You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by "Joseph Witt (JIRA)" <ji...@apache.org> on 2016/02/23 22:17:18 UTC
[jira] [Created] (NIFI-1558) Kafka processor clients write
potentially sensitive info to the logs
Joseph Witt created NIFI-1558:
---------------------------------
Summary: Kafka processor clients write potentially sensitive info to the logs
Key: NIFI-1558
URL: https://issues.apache.org/jira/browse/NIFI-1558
Project: Apache NiFi
Issue Type: Bug
Components: Extensions
Affects Versions: 0.5.0
Reporter: Joseph Witt
Fix For: 0.6.0
I noticed the logs on startup have things like the following. This needs to be suppressed as it is of relatively low value but relatively high risk given that it appears it would write out ssl key passphrases and such.
{quote}
2016-02-23 21:13:56,626 INFO [pool-29-thread-7] o.a.k.clients.producer.ProducerConfig ProducerConfig values:
compression.type = none
metric.reporters = []
metadata.max.age.ms = 300000
metadata.fetch.timeout.ms = 30000
reconnect.backoff.ms = 50
sasl.kerberos.ticket.renew.window.factor = 0.8
bootstrap.servers = [172.31.8.34:9093]
retry.backoff.ms = 100
sasl.kerberos.kinit.cmd = /usr/bin/kinit
buffer.memory = 1048576
timeout.ms = 30000
key.serializer = class org.apache.kafka.common.serialization.ByteArraySerializer
sasl.kerberos.service.name = null
sasl.kerberos.ticket.renew.jitter = 0.05
ssl.keystore.type = JKS
ssl.trustmanager.algorithm = PKIX
block.on.buffer.full = false
ssl.key.password = null
max.block.ms = 60000
sasl.kerberos.min.time.before.relogin = 60000
connections.max.idle.ms = 540000
ssl.truststore.password = null
max.in.flight.requests.per.connection = 5
metrics.num.samples = 2
client.id = NiFi-2243c3f9-bd2b-4bfe-b515-09791ec25c4c
ssl.endpoint.identification.algorithm = null
ssl.protocol = TLS
request.timeout.ms = 30000
ssl.provider = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]
acks = 0
batch.size = 200
ssl.keystore.location = null
receive.buffer.bytes = 32768
ssl.cipher.suites = null
ssl.truststore.type = JKS
security.protocol = PLAINTEXT
retries = 0
max.request.size = 1048576
value.serializer = class org.apache.kafka.common.serialization.ByteArraySerializer
ssl.truststore.location = null
ssl.keystore.password = null
ssl.keymanager.algorithm = SunX509
metrics.sample.window.ms = 30000
partitioner.class = class org.apache.kafka.clients.producer.internals.DefaultPartitioner
send.buffer.bytes = 131072
linger.ms = 5000
{quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)