You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/06/12 19:54:00 UTC

[jira] [Updated] (NIFI-7468) Improve internal handling of SSL channels

     [ https://issues.apache.org/jira/browse/NIFI-7468?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Handermann updated NIFI-7468:
-----------------------------------
    Affects Version/s: 1.13.2

> Improve internal handling of SSL channels
> -----------------------------------------
>
>                 Key: NIFI-7468
>                 URL: https://issues.apache.org/jira/browse/NIFI-7468
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework, Extensions
>    Affects Versions: 1.11.4, 1.13.2
>            Reporter: Andy LoPresto
>            Assignee: David Handermann
>            Priority: Major
>              Labels: security, ssl, tcp, tls, tlsv1.3, udp
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> While refactoring the TLS protocol version issue in NIFI-7407, I discovered that some processors make use of NiFi custom implementations of {{SSLSocketChannel}}, {{SSLCommsSession}}, and {{SSLSocketChannelInputStream}}. These implementations break on TLSv1.3. 
> Further investigation is needed to determine why these custom implementations were provided originally, whether they are still required, and why they do not handle TLSv1.3 successfully. 
> Diagnostic error:
> {code}
> Error reading from channel due to Tag mismatch!: javax.net.ssl.SSLException: Tag mismatch!
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)