[jira] [Commented] (NIFI-1907) SiteToSiteClient not properly using keystore and truststore properties

Mon, 23 May 2016 07:00:52 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-1907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15296387#comment-15296387
 ] 

ASF GitHub Bot commented on NIFI-1907:
--------------------------------------

Github user joewitt commented on the pull request:

    https://github.com/apache/nifi/pull/457#issuecomment-220988156
  
    @bbende i think the move makes sense to improve the lifecycle of when such 
issues are detected.  However, it does seem like throwing RuntimeExceptions for 
those could be improved.  Could they instead be considered 
IllegalStateExceptions and be a documented part of that interface?  Also for 
the last runtime exception should we include the underlying exception when we 
create a new exception or do we intentionally bury it here?
    
    That said these questions/concerns are not 'because of this change' and i 
do agree the context should be constructed during the building phase of the 
client so I'm a +1 anyway.


> SiteToSiteClient not properly using keystore and truststore properties
> ----------------------------------------------------------------------
>
>                 Key: NIFI-1907
>                 URL: https://issues.apache.org/jira/browse/NIFI-1907
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 0.6.1
>            Reporter: Bryan Bende
>            Assignee: Bryan Bende
>             Fix For: 0.7.0
>
>
> SiteToSiteClient.Builder allows setting an SSLContext or setting all of the 
> individual SSL properties, it then has a method getSSLContext() which says 
> that if the sslContext is null return that, otherwise use the properties to 
> create one:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L575
> The problem is this getSSLContext() is never called. When the builder's 
> build() method is called, it passes the builder to 
> StandardSiteToSiteClientConfig and just assigns all the member variables with 
> direct access:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L722
> Later on in SocketClient it will call SiteToSiteClient.getSSLContext():
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java#L52
> This will still be null here if only the SSL properties were initially 
> specified on the builder, and therefore won't end up creating an Https 
> connection and thus failing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to