4 files changed, 114 insertions, 33 deletions

diff --git a/other/java/client/pom.xml b/other/java/client/pom.xml
index 5882c726d..c37b9aab8 100644
--- a/other/java/client/pom.xml
+++ b/other/java/client/pom.xml
@@ -4,7 +4,7 @@
 
     <groupId>com.github.chrislusf</groupId>
     <artifactId>seaweedfs-client</artifactId>
-    <version>1.1.0</version>
+    <version>1.1.3</version>
 
     <parent>
         <groupId>org.sonatype.oss</groupId>
@@ -13,12 +13,18 @@
     </parent>
 
     <properties>
-        <protobuf.version>3.5.1</protobuf.version>
-        <grpc.version>1.16.1</grpc.version>
-        <guava.version>26.0-jre</guava.version>
+        <protobuf.version>3.9.1</protobuf.version>
+        <!-- follow https://github.com/grpc/grpc-java -->
+        <grpc.version>1.23.0</grpc.version>
+        <guava.version>28.0-jre</guava.version>
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>com.moandjiezana.toml</groupId>
+            <artifactId>toml4j</artifactId>
+            <version>0.7.2</version>
+        </dependency>
         <!-- https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java -->
         <dependency>
             <groupId>com.google.protobuf</groupId>
@@ -74,7 +80,7 @@
             <extension>
                 <groupId>kr.motd.maven</groupId>
                 <artifactId>os-maven-plugin</artifactId>
-                <version>1.5.0.Final</version>
+                <version>1.6.2</version>
             </extension>
         </extensions>
         <plugins>
@@ -89,9 +95,9 @@
             <plugin>
                 <groupId>org.xolstice.maven.plugins</groupId>
                 <artifactId>protobuf-maven-plugin</artifactId>
-                <version>0.5.1</version>
+                <version>0.6.1</version>
                 <configuration>
-                    <protocArtifact>com.google.protobuf:protoc:${protobuf.version}-1:exe:${os.detected.classifier}</protocArtifact>
+                    <protocArtifact>com.google.protobuf:protoc:${protobuf.version}:exe:${os.detected.classifier}</protocArtifact>
                     <pluginId>grpc-java</pluginId>
                     <pluginArtifact>io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${os.detected.classifier}</pluginArtifact>
                 </configuration>
diff --git a/other/java/client/src/main/java/seaweedfs/client/FilerGrpcClient.java b/other/java/client/src/main/java/seaweedfs/client/FilerGrpcClient.java
index c28c1dcf2..3626c76de 100644
--- a/other/java/client/src/main/java/seaweedfs/client/FilerGrpcClient.java
+++ b/other/java/client/src/main/java/seaweedfs/client/FilerGrpcClient.java
@@ -2,39 +2,46 @@ package seaweedfs.client;
 
 import io.grpc.ManagedChannel;
 import io.grpc.ManagedChannelBuilder;
-import io.grpc.netty.shaded.io.grpc.netty.GrpcSslContexts;
 import io.grpc.netty.shaded.io.grpc.netty.NegotiationType;
 import io.grpc.netty.shaded.io.grpc.netty.NettyChannelBuilder;
 import io.grpc.netty.shaded.io.netty.handler.ssl.SslContext;
-import io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.SSLException;
-import java.io.File;
 import java.util.concurrent.TimeUnit;
-import java.util.logging.Logger;
 
 public class FilerGrpcClient {
 
-    private static final Logger logger = Logger.getLogger(FilerGrpcClient.class.getName());
+    private static final Logger logger = LoggerFactory.getLogger(FilerGrpcClient.class);
 
     private final ManagedChannel channel;
     private final SeaweedFilerGrpc.SeaweedFilerBlockingStub blockingStub;
     private final SeaweedFilerGrpc.SeaweedFilerStub asyncStub;
     private final SeaweedFilerGrpc.SeaweedFilerFutureStub futureStub;
 
+    static SslContext sslContext;
+
+    static {
+        try {
+            sslContext = FilerSslContext.loadSslContext();
+        } catch (SSLException e) {
+            logger.warn("failed to load ssl context", e);
+        }
+    }
 
     public FilerGrpcClient(String host, int grpcPort) {
-        this(ManagedChannelBuilder.forAddress(host, grpcPort).usePlaintext());
+        this(host, grpcPort, sslContext);
     }
 
-    public FilerGrpcClient(String host, int grpcPort,
-                           String caFilePath,
-                           String clientCertFilePath,
-                           String clientPrivateKeyFilePath) throws SSLException {
+    public FilerGrpcClient(String host, int grpcPort, SslContext sslContext) {
+
+        this(sslContext == null ?
+                ManagedChannelBuilder.forAddress(host, grpcPort).usePlaintext() :
+                NettyChannelBuilder.forAddress(host, grpcPort)
+                        .negotiationType(NegotiationType.TLS)
+                        .sslContext(sslContext));
 
