[jira] [Commented] (NIFI-1907) SiteToSiteClient not properly using keystore and truststore properties

Tue, 24 May 2016 06:29:50 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-1907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15298169#comment-15298169
 ] 

ASF GitHub Bot commented on NIFI-1907:
--------------------------------------

Github user bbende commented on the pull request:

    https://github.com/apache/nifi/pull/457#issuecomment-221268368
  
    Going to merge this in since Joe was a +1...


> SiteToSiteClient not properly using keystore and truststore properties
> ----------------------------------------------------------------------
>
>                 Key: NIFI-1907
>                 URL: https://issues.apache.org/jira/browse/NIFI-1907
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 0.6.1
>            Reporter: Bryan Bende
>            Assignee: Bryan Bende
>             Fix For: 0.7.0
>
>
> SiteToSiteClient.Builder allows setting an SSLContext or setting all of the 
> individual SSL properties, it then has a method getSSLContext() which says 
> that if the sslContext is null return that, otherwise use the properties to 
> create one:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L575
> The problem is this getSSLContext() is never called. When the builder's 
> build() method is called, it passes the builder to 
> StandardSiteToSiteClientConfig and just assigns all the member variables with 
> direct access:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L722
> Later on in SocketClient it will call SiteToSiteClient.getSSLContext():
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java#L52
> This will still be null here if only the SSL properties were initially 
> specified on the builder, and therefore won't end up creating an Https 
> connection and thus failing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to