ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered when Ambari starts up (rlevas)
Date Wed, 16 Nov 2016 19:45:04 GMT
Repository: ambari
Updated Branches:
  refs/heads/branch-2.4 6db111308 -> b8d658059


AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered when Ambari
starts up (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/b8d65805
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/b8d65805
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/b8d65805

Branch: refs/heads/branch-2.4
Commit: b8d6580593e13f1b5c722bca73190c07b5ed1e41
Parents: 6db1113
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Wed Nov 16 14:44:56 2016 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Wed Nov 16 14:44:56 2016 -0500

----------------------------------------------------------------------
 .../java/org/apache/ambari/server/controller/AmbariServer.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/b8d65805/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
index aa6c394..cb631d2 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -715,7 +715,7 @@ public class AmbariServer {
   private void disableInsecureProtocols(SslContextFactory factory) {
     // by default all protocols should be available
     factory.setExcludeProtocols();
-    factory.setIncludeProtocols(new String[] { "SSLv2Hello","TLSv1"});
+    factory.setIncludeProtocols(new String[] {"SSLv2Hello","SSLv3","TLSv1","TLSv1.1","TLSv1.2"});
 
     if (!configs.getSrvrDisabledCiphers().isEmpty()) {
       String[] masks = configs.getSrvrDisabledCiphers().split(DISABLED_ENTRIES_SPLITTER);


Mime
View raw message