Receive Supplier of SSLParameters in SslOptions

instead of SSLParameters object itself
redis · Nov 28, 2024 · f3a4b01 · f3a4b01
1 parent 46c031e
commit f3a4b01
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 19 deletions.
diff --git a/src/main/java/redis/clients/jedis/SslOptions.java b/src/main/java/redis/clients/jedis/SslOptions.java
@@ -32,6 +32,7 @@
 import java.security.KeyStore;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.util.function.Supplier;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
@@ -69,7 +70,7 @@ public class SslOptions {
 
     private final char[] truststorePassword;
 
-    private final SSLParameters sslParameters;
+    private final Supplier<SSLParameters> sslParameters;
 
     private final SslVerifyMode sslVerifyMode;
 
@@ -113,7 +114,7 @@ public static class Builder {
 
         private char[] truststorePassword = new char[0];
 
-        private SSLParameters sslParameters;
+        private Supplier<SSLParameters> sslParameters = SSLParameters::new;
 
         private SslVerifyMode sslVerifyMode = SslVerifyMode.FULL;
 
@@ -295,7 +296,7 @@ private Builder truststore(Resource resource, char[] truststorePassword) {
             return this;
         }
 
-        public Builder sslParameters(SSLParameters sslParameters) {
+        public Builder sslParameters(Supplier<SSLParameters> sslParameters) {
             this.sslParameters = sslParameters;
             return this;
         }
@@ -316,9 +317,6 @@ public Builder sslContextProtocol(String protocol) {
          * @return new instance of {@link SslOptions}
          */
         public SslOptions build() {
-            if (this.sslParameters == null) {
-                this.sslParameters = new SSLParameters();
-            }
             return new SslOptions(this);
         }
 
@@ -335,11 +333,7 @@ public SSLContext createSslContext() throws IOException, GeneralSecurityExceptio
 
         TrustManager[] trustManagers = null;
 
-        if (sslVerifyMode == SslVerifyMode.FULL) {
-            this.sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
-        } else if (sslVerifyMode == SslVerifyMode.CA) {
-            this.sslParameters.setEndpointIdentificationAlgorithm("");
-        } else if (sslVerifyMode == SslVerifyMode.INSECURE) {
+        if (sslVerifyMode == SslVerifyMode.INSECURE) {
             trustManagers = new TrustManager[] { INSECURE_TRUST_MANAGER };
         }
 
@@ -376,12 +370,16 @@ public SSLContext createSslContext() throws IOException, GeneralSecurityExceptio
         return sslContext;
     }
 
-    /**
-     * {@link #createSslContext()} must be called before this.
-     * @return {@link SSLParameters}
-     */
     public SSLParameters getSslParameters() {
-        return sslParameters;
+        SSLParameters _sslParameters = sslParameters.get();
+
+        if (sslVerifyMode == SslVerifyMode.FULL) {
+            _sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
+        } else if (sslVerifyMode == SslVerifyMode.CA) {
+            _sslParameters.setEndpointIdentificationAlgorithm("");
+        }
+
+        return _sslParameters;
     }
 
     private static char[] getPassword(String password) {

diff --git a/src/test/java/redis/clients/jedis/SSLOptionsJedisClusterTest.java b/src/test/java/redis/clients/jedis/SSLOptionsJedisClusterTest.java
@@ -95,7 +95,7 @@ public void connectToNodesFailsWithSSLParametersAndNoHostMapping() {
     try (JedisCluster jc = new JedisCluster(new HostAndPort("localhost", 8379),
         DefaultJedisClientConfig.builder().password("cluster")
             .sslOptions(SslOptions.builder()
-                .sslParameters(sslParameters)
+                .sslParameters(() -> sslParameters)
                 .truststore(new File("src/test/resources/truststore.jceks"))
                 .trustStoreType("jceks").build())
             .hostAndPortMapper(portMap).build(),
@@ -117,7 +117,7 @@ public void connectToNodesSucceedsWithSSLParametersAndHostMapping() {
     try (JedisCluster jc = new JedisCluster(new HostAndPort("localhost", 8379),
         DefaultJedisClientConfig.builder().password("cluster")
             .sslOptions(SslOptions.builder()
-                .sslParameters(sslParameters)
+                .sslParameters(() -> sslParameters)
                 .truststore(new File("src/test/resources/truststore.jceks"))
                 .trustStoreType("jceks").build())
             .hostAndPortMapper(hostAndPortMap).build(),
@@ -134,7 +134,7 @@ public void connectByIpAddressFailsWithSSLParameters() {
     try (JedisCluster jc = new JedisCluster(new HostAndPort("127.0.0.1", 8379),
         DefaultJedisClientConfig.builder().password("cluster")
             .sslOptions(SslOptions.builder()
-                .sslParameters(sslParameters)
+                .sslParameters(() -> sslParameters)
                 .truststore(new File("src/test/resources/truststore.jceks"))
                 .trustStoreType("jceks").build())
             .hostAndPortMapper(hostAndPortMap).build(),