WIP: add SSL config and starting up client with SSL mode if available

README.md

@@ -22,7 +22,7 @@ And you're done!
 #### News
 :rocket: __New since version 5.4.0__ It is possible to start the zookeeper client in a Node.js Worker thread.
 
-:rocket: __New since version 5.1.0__ Support for `SSL`, that was introduced in Apache ZooKeeper C Client v3.6.0.
+:rocket: __New since version 5.1.0__ Support for `SSL` (Linux only), that was introduced in Apache ZooKeeper C Client v3.6.0.
 
 :rocket: __New since version 4.9.0__ Support for `Dynamic Reconfiguration`, introduced in Apache ZooKeeper server v3.5.5.
 
@@ -185,7 +185,18 @@ Have a look at the code in the [examples](./examples) folder: with __master__, _
 
 ### Input Parameters
 
-* options : object. valid keys: { connect, timeout, debug_level, host_order_deterministic, data_as_buffer, response_counter_limit }
+* options : object
+  - connect: string
+  - timeout: number
+  - debug_level: number
+  - host_order_deterministic: boolean
+  - data_as_buffer: boolean
+  - response_counter_limit: number
+  - ssl: string
+
+NOTE: the options `ssl` value is a string containing comma separated parameters to initiate SSL connection.
+e.g.: server_cert.crt,client_cert.crt,client_priv_key.pem,passwd
+
 * path : string
 * data : string or Buffer
 * flags : int32. Supported:

binding.gyp

@@ -36,6 +36,8 @@
         [
           "OS==\"linux\"",
           {
+            "variables": {"with_ssl": "<!(if [[ $(openssl version -v | tr '[:upper:]' '[:lower:]') = openssl* ]]; then echo 'WITH_SSL'; else echo 'WITHOUT_SSL'; fi)"},
+            "defines": ["<(with_ssl)"],
             "include_dirs": [
               "<(module_root_dir)/deps/zookeeper-client-c/include",
               "<(module_root_dir)/deps/zookeeper-client-c/generated",

lib/zookeeper.js

@@ -126,6 +126,10 @@ class ZooKeeper extends EventEmitter {
             this.data_as_buffer = config.data_as_buffer;
             this.log('Encoding for data output: %s', this.encoding);
         }
+
+        // eslint-disable-next-line no-param-reassign
+        config.ssl = config.ssl || '';
+
         this.native.init(config);
 
         return this;

src/node-zk.cpp

@@ -406,15 +406,27 @@ class ZooKeeper: public Nan::ObjectWrap {
         }
     }
 
-    inline bool realInit (const char* hostPort, int session_timeout, clientid_t *client_id) {
+    inline bool realInit (const char* hostPort, const char* cert, int session_timeout, clientid_t *client_id) {
         if (zhandle) {
             // In case this is not the first call to realInit,
             // stop the current timer and skip re-initializing the timer
             uv_timer_stop(&zk_timer);
         }
 
         myid = *client_id;
+
+#ifdef WITH_SSL
+        if (!*cert) {
+            LOG_INFO("Initializing with SSL");
+            zhandle = zookeeper_init(hostPort, main_watcher, session_timeout, &myid, this, 0);
+        } else {
+            LOG_INFO("Initializing without SSL");
+            zhandle = zookeeper_init_ssl(hostPort, cert, main_watcher, session_timeout, &myid, this, 0);
+        }
+#else
+        LOG_INFO("Initializing");
         zhandle = zookeeper_init(hostPort, main_watcher, session_timeout, &myid, this, 0);
+#endif
         if (!zhandle) {
             LOG_ERROR("zookeeper_init returned 0!");
             return false;
@@ -442,6 +454,7 @@ class ZooKeeper: public Nan::ObjectWrap {
         zoo_deterministic_conn_order(order); // enable deterministic order
 
         Nan::Utf8String _hostPort (toString(toLocalVal(arg, LOCAL_STRING("connect"))));
+        Nan::Utf8String _cert (toString(toLocalVal(arg, LOCAL_STRING("ssl"))));
         int32_t session_timeout = toInt(arg, LOCAL_STRING("timeout"));
         if (session_timeout == 0) {
             session_timeout = 20000;
@@ -471,7 +484,7 @@ class ZooKeeper: public Nan::ObjectWrap {
             zk->responseCounterLimit = response_counter_limit;
         }
 
-        if (!zk->realInit(*_hostPort, session_timeout, &local_client)) {
+        if (!zk->realInit(*_hostPort, *_cert, session_timeout, &local_client)) {
             RETURN_VALUE(info, Nan::ErrnoException(errno, "zookeeper_init", "failed to init", __FILE__));
         } else {
             RETURN_THIS(info);