Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: fix shouldNotBeAbleToUseWssIfClientDoesNotTrustServerCert test #7614

Merged
merged 1 commit into from
Jun 1, 2021
Merged

test: fix shouldNotBeAbleToUseWssIfClientDoesNotTrustServerCert test #7614

merged 1 commit into from
Jun 1, 2021

Conversation

jzaralim
Copy link
Contributor

Description

From https://kafka.apache.org/21/documentation.html#upgrade_200_notable:

The default value for ssl.endpoint.identification.algorithm was changed to https, which performs hostname verification (man-in-the-middle attacks are possible otherwise). Set ssl.endpoint.identification.algorithm to an empty string to restore the previous behaviour.

Reviewer checklist

  • Ensure docs are updated if necessary. (eg. if a user visible feature is being added or changed).
  • Ensure relevant issues are linked (description should include text like "Fixes #")

@jzaralim jzaralim requested a review from a team as a code owner May 31, 2021 21:20
@jzaralim jzaralim changed the base branch from master to 5.2.x May 31, 2021 21:21
@vcrfxia vcrfxia changed the title fix: fix shouldNotBeAbleToUseWssIfClientDoesNotTrustServerCert test test: fix shouldNotBeAbleToUseWssIfClientDoesNotTrustServerCert test Jun 1, 2021
vcrfxia
vcrfxia approved these changes Jun 1, 2021
View reviewed changes
Copy link
Contributor

@vcrfxia vcrfxia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @jzaralim . LGTM except I'm confused why this change is only needed now. The release notes linked in the PR description are for 2.0.0, which means this change has been present ever since 5.2.x was created?

Also I updated the PR title from "fix" to "test" since this is a test-only change (and does not need to appear in the auto-generated changelog as a result).

@andrewegel andrewegel merged commit 39ef7bb into confluentinc:5.2.x Jun 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewegel andrewegel andrewegel approved these changes

@vcrfxia vcrfxia vcrfxia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jzaralim @andrewegel @vcrfxia