Add isDualModeEnabled to SecureTransportSettingsProvider interface

Signed-off-by: Craig Perkins <[email protected]>
cwperks · Oct 18, 2024 · aa48614 · aa48614
1 parent 9096aee
commit aa48614
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/...sport-netty4/src/main/java/org/opensearch/transport/netty4/ssl/SecureNetty4Transport.java b/...sport-netty4/src/main/java/org/opensearch/transport/netty4/ssl/SecureNetty4Transport.java
@@ -142,7 +142,7 @@ public SSLServerChannelInitializer(String name) {
         protected void initChannel(Channel ch) throws Exception {
             super.initChannel(ch);
 
-            final boolean dualModeEnabled = NetworkModule.TRANSPORT_SSL_DUAL_MODE_ENABLED.get(settings);
+            final boolean dualModeEnabled = secureTransportSettingsProvider.isDualModeEnabled(settings);
             if (dualModeEnabled) {
                 logger.info("SSL Dual mode enabled, using port unification handler");
                 final ChannelHandler portUnificationHandler = new DualModeSslHandler(
@@ -258,7 +258,7 @@ protected class SSLClientChannelInitializer extends Netty4Transport.ClientChanne
         public SSLClientChannelInitializer(DiscoveryNode node) {
             this.node = node;
 
-            final boolean dualModeEnabled = NetworkModule.TRANSPORT_SSL_DUAL_MODE_ENABLED.get(settings);
+            final boolean dualModeEnabled = secureTransportSettingsProvider.isDualModeEnabled(settings);
             hostnameVerificationEnabled = NetworkModule.TRANSPORT_SSL_ENFORCE_HOSTNAME_VERIFICATION.get(settings);
             hostnameVerificationResolveHostName = NetworkModule.TRANSPORT_SSL_ENFORCE_HOSTNAME_VERIFICATION_RESOLVE_HOST_NAME.get(settings);
 

diff --git a/server/src/main/java/org/opensearch/plugins/SecureTransportSettingsProvider.java b/server/src/main/java/org/opensearch/plugins/SecureTransportSettingsProvider.java
@@ -9,6 +9,7 @@
 package org.opensearch.plugins;
 
 import org.opensearch.common.annotation.ExperimentalApi;
+import org.opensearch.common.network.NetworkModule;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.transport.Transport;
 import org.opensearch.transport.TransportAdapterProvider;
@@ -36,6 +37,15 @@ default Collection<TransportAdapterProvider<Transport>> getTransportAdapterProvi
         return Collections.emptyList();
     }
 
+    /**
+     * Returns true if dual mode is enabled. Dual mode domains support both encrypted and non-encrypted traffic
+     * @param settings settings
+     * @return a boolean indicating if dual mode is enabled
+     */
+    default boolean isDualModeEnabled(Settings settings) {
+
+    }
+
     /**
      * If supported, builds the {@link TransportExceptionHandler} instance for {@link Transport} instance
      * @param settings settings