[
https://issues.apache.org/jira/browse/KAFKA-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15830388#comment-15830388
]
ASF GitHub Bot commented on KAFKA-4493:
---------------------------------------
GitHub user taku-k opened a pull request:
https://github.com/apache/kafka/pull/2408
KAFKA-4493: Validate a plaintext client connection to a SSL broker
When a SSL Alert protocol is received from the broker by sending a request
from a client, `InvalidTransportLayerException` is raised from `selector.poll`.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/taku-k/kafka taku-k/KAFKA-4493
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/kafka/pull/2408.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2408
----
commit 2fd95ae8b886075f7aefef32777de52547c9f740
Author: Takuya Kuwahara <taaku...@gmail.com>
Date: 2017-01-19T18:21:06Z
validate a plaintext client connection to a SSL broker
commit 51fa608083b4feefb21f4375d6eb591bf477b834
Author: Takuya Kuwahara <taaku...@gmail.com>
Date: 2017-01-19T18:39:51Z
add comment
----
> Connections to Kafka brokers should be validated
> ------------------------------------------------
>
> Key: KAFKA-4493
> URL: https://issues.apache.org/jira/browse/KAFKA-4493
> Project: Kafka
> Issue Type: Improvement
> Reporter: Ismael Juma
>
> There have been a few reports of Kafka clients throwing an OOM because they
> read 4 bytes from the stream and then use that to allocate a ByteBuffer
> without validating that they are using the right security protocol or even
> communicating with a Kafka broker.
> It would be good to perform some validation in order to show a useful error
> message to the user instead of the OOM.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
