WL#15135 patch #6: Configure TLS in Cluster/J

Part of WL#15135 Certificate Architecture Add Jtie mappings for Ndb_cluster_connection.configure_tls(). Add native method configure_tls() to Java class Ndb_cluster_connection. Add public Java method configureTls to interface ClusterConnection in clusterj-core. Map the TLS search path to a new Cluster/J connection property, com.mysql.clusterj.tls.path Cluster/J test cases will come as part of later worklogs. Change-Id: Id193d9a33a47eb7638abc58184fb990dca95db75
percona-ysorokin · Jul 14, 2023 · 116a05f · 116a05f
1 parent dd04c80
commit 116a05f
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 0 deletions.
diff --git a/storage/ndb/clusterj/clusterj-api/src/main/java/com/mysql/clusterj/Constants.java b/storage/ndb/clusterj/clusterj-api/src/main/java/com/mysql/clusterj/Constants.java
@@ -40,6 +40,12 @@ public interface Constants {
      */
     static final String PROPERTY_CLUSTER_CONNECTSTRING = "com.mysql.clusterj.connectstring";
 
+    /*** The name of the TLS Search Path property. */
+    static final String PROPERTY_TLS_SEARCH_PATH = "com.mysql.clusterj.tls.path";
+
+    /** The default value of the TLS Search Path property. */
+    static final String DEFAULT_PROPERTY_TLS_SEARCH_PATH = "$HOME/ndb-tls";
+
     /** The name of the initial timeout for cluster connection to connect to MGM before connecting to data nodes
      * <a href="http://dev.mysql.com/doc/ndbapi/en/ndb-ndb-cluster-connection.html#ndb-ndb-cluster-connection-set-timeout">Ndb_cluster_connection::set_timeout()</a>
      */

diff --git a/.../ndb/clusterj/clusterj-core/src/main/java/com/mysql/clusterj/core/SessionFactoryImpl.java b/.../ndb/clusterj/clusterj-core/src/main/java/com/mysql/clusterj/core/SessionFactoryImpl.java
@@ -75,6 +75,7 @@ public class SessionFactoryImpl implements SessionFactory, Constants {
     /** NdbCluster connect properties */
     String CLUSTER_CONNECTION_SERVICE;
     String CLUSTER_CONNECT_STRING;
+    String CLUSTER_TLS_SEARCH_PATH;
     int CLUSTER_CONNECT_TIMEOUT_MGM;
     int CLUSTER_CONNECT_RETRIES;
     int CLUSTER_CONNECT_DELAY;
@@ -189,6 +190,8 @@ protected SessionFactoryImpl(Map<?, ?> props) {
         CLUSTER_RECONNECT_TIMEOUT = getIntProperty(props,
                 PROPERTY_CONNECTION_RECONNECT_TIMEOUT, DEFAULT_PROPERTY_CONNECTION_RECONNECT_TIMEOUT);
         CLUSTER_CONNECT_STRING = getRequiredStringProperty(props, PROPERTY_CLUSTER_CONNECTSTRING);
+        CLUSTER_TLS_SEARCH_PATH = getStringProperty(props, PROPERTY_TLS_SEARCH_PATH,
+                Constants.DEFAULT_PROPERTY_TLS_SEARCH_PATH);
         CLUSTER_CONNECT_RETRIES = getIntProperty(props, PROPERTY_CLUSTER_CONNECT_RETRIES,
                 Constants.DEFAULT_PROPERTY_CLUSTER_CONNECT_RETRIES);
         CLUSTER_CONNECT_TIMEOUT_MGM = getIntProperty(props, PROPERTY_CLUSTER_CONNECT_TIMEOUT_MGM,
@@ -361,6 +364,7 @@ protected ClusterConnection createClusterConnection(
         try {
             result = service.create(CLUSTER_CONNECT_STRING, nodeId, CLUSTER_CONNECT_TIMEOUT_MGM);
             result.setByteBufferPoolSizes(CLUSTER_BYTE_BUFFER_POOL_SIZES);
+            result.configureTls(CLUSTER_TLS_SEARCH_PATH, 0);
             result.connect(CLUSTER_CONNECT_RETRIES, CLUSTER_CONNECT_DELAY,true);
             result.waitUntilReady(CLUSTER_CONNECT_TIMEOUT_BEFORE,CLUSTER_CONNECT_TIMEOUT_AFTER);
             // Cluster connection successful.

diff --git a/...clusterj/clusterj-core/src/main/java/com/mysql/clusterj/core/store/ClusterConnection.java b/...clusterj/clusterj-core/src/main/java/com/mysql/clusterj/core/store/ClusterConnection.java
@@ -35,6 +35,8 @@ public interface ClusterConnection {
 
     public Db createDb(String database, int maxTransactions);
 
