librdkafka icon indicating copy to clipboard operation
librdkafka copied to clipboard

Published 20 hours ago verified publisher icon confluentinc

Fix checking SASLHandshake from APIVersions

Open oliversun9 opened this issue 7 months ago • 1 comments

librdkafka's current (SASL) authentication behavior:

  1. It sends an APIVersions request and sets RD_KAFKA_FEATURE_SASL_HANDSHAKE if the supported versions of SASLHandshake from server overlap with [0, 0].

  2. If not set, it errors with SASL Handshake not supported by broker.

  3. If set, it sends a SASLHandshake request at the supported highest version in [0, 1].

In short, if the server doesn't support version 0, librdkafka errors. If the server supports version 0 and 1, librdkafka sends a request at version 1.

This PR fixes step 1 to make it allow versions [0, 1], consistent with step 3.

oliversun9 avatar Mar 06 '25 03:03 oliversun9