Skip to content

Add generic SSL/TLS configuration support#17854

Draft
HTHou wants to merge 1 commit into
masterfrom
codex/generic-ssl-config
Draft

Add generic SSL/TLS configuration support#17854
HTHou wants to merge 1 commit into
masterfrom
codex/generic-ssl-config

Conversation

@HTHou
Copy link
Copy Markdown
Contributor

@HTHou HTHou commented Jun 5, 2026

Description

This PR adds generic SSL/TLS configuration support across IoTDB client and service paths without introducing provider-specific behavior.

Changes include:

  • Add a shared RpcSslUtils helper for SSL context setup, optional JSSE provider registration, cipher suite parsing, and keystore/truststore type detection.
  • Wire generic SSL/TLS protocol and provider options through Session, JDBC, CLI import/export tools, Thrift transport creation, REST HTTPS, and Ratis certificate loading.
  • Add generic ssl_protocol, ssl_provider_class, and ssl_cipher_suites configuration entries.
  • Add JDBC URL parsing coverage for the new SSL/TLS parameters.

Validation

  • ./mvnw spotless:apply -pl iotdb-core/node-commons
  • ./mvnw -pl iotdb-client/service-rpc,iotdb-core/node-commons -DskipTests compile
  • ./mvnw -pl iotdb-client/service-rpc,iotdb-client/isession,iotdb-client/session,iotdb-client/jdbc,iotdb-client/cli -DskipTests compile
  • ./mvnw -pl iotdb-client/jdbc -Dtest=UtilsTest#testParseSslConfig test
  • git diff --check

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jun 5, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
6.7% Duplication on New Code (required ≤ 5%)
B Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@codecov
Copy link
Copy Markdown

codecov Bot commented Jun 5, 2026

Codecov Report

❌ Patch coverage is 23.84824% with 281 lines in your changes missing coverage. Please review.
✅ Project coverage is 40.81%. Comparing base (d563cd0) to head (e335983).

Files with missing lines Patch % Lines
...rc/main/java/org/apache/iotdb/rpc/RpcSslUtils.java 11.87% 141 Missing ⚠️
...a/org/apache/iotdb/tool/data/AbstractDataTool.java 0.00% 26 Missing ⚠️
...g/apache/iotdb/tool/schema/AbstractSchemaTool.java 0.00% 20 Missing ⚠️
...java/org/apache/iotdb/tool/common/OptionsUtil.java 0.00% 18 Missing ⚠️
.../org/apache/iotdb/rpc/BaseRpcTransportFactory.java 0.00% 18 Missing ⚠️
...ava/org/apache/iotdb/session/pool/SessionPool.java 42.85% 8 Missing ⚠️
...che/iotdb/db/conf/rest/IoTDBRestServiceConfig.java 0.00% 8 Missing ⚠️
...nt/cli/src/main/java/org/apache/iotdb/cli/Cli.java 0.00% 6 Missing ⚠️
...b/commons/service/AbstractThriftServiceThread.java 0.00% 5 Missing ⚠️
...in/java/org/apache/iotdb/jdbc/IoTDBConnection.java 0.00% 4 Missing ⚠️
... and 14 more
Additional details and impacted files 
@@             Coverage Diff              @@
##             master   #17854      +/-   ##
============================================
- Coverage     40.83%   40.81%   -0.02%     
+ Complexity     2613     2611       -2     
============================================
  Files          5201     5202       +1     
  Lines        353904   354205     +301     
  Branches      45284    45313      +29     
============================================
+ Hits         144505   144573      +68     
- Misses       209399   209632     +233

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@HTHou