+    public void configureTls(String searchPath, int requirement);
+
     public void waitUntilReady(int connectTimeoutBefore, int connectTimeoutAfter);
 
     public void closing();

diff --git a/...ndb/clusterj/clusterj-tie/src/main/java/com/mysql/clusterj/tie/ClusterConnectionImpl.java b/...ndb/clusterj/clusterj-tie/src/main/java/com/mysql/clusterj/tie/ClusterConnectionImpl.java
@@ -175,6 +175,11 @@ public Db createDb(String database, int maxTransactions) {
         return result;
     }
 
+    public void configureTls(String tlsSearchPath, int tlsRequirement) {
+        if(tlsSearchPath == null) tlsSearchPath = "";
+        clusterConnection.configure_tls(tlsSearchPath, tlsRequirement);
+    }
+
     public void waitUntilReady(int connectTimeoutBefore, int connectTimeoutAfter) {
         checkConnection();
         int returnCode = clusterConnection.wait_until_ready(connectTimeoutBefore, connectTimeoutAfter);

diff --git a/storage/ndb/src/ndbjtie/NdbApiWrapper.hpp b/storage/ndb/src/ndbjtie/NdbApiWrapper.hpp
@@ -3541,6 +3541,13 @@ struct NdbApiWrapper {
         return obj.set_timeout(p0);
     }
 
+    static void
+    Ndb_cluster_connection__configure_tls
+    ( Ndb_cluster_connection & obj, const char * p1, int p2)
+    {
+      return obj.configure_tls(p1, p2);
+    }
+
     static int
     Ndb_cluster_connection__connect
     ( Ndb_cluster_connection & obj, int p0, int p1, int p2 )

diff --git a/storage/ndb/src/ndbjtie/com/mysql/ndbjtie/ndbapi/Ndb_cluster_connection.java b/storage/ndb/src/ndbjtie/com/mysql/ndbjtie/ndbapi/Ndb_cluster_connection.java
@@ -40,6 +40,7 @@ public class Ndb_cluster_connection extends Wrapper implements Ndb_cluster_conne
     static public final native void delete(Ndb_cluster_connection p0);
     public final native void set_name(String/*_const char *_*/ name);
     public final native void set_application_port(int port);
+    public final native void configure_tls(String searchPath, int requirement);
     public final native int set_timeout(int timeout_ms);
     public final native int connect(int no_retries /*_= 0_*/, int retry_delay_in_seconds /*_= 1_*/, int verbose /*_= 0_*/);
     public final native int wait_until_ready(int timeout_for_first_alive, int timeout_after_first_alive);

diff --git a/storage/ndb/src/ndbjtie/ndbapi_jtie.hpp b/storage/ndb/src/ndbjtie/ndbapi_jtie.hpp
@@ -10241,6 +10241,21 @@ Java_com_mysql_ndbjtie_ndbapi_Ndb_1cluster_1connection_set_1timeout(JNIEnv * env
 #endif // NDBJTIE_USE_WRAPPED_VARIANT_FOR_FUNCTION
 }
 
+/*
+ * Class:     com_mysql_ndbjtie_ndbapi_Ndb_cluster_connection
+ * Method:    configure_tls
+ */
+JNIEXPORT void JNICALL
+Java_com_mysql_ndbjtie_ndbapi_Ndb_1cluster_1connection_configure_1tls(JNIEnv * env, jobject obj, jstring p0, jint p1)
+{
+    TRACE("void Java_com_mysql_ndbjtie_ndbapi_Ndb_1cluster_1connection_configure_tls(JNIEnv * env, jobject obj, jstring p0, jint p1)");
+#ifndef NDBJTIE_USE_WRAPPED_VARIANT_FOR_FUNCTION
+    return gcall_mfv< ttrait_c_m_n_n_Ndb_cluster_connection_t, ttrait_char_cp_jutf8null, ttrait_int, &Ndb_cluster_connection::configure_tls>(env, obj, p0, p1);
+#else
+    return gcall_fv< ttrait_c_m_n_n_Ndb_cluster_connection_r, ttrait_char_cp_jutf8null, ttrait_int, &NdbApiWrapper::Ndb_cluster_connection__configure_tls>(env, NULL, obj, p0, p1);
+#endif // NDBJTIE_USE_WRAPPED_VARIANT_FOR_FUNCTION
+}
+
 /*
  * Class:     com_mysql_ndbjtie_ndbapi_Ndb_cluster_connection
  * Method:    connect