From 86ee3fc898f6e36d877b40c93d509061ddc77913 Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Fri, 4 Aug 2023 22:20:51 +0800 Subject: [PATCH] Simplify kafka verification --- .../ui/util/InsecureSslEngineFactory.java | 67 ------------------- .../ui/util/KafkaClientSslPropertiesUtil.java | 4 +- 2 files changed, 1 insertion(+), 70 deletions(-) delete mode 100644 kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/InsecureSslEngineFactory.java diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/InsecureSslEngineFactory.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/InsecureSslEngineFactory.java deleted file mode 100644 index 510fcd2a46..0000000000 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/InsecureSslEngineFactory.java +++ /dev/null @@ -1,67 +0,0 @@ -package com.provectus.kafka.ui.util; - -import io.netty.handler.ssl.util.InsecureTrustManagerFactory; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.util.Map; -import java.util.Set; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLEngine; -import org.apache.kafka.common.security.auth.SslEngineFactory; - -public class InsecureSslEngineFactory implements SslEngineFactory { - - private SSLContext sslContext; - - @Override - public SSLEngine createClientSslEngine(String peerHost, int peerPort, String endpointIdentification) { - var trustManagers = InsecureTrustManagerFactory.INSTANCE.getTrustManagers(); - try { - this.sslContext = SSLContext.getInstance("SSL"); - sslContext.init(null, trustManagers, new SecureRandom()); - SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort); - sslEngine.setUseClientMode(true); - return sslEngine; - } catch (NoSuchAlgorithmException | KeyManagementException e) { - throw new RuntimeException(e); - } - } - - @Override - public SSLEngine createServerSslEngine(String peerHost, int peerPort) { - return null; - } - - @Override - public boolean shouldBeRebuilt(Map nextConfigs) { - return false; - } - - @Override - public Set reconfigurableConfigs() { - return null; - } - - @Override - public KeyStore keystore() { - return null; - } - - @Override - public KeyStore truststore() { - return null; - } - - @Override - public void close() { - this.sslContext = null; - } - - @Override - public void configure(Map configs) { - - } -} - diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaClientSslPropertiesUtil.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaClientSslPropertiesUtil.java index c9dda6d08a..4c42a23c9a 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaClientSslPropertiesUtil.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaClientSslPropertiesUtil.java @@ -1,7 +1,5 @@ package com.provectus.kafka.ui.util; -import static org.apache.kafka.common.config.SslConfigs.SSL_ENGINE_FACTORY_CLASS_CONFIG; - import com.provectus.kafka.ui.config.ClustersProperties; import java.util.Properties; import javax.annotation.Nullable; @@ -19,7 +17,7 @@ public final class KafkaClientSslPropertiesUtil { } if (!truststoreConfig.isVerifySsl()) { - sink.put(SSL_ENGINE_FACTORY_CLASS_CONFIG, InsecureSslEngineFactory.class); + sink.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, ""); return; }