You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by sz...@apache.org on 2022/05/13 14:37:20 UTC
[nifi-minifi-cpp] 03/03: MINIFICPP-1827 - Verify SSL connection
This is an automated email from the ASF dual-hosted git repository.
szaszm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi-minifi-cpp.git
commit 0b9c6bea098c1e602e5efe6b292d99c5cfc2ac9e
Author: Adam Debreceni <ad...@apache.org>
AuthorDate: Fri May 13 16:33:26 2022 +0200
MINIFICPP-1827 - Verify SSL connection
Closes #1329
Signed-off-by: Marton Szasz <sz...@apache.org>
---
extensions/http-curl/processors/InvokeHTTP.cpp | 9 +++++++--
extensions/http-curl/tests/TestServer.h | 6 +++---
libminifi/test/resources/TestInvokeHTTPPostSecure.yml | 1 -
3 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/extensions/http-curl/processors/InvokeHTTP.cpp b/extensions/http-curl/processors/InvokeHTTP.cpp
index aea10f730..a0a7f9048 100644
--- a/extensions/http-curl/processors/InvokeHTTP.cpp
+++ b/extensions/http-curl/processors/InvokeHTTP.cpp
@@ -231,8 +231,13 @@ void InvokeHTTP::onSchedule(const std::shared_ptr<core::ProcessContext> &context
std::string context_name;
if (context->getProperty(SSLContext.getName(), context_name) && !IsNullOrEmpty(context_name)) {
std::shared_ptr<core::controller::ControllerService> service = context->getControllerService(context_name);
- if (nullptr != service) {
- ssl_context_service_ = std::static_pointer_cast<minifi::controllers::SSLContextService>(service);
+ if (!service) {
+ logger_->log_error("Couldn't find controller service with name '%s'", context_name);
+ } else {
+ ssl_context_service_ = std::dynamic_pointer_cast<minifi::controllers::SSLContextService>(service);
+ if (!ssl_context_service_) {
+ logger_->log_error("Controller service '%s' is not an SSLContextService", context_name);
+ }
}
}
diff --git a/extensions/http-curl/tests/TestServer.h b/extensions/http-curl/tests/TestServer.h
index 3ee3c977c..12f959129 100644
--- a/extensions/http-curl/tests/TestServer.h
+++ b/extensions/http-curl/tests/TestServer.h
@@ -50,7 +50,7 @@ class TestServer{
};
public:
- TestServer(std::string &port, std::string &rooturi, CivetHandler *handler, CivetCallbacks *callbacks, std::string& /*cert*/, std::string &ca_cert) {
+ TestServer(std::string &port, std::string &rooturi, CivetHandler *handler, CivetCallbacks *callbacks, std::string& cert, std::string &ca_cert) {
if (!mg_check_feature(2)) {
throw std::runtime_error("Error: Embedded example built with SSL support, "
"but civetweb library build without.\n");
@@ -59,8 +59,8 @@ class TestServer{
// ECDH+AESGCM+AES256:!aNULL:!MD5:!DSS
const std::vector<std::string> cpp_options{ "document_root", ".", "listening_ports", port, "error_log_file",
- "error.log", "ssl_certificate", ca_cert, "ssl_protocol_version", "4", "ssl_cipher_list",
- "ALL", "request_timeout_ms", "10000", "enable_auth_domain_check", "no", "ssl_verify_peer", "no"};
+ "error.log", "ssl_certificate", cert, "ssl_ca_file", ca_cert, "ssl_protocol_version", "4", "ssl_cipher_list",
+ "ALL", "request_timeout_ms", "10000", "enable_auth_domain_check", "no", "ssl_verify_peer", "yes"};
server_ = std::make_unique<CivetServer>(cpp_options, callbacks);
addHandler(rooturi, handler);
}
diff --git a/libminifi/test/resources/TestInvokeHTTPPostSecure.yml b/libminifi/test/resources/TestInvokeHTTPPostSecure.yml
index 5f9237207..45718396a 100644
--- a/libminifi/test/resources/TestInvokeHTTPPostSecure.yml
+++ b/libminifi/test/resources/TestInvokeHTTPPostSecure.yml
@@ -108,7 +108,6 @@ Processors:
- failure
Properties:
invoke_http: failure
-Controller Services: []
Process Groups: []
Input Ports: []
Output Ports: []