[
https://issues.apache.org/jira/browse/KAFKA-7168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rajini Sivaram updated KAFKA-7168:
----------------------------------
Fix Version/s: (was: 2.0.1)
(was: 2.1.0)
2.0.0
> Broker shutdown during SSL handshake may be handled as handshake failure
> ------------------------------------------------------------------------
>
> Key: KAFKA-7168
> URL: https://issues.apache.org/jira/browse/KAFKA-7168
> Project: Kafka
> Issue Type: Bug
> Components: security
> Affects Versions: 1.0.2, 1.1.1, 2.0.0
> Reporter: Rajini Sivaram
> Assignee: Rajini Sivaram
> Priority: Major
> Fix For: 2.0.0
>
>
> If broker is shutdown while SSL handshake of a client connection is in
> progress, the client may process the resulting SSLException as a
> non-retriable handshake failure rather than a retriable I/O exception. This
> can cause streams applications to fail during rolling restarts.
> Exception stack trace:
> {quote}
> org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake
> failed
> Caused by: javax.net.ssl.SSLException: Received close_notify during handshake
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1607)
> at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1752)
> at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1068)
> at
> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:890)
> at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:764)
> at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
> at
> org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:465)
> at
> org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:266)
> at
> org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:88)
> at
> org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:474)
> at org.apache.kafka.common.network.Selector.poll(Selector.java:412)
> at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:460)
> at
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:258)
> at
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:230)
> at
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:206)
> at
> org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:219)
> at
> org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:205)
> at
> org.apache.kafka.clients.consumer.internals.ConsumerCoordinator.poll(ConsumerCoordinator.java:284)
> at
> org.apache.kafka.clients.consumer.KafkaConsumer.pollOnce(KafkaConsumer.java:1146)
> at
> org.apache.kafka.clients.consumer.KafkaConsumer.poll(KafkaConsumer.java:1111)
> at
> org.apache.kafka.streams.processor.internals.StreamThread.pollRequests(StreamThread.java:848)
> at
> org.apache.kafka.streams.processor.internals.StreamThread.runOnce(StreamThread.java:805)
> at
> org.apache.kafka.streams.processor.internals.StreamThread.runLoop(StreamThread.java:771)
> at
> org.apache.kafka.streams.processor.internals.StreamThread.run(StreamThread.java:741)
> {quote}
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
