search

nats-io / nats-kafka

NATS to Kafka Bridging
Apache License 2.0
131 stars 32 forks source link

Conversion to SARAMA does not support SASL #26

Closed lmtyler closed 3 years ago

lmtyler commented 3 years ago

during the conversion to sarama the TLSConfig logic was dropped for SASL

Old code connector.go L153

    if conn.config.SASL.User == "" {
        tlsC, err = conn.config.TLS.MakeTLSConfig()
    } else {
        conn.dialer.SASLMechanism = plain.Mechanism{
            Username: conn.config.SASL.User,
            Password: conn.config.SASL.Password,
        }
        if conn.config.SASL.InsecureSkipVerify {
            tlsC = &tls.Config{
                InsecureSkipVerify: conn.config.SASL.InsecureSkipVerify,
            }
        }
    }

Now consumer, manager, and producer do not create the correct TLS Config needed for SASL

    if cc.SASL.User != "" {
        sc.Net.SASL.Enable = true
        sc.Net.SASL.User = cc.SASL.User
        sc.Net.SASL.Password = cc.SASL.Password
    } else if tlsC, err := cc.TLS.MakeTLSConfig(); err == nil {
        sc.Net.TLS.Enable = (tlsC != nil)
        sc.Net.TLS.Config = tlsC
    }
variadico commented 3 years ago

Aaah, ok. Will check this out today. Thanks for the heads up!

variadico commented 3 years ago

Could you share part of the configuration you use?