You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Chia-Ping Tsai (Jira)" <ji...@apache.org> on 2020/03/12 14:16:00 UTC

[jira] [Created] (KAFKA-9711) The authentication failure caused by SSLEngine#beginHandshake is not properly caught and handled

Chia-Ping Tsai created KAFKA-9711:
-------------------------------------

             Summary: The authentication failure caused by SSLEngine#beginHandshake is not properly caught and handled
                 Key: KAFKA-9711
                 URL: https://issues.apache.org/jira/browse/KAFKA-9711
             Project: Kafka
          Issue Type: Bug
            Reporter: Chia-Ping Tsai
            Assignee: Chia-Ping Tsai


{code:java}
    @Override
    public void handshake() throws IOException {
        if (state == State.NOT_INITALIZED)
            startHandshake(); // this line
        if (ready())
            throw renegotiationException();
        if (state == State.CLOSING)
            throw closingException();

{code}

SSLEngine#beginHandshake is possible to throw authentication failures (for example, no suitable cipher suites) so we ought to catch SSLException and then convert it to SslAuthenticationException so as to process authentication failures correctly.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)