From a942d5d3dc2c1616d2c2419bf0443a9da897bc4c Mon Sep 17 00:00:00 2001 From: Tim Claridge Date: Mon, 29 Jun 2026 22:16:57 +1200 Subject: [PATCH] TLS for inter-node peer connections MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When the cluster's client port is TLS-enabled, peer connections (which connect to that same port) must also speak TLS. PeerManager gains setPeerClientContext/ getPeerClientContext, and PeerNode installs that context on its client before logon. Null (the default) leaves peering plaintext — a no-op, so non-TLS clusters are unchanged. --- .../presents/peer/server/PeerManager.java | 24 +++++++++++++++++++ .../presents/peer/server/PeerNode.java | 3 +++ 2 files changed, 27 insertions(+) diff --git a/core/src/main/java/com/threerings/presents/peer/server/PeerManager.java b/core/src/main/java/com/threerings/presents/peer/server/PeerManager.java index 5b6cc00ec..b8c99b63f 100644 --- a/core/src/main/java/com/threerings/presents/peer/server/PeerManager.java +++ b/core/src/main/java/com/threerings/presents/peer/server/PeerManager.java @@ -1319,6 +1319,27 @@ public abstract class PeerManager return PeerNode.class; } + /** + * Sets the {@link SSLContext} that {@link PeerNode}s use to wrap their connections to other + * nodes in TLS. When the cluster's client port is TLS-enabled, peer connections (which connect + * to that same port) must also speak TLS; this is the client-side (pinned-truststore) context + * the peer node installs on its client before logon. Null (the default) leaves peer connections + * plaintext. Set this before peers are discovered/connected. + */ + public void setPeerClientContext (javax.net.ssl.SSLContext ctx) + { + _peerClientContext = ctx; + } + + /** + * Returns the {@link SSLContext} peer nodes use to wrap connections to other nodes, or null if + * peer connections are plaintext. + */ + public javax.net.ssl.SSLContext getPeerClientContext () + { + return _peerClientContext; + } + /** * Creates credentials that a {@link PeerNode} can use to authenticate with another node. */ @@ -1812,6 +1833,9 @@ public abstract class PeerManager protected String _nodeName; protected String _sharedSecret; protected NodeRecord _self; + + /** TLS context peer nodes use when connecting to other nodes, or null for plaintext peering. */ + protected javax.net.ssl.SSLContext _peerClientContext; protected NodeObject _nodeobj; protected String _nodeNamespace; protected Map _peers = Maps.newHashMap(); diff --git a/core/src/main/java/com/threerings/presents/peer/server/PeerNode.java b/core/src/main/java/com/threerings/presents/peer/server/PeerNode.java index 118574891..d54bd236d 100644 --- a/core/src/main/java/com/threerings/presents/peer/server/PeerNode.java +++ b/core/src/main/java/com/threerings/presents/peer/server/PeerNode.java @@ -140,6 +140,9 @@ public class PeerNode // otherwise configure our client with the right bits and logon _client.setCredentials(_peermgr.createCreds()); + // if the cluster's client port is TLS-enabled, peer connections must speak TLS too; + // null (plaintext peering) is a no-op (see PeerManager.setPeerClientContext) + _client.setSSLContext(_peermgr.getPeerClientContext()); _client.setServer(hostName, new int[] { _record.port }); _client.logon(); _lastConnectStamp = System.currentTimeMillis();