mumrah commented on a change in pull request #10199:
URL: https://github.com/apache/kafka/pull/10199#discussion_r582017351
##########
File path: tests/kafkatest/tests/core/security_test.py
##########
@@ -82,7 +82,19 @@ def test_client_ssl_endpoint_validation_failure(self,
security_protocol, interbr
# now set the certs to have invalid hostnames so we can run the actual
test
SecurityConfig.ssl_stores.valid_hostname = False
- self.kafka.restart_cluster()
+ if quorum.for_test(self.test_context) == quorum.zk or
interbroker_security_protocol != 'SSL':
+ self.kafka.restart_cluster()
+ else:
+ # Raft-based metadata quorum with SSL communication between quorum
and broker
+ # will simply fail to work due to TLS hostname mismatch
+ self.kafka.remote_controller_quorum.restart_cluster()
+ try:
+ self.kafka.restart_cluster()
+ raise RuntimeError("Kafka restarted successfully but should
not have!"
+ " Endpoint validation did not fail with
invalid hostname")
+ except TimeoutError:
Review comment:
How long does this test have to wait for the timeout?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
