in server/src/main/java/org/apache/cassandra/sidecar/server/HttpServerOptionsProvider.java [56:99]
public HttpServerOptions apply(SidecarConfiguration configuration)
{
HttpServerOptions options = new HttpServerOptions().setLogActivity(true);
ServiceConfiguration serviceConf = configuration.serviceConfiguration();
options.setIdleTimeoutUnit(MILLISECONDS)
.setIdleTimeout(serviceConf.requestIdleTimeout().toIntMillis())
.setTcpKeepAlive(serviceConf.tcpKeepAlive())
.setAcceptBacklog(serviceConf.acceptBacklog());
if (SystemUtils.IS_OS_LINUX)
{
options.setTcpFastOpen(true);
options.setTcpCork(true);
}
SslConfiguration ssl = configuration.sslConfiguration();
if (ssl != null && ssl.enabled())
{
options.setClientAuth(ClientAuth.valueOf(ssl.clientAuth()))
.setSsl(true)
// Use LinkedHashSet to preserve input order
.setEnabledSecureTransportProtocols(new LinkedHashSet<>(ssl.secureTransportProtocols()));
for (String cipherSuite : ssl.cipherSuites())
{
options.addEnabledCipherSuite(cipherSuite);
}
if (ssl.preferOpenSSL() && OpenSSLEngineOptions.isAvailable())
{
LOGGER.info("Using OpenSSL for encryption");
options.setSslEngineOptions(new OpenSSLEngineOptions().setSessionCacheEnabled(true));
}
else
{
LOGGER.warn("OpenSSL not enabled, using JDK for TLS");
}
configureSSLOptions(options.getSslOptions(), ssl, 0);
}
options.setTrafficShapingOptions(buildTrafficShapingOptions(serviceConf.trafficShapingConfiguration()));
return options;
}