[jira] [Resolved] (KAFKA-15502) Handle large keystores in SslEngineValidator

Manikumar (Jira) Sun, 08 Oct 2023 00:04:05 -0700


     [ 
https://issues.apache.org/jira/browse/KAFKA-15502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Manikumar resolved KAFKA-15502.
-------------------------------
    Fix Version/s: 3.4.2
                   3.5.2
                   3.7.0
                   3.6.1
       Resolution: Fixed

> Handle large keystores in SslEngineValidator
> --------------------------------------------
>
>                 Key: KAFKA-15502
>                 URL: https://issues.apache.org/jira/browse/KAFKA-15502
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 3.6.0
>            Reporter: Manikumar
>            Assignee: Manikumar
>            Priority: Major
>             Fix For: 3.4.2, 3.5.2, 3.7.0, 3.6.1
>
>
> We have observed an issue where inter broker SSL listener is not coming up 
> for large keystores (size >16K)
> 1. Currently validator code doesn't work well with large stores. Right now, 
> WRAP returns if there is already data in the buffer. But if we need more data 
> to be wrapped for UNWRAP to succeed, we end up looping forever.
> 2. Observed large TLSv3 post handshake messages are not getting read and 
> causing validator code loop forever. This is observed with JDK17+
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (KAFKA-15502) Handle large keystores in SslEngineValidator

Reply via email to