GitHub user jskora opened a pull request:
https://github.com/apache/nifi/pull/811
NIFI-2503 Backport PostHTTP SSL Protocol fix to 0.x branch
Merge changes from
[NIFI-1688](https://issues.apache.org/jira/browse/NIFI-1688) /
[PR-624](https://github.com/apache/nifi/pull/624/files) into 0.x branch.
Changes apply cleanly and test without problem.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/jskora/nifi NIFI-2503
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/811.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #811
----
commit b3cb5d7ead12f8fc970a1c44dd54cb2176c08683
Author: Andy LoPresto <[email protected]>
Date: 2016-06-21T22:31:56Z
NIFI-1688 Added test skeleton.
commit a20c4c46696eac123f09bfdf3a5053b7bbc9e0ce
Author: Andy LoPresto <[email protected]>
Date: 2016-06-21T22:32:54Z
NIFI-1688 Cleaned up unnecessary imports.
commit 0ac084142ca7946d8a7bc1d91b1820a4ad4e2789
Author: Andy LoPresto <[email protected]>
Date: 2016-06-23T03:52:37Z
NIFI-1688 Implemented integration test that generates key pair, inserts
into and persists keystore, starts embedded HTTPS Jetty server, connects, and
verifies response.
Currently only TLSv1.2 connections are successful because of the overlap of
cipher suites.
Will manually insert cipher suites into server for TLSv1 and TLSv1.1
support.
commit 60a06e40fa1d423d628eb77922294e676fd6e1fc
Author: Andy LoPresto <[email protected]>
Date: 2016-06-23T15:13:08Z
NIFI-1688 Added debug information for supported cipher suites.
commit 90fdce25579256223cfeda8cb13ff786d20e1714
Author: Andy LoPresto <[email protected]>
Date: 2016-06-24T01:01:28Z
NIFI-1688 Added test Groovlet for handling POST requests. Modified
construction of SSLSocketFactory to avoid hardcoding supported protocol. Added
integration tests (2 of 4 pass -- TLSv1.2 is supported on my machine but TLSv1
and TLSv1.1 are not).
commit fc864b2459e89406c66df20ad0edce18ce161296
Author: Andy LoPresto <[email protected]>
Date: 2016-06-24T03:43:04Z
NIFI-1688 Resolved issue in PostHTTP -- now uses SSLContextService's
protocol setting. Tests pass (require cleanup). Previously,
dynamically-generated keystores with only RSA certificates were not acceptable
for TLSv1 or TLSv1.1 connections which required DSA/DSS cipher suites for some
reason.
commit 26df6c8d9bf683a4b55665cdbcf6d4d196ed032d
Author: Andy LoPresto <[email protected]>
Date: 2016-06-24T03:48:16Z
NIFI-1688 Tests pass (cleanup still required).
commit 075a2731881ea1ddd8458b41b89ed427f224c194
Author: Andy LoPresto <[email protected]>
Date: 2016-06-29T22:41:32Z
NIFI-1688 Tests pass (cleanup still required).
commit 68e6e13b61d09266bdbf9d15a174c5b266e794e1
Author: Andy LoPresto <[email protected]>
Date: 2016-07-09T06:13:35Z
NIFI-1688 Finished integration tests for PostHTTP processor.
commit 8aef8f2313102a490f8707d70a6529e681bacad1
Author: Andy LoPresto <[email protected]>
Date: 2016-07-09T06:29:32Z
NIFI-1688 Removed legacy comments. Added ASF license to Groovlet handlers
for test.
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