-        this(NettyChannelBuilder.forAddress(host, grpcPort)
-                .negotiationType(NegotiationType.TLS)
-                .sslContext(buildSslContext(caFilePath,clientCertFilePath,clientPrivateKeyFilePath)));
     }
 
     public FilerGrpcClient(ManagedChannelBuilder<?> channelBuilder) {
@@ -60,17 +67,4 @@ public class FilerGrpcClient {
         return futureStub;
     }
 
-    private static SslContext buildSslContext(String trustCertCollectionFilePath,
-                                              String clientCertChainFilePath,
-                                              String clientPrivateKeyFilePath) throws SSLException {
-        SslContextBuilder builder = GrpcSslContexts.forClient();
-        if (trustCertCollectionFilePath != null) {
-            builder.trustManager(new File(trustCertCollectionFilePath));
-        }
-        if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
-            builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
-        }
-        return builder.build();
-    }
-
 }
diff --git a/other/java/client/src/main/java/seaweedfs/client/FilerSslContext.java b/other/java/client/src/main/java/seaweedfs/client/FilerSslContext.java
new file mode 100644
index 000000000..5a88c1da3
--- /dev/null
+++ b/other/java/client/src/main/java/seaweedfs/client/FilerSslContext.java
@@ -0,0 +1,64 @@
+package seaweedfs.client;
+
+import com.google.common.base.Strings;
+import com.moandjiezana.toml.Toml;
+import io.grpc.netty.shaded.io.grpc.netty.GrpcSslContexts;
+import io.grpc.netty.shaded.io.netty.handler.ssl.SslContext;
+import io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder;
+import io.grpc.netty.shaded.io.netty.handler.ssl.util.InsecureTrustManagerFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.SSLException;
+import java.io.File;
+
+public class FilerSslContext {
+
+    private static final Logger logger = LoggerFactory.getLogger(FilerSslContext.class);
+
+    public static SslContext loadSslContext() throws SSLException {
+        String securityFileName = "security.toml";
+        String home = System.getProperty("user.home");
+        File f1 = new File("./"+securityFileName);
+        File f2 = new File(home + "/.seaweedfs/"+securityFileName);
+        File f3 = new File(home + "/etc/seaweedfs/"+securityFileName);
+
+        File securityFile = f1.exists()? f1 : f2.exists() ? f2 : f3.exists()? f3 : null;
+
+        if (securityFile==null){
+            return null;
+        }
+
+        Toml toml = new Toml().read(securityFile);
+        logger.debug("reading ssl setup from {}", securityFile);
+
+        String trustCertCollectionFilePath = toml.getString("grpc.ca");
+        logger.debug("loading ca from {}", trustCertCollectionFilePath);
+        String clientCertChainFilePath = toml.getString("grpc.client.cert");
+        logger.debug("loading client ca from {}", clientCertChainFilePath);
+        String clientPrivateKeyFilePath = toml.getString("grpc.client.key");
+        logger.debug("loading client key from {}", clientPrivateKeyFilePath);
+
+        if (Strings.isNullOrEmpty(clientPrivateKeyFilePath) && Strings.isNullOrEmpty(clientPrivateKeyFilePath)){
+            return null;
+        }
+
+        // possibly fix the format https://netty.io/wiki/sslcontextbuilder-and-private-key.html
+
+        return buildSslContext(trustCertCollectionFilePath, clientCertChainFilePath, clientPrivateKeyFilePath);
+    }
+
+
+    private static SslContext buildSslContext(String trustCertCollectionFilePath,
+                                             String clientCertChainFilePath,
+                                             String clientPrivateKeyFilePath) throws SSLException {
+        SslContextBuilder builder = GrpcSslContexts.forClient();
+        if (trustCertCollectionFilePath != null) {
+            builder.trustManager(new File(trustCertCollectionFilePath));
+        }
+        if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
+            builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
+        }
+        return builder.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
+    }
+}
diff --git a/other/java/client/src/test/java/seaweedfs/client/SeaweedFilerTest.java b/other/java/client/src/test/java/seaweedfs/client/SeaweedFilerTest.java
new file mode 100644
index 000000000..dde23ee87
--- /dev/null
+++ b/other/java/client/src/test/java/seaweedfs/client/SeaweedFilerTest.java
@@ -0,0 +1,17 @@
+package seaweedfs.client;
+
+import java.util.List;
+
+public class SeaweedFilerTest {
+    public static void main(String[] args){
+
+        FilerClient filerClient = new FilerClient("localhost", 18888);
+
+        List<FilerProto.Entry> entries = filerClient.listEntries("/");
+
+        for (FilerProto.Entry entry : entries) {
+            System.out.println(entry.toString());
+        }
+
+    }
+}