You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Bo Gao (Jira)" <ji...@apache.org> on 2023/06/08 23:45:00 UTC
[jira] [Comment Edited] (KAFKA-15053) Regression for security.protocol validation starting from 3.3.0
[ https://issues.apache.org/jira/browse/KAFKA-15053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17730767#comment-17730767 ]
Bo Gao edited comment on KAFKA-15053 at 6/8/23 11:44 PM:
---------------------------------------------------------
Hi [~ChrisEgerton] , just created a pull request for the fix [https://github.com/apache/kafka/pull/13831|https://github.com/apache/kafka/pull/13831.]
I also have a quick question for the release process: imagine this fix is merged and released, to consume this fix, do I need to upgrade to the latest Kafka version? Or is there a way to include this fix in a minor release? Thanks!
was (Author: JIRAUSER300429):
Hi [~ChrisEgerton] , just created a pull request for the fix [https://github.com/apache/kafka/pull/13831.]
I also have a quick question for the release process: imagine this fix is merged and released, to consume this fix, do I need to upgrade to the latest Kafka version? Or is there a way to include this fix in a minor release? Thanks!
> Regression for security.protocol validation starting from 3.3.0
> ---------------------------------------------------------------
>
> Key: KAFKA-15053
> URL: https://issues.apache.org/jira/browse/KAFKA-15053
> Project: Kafka
> Issue Type: Bug
> Components: clients
> Affects Versions: 3.3.0
> Reporter: Bo Gao
> Priority: Major
>
> [This|https://issues.apache.org/jira/browse/KAFKA-13793] Jira issue introduced validations on multiple configs. As a consequence, config {{security.protocol}} now only allows upper case values such as PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL. Before this change, lower case values like sasl_ssl, ssl are also supported, there's even a case insensitive logic inside [SecurityProtocol|https://github.com/apache/kafka/blob/146a6976aed0d9f90c70b6f21dca8b887cc34e71/clients/src/main/java/org/apache/kafka/common/security/auth/SecurityProtocol.java#L70-L73] to handle the lower case values.
> I think we should treat this as a regression bug since we don't support lower case values anymore since 3.3.0. For versions later than 3.3.0, we are getting error like this when using lower case value sasl_ssl
> {{Invalid value sasl_ssl for configuration security.protocol: String must be one of: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)