nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (NIFI-2266) GetHTTP and PutHTTP use hard-coded TLS protocol version
Date Tue, 13 Sep 2016 18:23:21 GMT


ASF GitHub Bot commented on NIFI-2266:

Github user mosermw commented on the issue:
    I had the same unit test failure as @pvillard31.  Once I resolved that locally, I confirmed
that this change works against the URL listed in NIFI-2373.  contrib-check passes.
    This also cherry-picks cleanly into the 0.x branch, but the testDefaultShouldPreferTLSv1_2()
method of TestGetHTTPGroovy.groovy doesn't work with Java 7.  It would need the same mods
as the corresponding method in TestPostHTTPGroovy.groovy.

> GetHTTP and PutHTTP use hard-coded TLS protocol version
> -------------------------------------------------------
>                 Key: NIFI-2266
>                 URL:
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>    Affects Versions: 0.7.0, 0.6.1
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>              Labels: https, security, tls
>   Original Estimate: 1h
>  Remaining Estimate: 1h
> As pointed out on the mailing list [1], the {{GetHTTP}} (and likely {{PutHTTP}}) processors
use a hard-coded TLS protocol version. {{PostHTTP}} also did this and was fixed by [NIFI-1688].

> The same fix should apply here and unit tests already exist which can be applied to the
other processors as well. 
> For future notice, {{InvokeHTTP}} is a better processor for generic HTTP operations and
has supported reading the TLS protocol version from the {{SSLContextService}} for some time.

> [1]

This message was sent by Atlassian JIRA

View raw message