[jira] [Commented] (NIFI-1907) SiteToSiteClient not properly using keystore and truststore properties

Tue, 24 May 2016 07:01:21 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-1907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15298202#comment-15298202
 ] 

ASF subversion and git services commented on NIFI-1907:
-------------------------------------------------------

Commit 5df67c5dc2be0570eb833a9be5b352a4b2b7246c in nifi's branch 
refs/heads/master from [~bbende]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=5df67c5 ]

NIFI-1907 Moving lazy init of SSLContext to StandardSiteToSiteClientConfig 
rather than the builder

This closes #457.


> SiteToSiteClient not properly using keystore and truststore properties
> ----------------------------------------------------------------------
>
>                 Key: NIFI-1907
>                 URL: https://issues.apache.org/jira/browse/NIFI-1907
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 0.6.1
>            Reporter: Bryan Bende
>            Assignee: Bryan Bende
>             Fix For: 0.7.0
>
>
> SiteToSiteClient.Builder allows setting an SSLContext or setting all of the 
> individual SSL properties, it then has a method getSSLContext() which says 
> that if the sslContext is null return that, otherwise use the properties to 
> create one:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L575
> The problem is this getSSLContext() is never called. When the builder's 
> build() method is called, it passes the builder to 
> StandardSiteToSiteClientConfig and just assigns all the member variables with 
> direct access:
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L722
> Later on in SocketClient it will call SiteToSiteClient.getSSLContext():
> https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java#L52
> This will still be null here if only the SSL properties were initially 
> specified on the builder, and therefore won't end up creating an Https 
> connection and thus failing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to