You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Jun Rao (Jira)" <ji...@apache.org> on 2020/03/25 01:51:00 UTC

[jira] [Resolved] (KAFKA-9711) The authentication failure caused by SSLEngine#beginHandshake is not properly caught and handled

     [ https://issues.apache.org/jira/browse/KAFKA-9711?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jun Rao resolved KAFKA-9711.
----------------------------
    Fix Version/s: 2.6.0
       Resolution: Fixed

Merged the PR to trunk.

> The authentication failure caused by SSLEngine#beginHandshake is not properly caught and handled
> ------------------------------------------------------------------------------------------------
>
>                 Key: KAFKA-9711
>                 URL: https://issues.apache.org/jira/browse/KAFKA-9711
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Chia-Ping Tsai
>            Assignee: Chia-Ping Tsai
>            Priority: Major
>             Fix For: 2.6.0
>
>
> {code:java}
>     @Override
>     public void handshake() throws IOException {
>         if (state == State.NOT_INITALIZED)
>             startHandshake(); // this line
>         if (ready())
>             throw renegotiationException();
>         if (state == State.CLOSING)
>             throw closingException();
> {code}
> SSLEngine#beginHandshake is possible to throw authentication failures (for example, no suitable cipher suites) so we ought to catch SSLException and then convert it to SslAuthenticationException so as to process authentication failures correctly.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)