Github user yanghua commented on a diff in the pull request:
https://github.com/apache/flink/pull/6328#discussion_r202506820
--- Diff:
flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java ---
@@ -163,80 +163,157 @@ public static void
setSSLVerifyHostname(Configuration sslConfig, SSLParameters s
}
/**
- * Creates the SSL Context for the client if SSL is configured.
+ * SSL engine provider.
+ */
+ public enum SSLProvider {
+ JDK,
+ /**
+ * OpenSSL with fallback to JDK if not available.
+ */
+ OPENSSL;
+
+ public static SSLProvider fromString(String value) {
+ Preconditions.checkNotNull(value);
+ if (value.equalsIgnoreCase("OPENSSL")) {
+ return OPENSSL;
+ } else if (value.equalsIgnoreCase("JDK")) {
+ return JDK;
+ } else {
+ throw new IllegalArgumentException("Unknown SSL
provider: " + value);
+ }
+ }
+ }
+
+ /**
+ * Instances needed to set up an SSL client connection.
+ */
+ public static class SSLClientTools {
+ public final SSLProvider preferredSslProvider;
+ public final String sslProtocolVersion;
+ public final TrustManagerFactory trustManagerFactory;
--- End diff --
mark these fields as `private` as provide `getter/setter` looks better to me
---
