You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/12/18 08:25:26 UTC
[GitHub] [pulsar] sijie opened a new pull request #8998: Improve error handling when broker doesn't trust client certificates
sijie opened a new pull request #8998:
URL: https://github.com/apache/pulsar/pull/8998
*Motivation*
When TLS throws `SSLPeerUnverifiedException`, broker doesn't log any information and just returns `null`.
It makes users very hard to debug problem.
*Changes*
Improve the error handling when broker doesn't trust client certificates.
See more details at https://github.com/apache/pulsar/issues/8963
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] eolivelli commented on a change in pull request #8998: Improve error handling when broker doesn't trust client certificates
Posted by GitBox <gi...@apache.org>.
eolivelli commented on a change in pull request #8998:
URL: https://github.com/apache/pulsar/pull/8998#discussion_r546073190
##########
File path: pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationDataCommand.java
##########
@@ -94,6 +96,7 @@ public boolean hasDataFromTls() {
try {
return sslSession.getPeerCertificates();
} catch (SSLPeerUnverifiedException e) {
+ log.error("Failed to verify the peer's identity", e);
Review comment:
Is there a way to log the remote address?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] jiazhai merged pull request #8998: Improve error handling when broker doesn't trust client certificates
Posted by GitBox <gi...@apache.org>.
jiazhai merged pull request #8998:
URL: https://github.com/apache/pulsar/pull/8998
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] codelipenghui commented on pull request #8998: Improve error handling when broker doesn't trust client certificates
Posted by GitBox <gi...@apache.org>.
codelipenghui commented on pull request #8998:
URL: https://github.com/apache/pulsar/pull/8998#issuecomment-748057143
/pulsarbot run-failure-checks
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] sijie commented on pull request #8998: Improve error handling when broker doesn't trust client certificates
Posted by GitBox <gi...@apache.org>.
sijie commented on pull request #8998:
URL: https://github.com/apache/pulsar/pull/8998#issuecomment-748230980
/pulsarbot run-failure-checks
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org