You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Bo Gao (Jira)" <ji...@apache.org> on 2023/06/08 23:45:00 UTC

[jira] [Comment Edited] (KAFKA-15053) Regression for security.protocol validation starting from 3.3.0

    [ https://issues.apache.org/jira/browse/KAFKA-15053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17730767#comment-17730767 ] 

Bo Gao edited comment on KAFKA-15053 at 6/8/23 11:44 PM:
---------------------------------------------------------

Hi [~ChrisEgerton] , just created a pull request for the fix [https://github.com/apache/kafka/pull/13831|https://github.com/apache/kafka/pull/13831.]

I also have a quick question for the release process: imagine this fix is merged and released, to consume this fix, do I need to upgrade to the latest Kafka version? Or is there a way to include this fix in a minor release? Thanks!


was (Author: JIRAUSER300429):
Hi [~ChrisEgerton] , just created a pull request for the fix [https://github.com/apache/kafka/pull/13831.]

I also have a quick question for the release process: imagine this fix is merged and released, to consume this fix, do I need to upgrade to the latest Kafka version? Or is there a way to include this fix in a minor release? Thanks!

> Regression for security.protocol validation starting from 3.3.0
> ---------------------------------------------------------------
>
>                 Key: KAFKA-15053
>                 URL: https://issues.apache.org/jira/browse/KAFKA-15053
>             Project: Kafka
>          Issue Type: Bug
>          Components: clients
>    Affects Versions: 3.3.0
>            Reporter: Bo Gao
>            Priority: Major
>
> [This|https://issues.apache.org/jira/browse/KAFKA-13793] Jira issue introduced validations on multiple configs. As a consequence, config {{security.protocol}} now only allows upper case values such as PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL. Before this change, lower case values like sasl_ssl, ssl are also supported, there's even a case insensitive logic inside [SecurityProtocol|https://github.com/apache/kafka/blob/146a6976aed0d9f90c70b6f21dca8b887cc34e71/clients/src/main/java/org/apache/kafka/common/security/auth/SecurityProtocol.java#L70-L73] to handle the lower case values.
> I think we should treat this as a regression bug since we don't support lower case values anymore since 3.3.0. For versions later than 3.3.0, we are getting error like this when using lower case value sasl_ssl
> {{Invalid value sasl_ssl for configuration security.protocol: String must be one of: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)