From a917d3c5de6f53feacae413e249a9c7ae0575f0e Mon Sep 17 00:00:00 2001 From: Evan Huus Date: Fri, 10 Oct 2014 09:38:50 -0400 Subject: [PATCH] Add configuration to support broker SSL Possibly implements #154, if my assumptions about the implementation are correct. --- broker.go | 8 +++++++- config.go | 12 +++++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/broker.go b/broker.go index 4f4d948fc..42bfbc715 100644 --- a/broker.go +++ b/broker.go @@ -1,6 +1,7 @@ package sarama import ( + "crypto/tls" "fmt" "io" "net" @@ -73,7 +74,12 @@ func (b *Broker) Open(conf *Config) error { KeepAlive: conf.Net.KeepAlive, } - b.conn, b.connErr = dialer.Dial("tcp", b.addr) + if conf.Net.TLS.Enable { + b.conn, b.connErr = tls.DialWithDialer(&dialer, "tcp", b.addr, conf.Net.TLS.Config) + } else { + b.conn, b.connErr = dialer.Dial("tcp", b.addr) + } + if b.connErr != nil { b.conn = nil atomic.StoreInt32(&b.opened, 0) diff --git a/config.go b/config.go index 881d630a2..952f2d23c 100644 --- a/config.go +++ b/config.go @@ -1,6 +1,9 @@ package sarama -import "time" +import ( + "crypto/tls" + "time" +) // Config is used to pass multiple configuration options to Sarama's constructors. type Config struct { @@ -16,6 +19,13 @@ type Config struct { // KeepAlive specifies the keep-alive period for an active network connection. // If zero, keep-alives are disabled. (default is 0: disabled). KeepAlive time.Duration + + // NOTE: these config values have no compatibility guarantees; they may change when Kafka releases its + // official TLS support in version 0.9. + TLS struct { + Enable bool // Whether or not to use TLS when connecting to the broker (defaults to false). + Config *tls.Config // The TLS configuration to use for secure connections if enabled (defaults to nil). + } } // Metadata is the namespace for metadata management properties used by the Client, and shared by the Producer/Consumer.