tTransport = null;
    switch (transportType) {
      case encryptedClientDefaultTrustStore:
      case encryptedClientSpecifiedTrustStore:
        tTransport = openBinaryEncrypted(server_host, port);
        break;
      case unencryptedClient:
        tTransport = new TSocket(server_host, port);
        break;
      default:
        String errStr = new String("Invalid transportType [" + transportType
                + "] used in openClientTransport");
        RuntimeException rE = new RuntimeException(errStr);
        HEAVYDBLOGGER.error(errStr, rE);
        throw(rE);
    }
    return tTransport;
  }

Here is the call graph for this function:

TTransport com.mapd.common.SockTransportProperties.openHttpClientTransport ( String  server_host, int  port  ) throws org.apache.thrift.TException

inline

Definition at line 287 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.transportType, and com.mapd.common.SockTransportProperties.TransportType.unencryptedClient.

                                              {
    if (transportType != TransportType.unencryptedClient) {
      String errStr = new String("Invalid transportType [" + transportType
              + "] used in openHttpClientTransport");
      RuntimeException rE = new RuntimeException(errStr);
      HEAVYDBLOGGER.error(errStr, rE);
      throw(rE);
    }

    String url = "http://" + server_host + ":" + port;
    return (new THttpClient(url));
  }

TTransport com.mapd.common.SockTransportProperties.openHttpsClientTransport ( String  server_host, int  port  ) throws Exception

inline

Definition at line 251 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedClientDefaultTrustStore, com.mapd.common.SockTransportProperties.TransportType.encryptedClientSpecifiedTrustStore, com.mapd.common.SockTransportProperties.transportType, com.mapd.common.SockTransportProperties.trustManagers, and com.mapd.common.SockTransportProperties.x509HostnameVerifier_.

                           {
    if (transportType != TransportType.encryptedClientDefaultTrustStore
            && transportType != TransportType.encryptedClientSpecifiedTrustStore) {
      String errStr = new String("Invalid transportType [" + transportType
              + "] used in openHttpsClientTransport");
      RuntimeException rE = new RuntimeException(errStr);
      HEAVYDBLOGGER.error(errStr, rE);
      throw(rE);
    }
    TTransport transport = null;

    try {
      SSLContext sc = SSLContext.getInstance("TLS");
      sc.init(null, trustManagers, new java.security.SecureRandom());
      SSLConnectionSocketFactory sslConnectionSocketFactory = null;
      sslConnectionSocketFactory =
              new SSLConnectionSocketFactory(sc, x509HostnameVerifier_);

      CloseableHttpClient closeableHttpClient =
              HttpClients.custom()
                      .setSSLSocketFactory(sslConnectionSocketFactory)
                      .build();
      transport =
              new THttpClient("https://" + server_host + ":" + port, closeableHttpClient);

    } catch (Exception ex) {
      String err_str = new String("Exception:" + ex.getClass().getCanonicalName()
              + " thrown. Unable to create Secure socket for the HTTPS connection");
      HEAVYDBLOGGER.error(err_str, ex);
      throw ex;
    }

    return transport;
  }

TServerTransport com.mapd.common.SockTransportProperties.openServerTransport ( int  port ) throws org.apache.thrift.TException

inline

Definition at line 304 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.TransportType.encryptedServer, com.mapd.common.SockTransportProperties.openServerTransportEncrypted(), com.mapd.common.SockTransportProperties.transportType, and com.mapd.common.SockTransportProperties.TransportType.unencryptedServer.

                                              {
    if (transportType == TransportType.encryptedServer) {
      return openServerTransportEncrypted(port);
    } else if (transportType == TransportType.unencryptedServer) {
      return (new TServerSocket(port));
    } else {
      String errStr = new String("Invalid transportType [" + transportType
              + "] used in openServerTransport");
      RuntimeException rE = new RuntimeException(errStr);
      HEAVYDBLOGGER.error(errStr, rE);
      throw(rE);
    }
  }

Here is the call graph for this function:

TServerTransport com.mapd.common.SockTransportProperties.openServerTransportEncrypted ( int  port ) throws org.apache.thrift.TException

inlineprivate

Definition at line 319 of file SockTransportProperties.java.

References com.mapd.common.SockTransportProperties.key_store_name, and com.mapd.common.SockTransportProperties.key_store_password.

Referenced by com.mapd.common.SockTransportProperties.openServerTransport().

                                              {
    // Used to set Socket.setSoTimeout ms. 0 == inifinite.
    int socket_so_timeout_ms = 0;
    TSSLTransportFactory.TSSLTransportParameters params =
            new TSSLTransportFactory.TSSLTransportParameters();
    params.setKeyStore(key_store_name,
            (key_store_password != null) ? new String(key_store_password) : null);
    params.requireClientAuth(false);

    // return TSSLTransportFactory.getClientSocket(server_host, port,
    // socket_so_timeout_ms, params);
    TServerTransport t = TSSLTransportFactory.getServerSocket(
            port, socket_so_timeout_ms, null, params);
    return t;
  }

Here is the caller graph for this function:

Member Data Documentation

final org.slf4j.Logger com.mapd.common.SockTransportProperties.HEAVYDBLOGGER

staticpackage

Initial value:

=
          LoggerFactory.getLogger(SockTransportProperties.class)

Definition at line 35 of file SockTransportProperties.java.

String com.mapd.common.SockTransportProperties.key_store_name = null

private

Definition at line 339 of file SockTransportProperties.java.

Referenced by com.mapd.common.SockTransportProperties.openServerTransportEncrypted(), and com.mapd.common.SockTransportProperties.SockTransportProperties().

char [] com.mapd.common.SockTransportProperties.key_store_password = null

private

Definition at line 340 of file SockTransportProperties.java.

Referenced by com.mapd.common.SockTransportProperties.openServerTransportEncrypted(), and com.mapd.common.SockTransportProperties.SockTransportProperties().

KeyManager [] com.mapd.common.SockTransportProperties.keyManagers

private

Definition at line 338 of file SockTransportProperties.java.

TransportType com.mapd.common.SockTransportProperties.transportType = null

private

Definition at line 337 of file SockTransportProperties.java.

Referenced by com.mapd.common.SockTransportProperties.openClientTransport(), com.mapd.common.SockTransportProperties.openHttpClientTransport(), com.mapd.common.SockTransportProperties.openHttpsClientTransport(), com.mapd.common.SockTransportProperties.openServerTransport(), and com.mapd.common.SockTransportProperties.SockTransportProperties().

TrustManager [] com.mapd.common.SockTransportProperties.trustManagers

private

Definition at line 336 of file SockTransportProperties.java.

Referenced by com.mapd.common.SockTransportProperties.initializeAcceptedIssuers(), com.mapd.common.SockTransportProperties.openBinaryEncrypted(), and com.mapd.common.SockTransportProperties.openHttpsClientTransport().

X509HostnameVerifier com.mapd.common.SockTransportProperties.x509HostnameVerifier_

package

Initial value:

=
          SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

Definition at line 341 of file SockTransportProperties.java.

Referenced by com.mapd.common.SockTransportProperties.openHttpsClientTransport(), and com.mapd.common.SockTransportProperties.SockTransportProperties().

---

The documentation for this class was generated from the following file:

• /home/jenkins-slave/workspace/core-os-doxygen/java/heavydbcommon/src/main/java/com/mapd/common/SockTransportProperties.java