Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-4848

keystoreFilePath should be checked against null in SSLUtils#createSSLServerContext

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.2.0, 1.3.0
    • Fix Version/s: 1.3.0, 1.2.1
    • Component/s: Security
    • Labels:
      None

      Description

            String keystoreFilePath = sslConfig.getString(
              ConfigConstants.SECURITY_SSL_KEYSTORE,
              null);
      ...
            try {
              keyStoreFile = new FileInputStream(new File(keystoreFilePath));
      

      If keystoreFilePath is null, the File ctor would throw NPE.

        Issue Links

          Activity

          Hide
          yuzhihong@gmail.com Ted Yu added a comment - - edited

          There is similar issue with trustStoreFilePath:

                  trustStoreFile = new FileInputStream(new File(trustStoreFilePath));
          
          Show
          yuzhihong@gmail.com Ted Yu added a comment - - edited There is similar issue with trustStoreFilePath: trustStoreFile = new FileInputStream( new File(trustStoreFilePath));
          Hide
          githubbot ASF GitHub Bot added a comment -

          GitHub user zentol opened a pull request:

          https://github.com/apache/flink/pull/3677

          FLINK-4848 [ssl] Throw meaningful exception when SSL is misconfigured

          This PR provides better error messages when SSL is enabled but is missing crucial configuration options.

          You can merge this pull request into a Git repository by running:

          $ git pull https://github.com/zentol/flink 4848_ssl_npe

          Alternatively you can review and apply these changes as the patch at:

          https://github.com/apache/flink/pull/3677.patch

          To close this pull request, make a commit to your master/trunk branch
          with (at least) the following in the commit message:

          This closes #3677



          Show
          githubbot ASF GitHub Bot added a comment - GitHub user zentol opened a pull request: https://github.com/apache/flink/pull/3677 FLINK-4848 [ssl] Throw meaningful exception when SSL is misconfigured This PR provides better error messages when SSL is enabled but is missing crucial configuration options. You can merge this pull request into a Git repository by running: $ git pull https://github.com/zentol/flink 4848_ssl_npe Alternatively you can review and apply these changes as the patch at: https://github.com/apache/flink/pull/3677.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #3677
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user tedyu commented on the issue:

          https://github.com/apache/flink/pull/3677

          lgtm

          Thanks

          Show
          githubbot ASF GitHub Bot added a comment - Github user tedyu commented on the issue: https://github.com/apache/flink/pull/3677 lgtm Thanks
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user asfgit closed the pull request at:

          https://github.com/apache/flink/pull/3677

          Show
          githubbot ASF GitHub Bot added a comment - Github user asfgit closed the pull request at: https://github.com/apache/flink/pull/3677
          Hide
          Zentol Chesnay Schepler added a comment -

          1.2: 2c0e915a4e5bc742d2c04a1d768c0e69e3384ed8
          1.3: 80800d8cecee2d20add674bb2a74cd2065b52cf8

          Show
          Zentol Chesnay Schepler added a comment - 1.2: 2c0e915a4e5bc742d2c04a1d768c0e69e3384ed8 1.3: 80800d8cecee2d20add674bb2a74cd2065b52cf8

            People

            • Assignee:
              Zentol Chesnay Schepler
              Reporter:
              yuzhihong@gmail.com Ted Yu
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development