Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL support for reactive DB2 client #10582

Closed
tsegismont opened this issue Jul 8, 2020 · 3 comments · Fixed by #10620
Closed

SSL support for reactive DB2 client #10582

tsegismont opened this issue Jul 8, 2020 · 3 comments · Fixed by #10620
Labels
area/persistence OBSOLETE, DO NOT USE kind/enhancement New feature or request
Milestone
1.6.1.Final

Comments

@tsegismont
Copy link
Contributor

tsegismont commented Jul 8, 2020
edited
Loading

SSL is supported upstream
@tsegismont tsegismont added the kind/enhancement New feature or request label Jul 8, 2020
@quarkusbot
Copy link

/cc @aguibert

@quarkusbot quarkusbot added the area/persistence OBSOLETE, DO NOT USE label Jul 8, 2020
@aguibert
Copy link
Member

aguibert commented Jul 8, 2020

I think we can close this issue, Vertx 3.9.1 actually supports DB2 with SSL just fine, it's just that I didn't get around to testing it until 3.9.2 (no code changes were needed, just added a test)

@tsegismont
Copy link
Contributor Author

@aguibert indeed, tests left aside, eclipse-vertx/vertx-sql-client#679 only improves usability by adding methods to DB2ConnectOptions.

But upstream support is not enough. Among other things, the pool recorder must be updated (Postgres here):

quarkus/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/PgPoolRecorder.java

Lines 139 to 151 in 4fa78b0

if (dataSourceReactivePostgreSQLConfig.sslMode.isPresent()) {
pgConnectOptions.setSslMode(dataSourceReactivePostgreSQLConfig.sslMode.get());
}
pgConnectOptions.setTrustAll(dataSourceReactiveRuntimeConfig.trustAll);
configurePemTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePem);
configureJksTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificateJks);
configurePfxTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePfx);
configurePemKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePem);
configureJksKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificateJks);
configurePfxKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePfx);

This is missing for DB2:

quarkus/extensions/reactive-db2-client/runtime/src/main/java/io/quarkus/reactive/db2/client/runtime/DB2PoolRecorder.java

Lines 65 to 110 in 4fa78b0

private DB2ConnectOptions toConnectOptions(DataSourceRuntimeConfig dataSourceRuntimeConfig,
DataSourceReactiveRuntimeConfig dataSourceReactiveRuntimeConfig,
DataSourceReactiveDB2Config dataSourceReactiveDB2Config) {
DB2ConnectOptions connectOptions;
if (dataSourceReactiveRuntimeConfig.url.isPresent()) {
String url = dataSourceReactiveRuntimeConfig.url.get();
// clean up the URL to make migrations easier
if (url.matches("^vertx-reactive:db2://.*$")) {
url = url.substring("vertx-reactive:".length());
}
connectOptions = DB2ConnectOptions.fromUri(url);
} else {
connectOptions = new DB2ConnectOptions();
}
if (dataSourceRuntimeConfig.username.isPresent()) {
connectOptions.setUser(dataSourceRuntimeConfig.username.get());
}
if (dataSourceRuntimeConfig.password.isPresent()) {
connectOptions.setPassword(dataSourceRuntimeConfig.password.get());
}
// credentials provider
if (dataSourceRuntimeConfig.credentialsProvider.isPresent()) {
String beanName = dataSourceRuntimeConfig.credentialsProviderName.orElse(null);
CredentialsProvider credentialsProvider = CredentialsProviderFinder.find(beanName);
String name = dataSourceRuntimeConfig.credentialsProvider.get();
Map<String, String> credentials = credentialsProvider.getCredentials(name);
String user = credentials.get(USER_PROPERTY_NAME);
String password = credentials.get(PASSWORD_PROPERTY_NAME);
if (user != null) {
connectOptions.setUser(user);
}
if (password != null) {
connectOptions.setPassword(user);
}
}
if (dataSourceReactiveDB2Config.cachePreparedStatements.isPresent()) {
connectOptions.setCachePreparedStatements(dataSourceReactiveDB2Config.cachePreparedStatements.get());
}
return connectOptions;
}

So this issue should stay open, although it actually does not depend on #9480

tsegismont added a commit to tsegismont/quarkus that referenced this issue Jul 9, 2020
@tsegismont
SSL support for reactive DB2 client
f560686 
Resolves quarkusio#10582
@tsegismont tsegismont mentioned this issue Jul 9, 2020
Merged
@gsmet gsmet added this to the 1.6.1.Final milestone Jul 16, 2020
gsmet pushed a commit to gsmet/quarkus that referenced this issue Jul 16, 2020
@tsegismont @gsmet
SSL support for reactive DB2 client
93ad0d4 
Resolves quarkusio#10582
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/persistence OBSOLETE, DO NOT USE kind/enhancement New feature or request
Projects
None yet
Milestone
1.6.1.Final
Development

Successfully merging a pull request may close this issue.

SSL support for reactive DB2 client tsegismont/quarkus
4 participants
@gsmet @tsegismont @aguibert @quarkusbot