[NIFI-1907] SiteToSiteClient not properly using keystore and truststore properties - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 0.6.1
Fix Version/s: 1.0.0, 0.7.0, 1.0.0-Beta
Component/s: None
Labels:
None

Description

SiteToSiteClient.Builder allows setting an SSLContext or setting all of the individual SSL properties, it then has a method getSSLContext() which says that if the sslContext is null return that, otherwise use the properties to create one:

https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L575

The problem is this getSSLContext() is never called. When the builder's build() method is called, it passes the builder to StandardSiteToSiteClientConfig and just assigns all the member variables with direct access:

https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L722

Later on in SocketClient it will call SiteToSiteClient.getSSLContext():

https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java#L52

This will still be null here if only the SSL properties were initially specified on the builder, and therefore won't end up creating an Https connection and thus failing.

Attachments

Issue Links

links to

GitHub Pull Request #457

Activity

People

Assignee:

Bryan Bende

Reporter:

Bryan Bende

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

20/May/16 13:09

Updated:

04/Aug/16 21:29

Resolved:

24/May/16 14:00