cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jasobr...@apache.org
Subject [1/3] cassandra git commit: ninja-fix nit from casandra-8265 commit (make repeated strings a constant)
Date Thu, 13 Nov 2014 00:17:11 GMT
Repository: cassandra
Updated Branches:
  refs/heads/trunk e15cf78b5 -> 88d4a14a8


ninja-fix nit from casandra-8265 commit (make repeated strings a constant)


Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/37d33b20
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/37d33b20
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/37d33b20

Branch: refs/heads/trunk
Commit: 37d33b2086abb8e073a3ec7f9de23150eb49fb32
Parents: b93f48a
Author: Jason Brown <jasedbrown@gmail.com>
Authored: Wed Nov 12 16:12:36 2014 -0800
Committer: Jason Brown <jasedbrown@gmail.com>
Committed: Wed Nov 12 16:12:36 2014 -0800

----------------------------------------------------------------------
 src/java/org/apache/cassandra/security/SSLFactory.java    | 10 +++++-----
 .../apache/cassandra/thrift/CustomTThreadPoolServer.java  |  3 ++-
 src/java/org/apache/cassandra/transport/Server.java       |  2 +-
 src/java/org/apache/cassandra/transport/SimpleClient.java |  2 +-
 4 files changed, 9 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra/blob/37d33b20/src/java/org/apache/cassandra/security/SSLFactory.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/security/SSLFactory.java b/src/java/org/apache/cassandra/security/SSLFactory.java
index 260c828..956ba67 100644
--- a/src/java/org/apache/cassandra/security/SSLFactory.java
+++ b/src/java/org/apache/cassandra/security/SSLFactory.java
@@ -50,7 +50,7 @@ import com.google.common.collect.Sets;
 public final class SSLFactory
 {
     private static final Logger logger = LoggerFactory.getLogger(SSLFactory.class);
-
+    public static final String[] ACCEPTED_PROTOCOLS = new String[] {"SSLv2Hello", "TLSv1",
"TLSv1.1", "TLSv1.2"};
     private static boolean checkedExpiry = false;
 
     public static SSLServerSocket getServerSocket(EncryptionOptions options, InetAddress
address, int port) throws IOException
@@ -61,7 +61,7 @@ public final class SSLFactory
         String[] suits = filterCipherSuites(serverSocket.getSupportedCipherSuites(), options.cipher_suites);
         serverSocket.setEnabledCipherSuites(suits);
         serverSocket.setNeedClientAuth(options.require_client_auth);
-        serverSocket.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1",
"TLSv1.2"});
+        serverSocket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
         serverSocket.bind(new InetSocketAddress(address, port), 500);
         return serverSocket;
     }
@@ -73,7 +73,7 @@ public final class SSLFactory
         SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket(address, port,
localAddress, localPort);
         String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
         socket.setEnabledCipherSuites(suits);
-        socket.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2"});
+        socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
         return socket;
     }
 
@@ -84,7 +84,7 @@ public final class SSLFactory
         SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket(address, port);
         String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
         socket.setEnabledCipherSuites(suits);
-        socket.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2"});
+        socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
         return socket;
     }
 
@@ -95,7 +95,7 @@ public final class SSLFactory
         SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket();
         String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
         socket.setEnabledCipherSuites(suits);
-        socket.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2"});
+        socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
         return socket;
     }
 

http://git-wip-us.apache.org/repos/asf/cassandra/blob/37d33b20/src/java/org/apache/cassandra/thrift/CustomTThreadPoolServer.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/thrift/CustomTThreadPoolServer.java b/src/java/org/apache/cassandra/thrift/CustomTThreadPoolServer.java
index 3111deb..f25c761 100644
--- a/src/java/org/apache/cassandra/thrift/CustomTThreadPoolServer.java
+++ b/src/java/org/apache/cassandra/thrift/CustomTThreadPoolServer.java
@@ -35,6 +35,7 @@ import org.slf4j.LoggerFactory;
 import org.apache.cassandra.concurrent.NamedThreadFactory;
 import org.apache.cassandra.config.DatabaseDescriptor;
 import org.apache.cassandra.config.EncryptionOptions.ClientEncryptionOptions;
+import org.apache.cassandra.security.SSLFactory;
 import org.apache.thrift.TException;
 import org.apache.thrift.TProcessor;
 import org.apache.thrift.protocol.TProtocol;
@@ -254,7 +255,7 @@ public class CustomTThreadPoolServer extends TServer
                     }
                     TServerSocket sslServer = TSSLTransportFactory.getServerSocket(addr.getPort(),
0, addr.getAddress(), params);
                     SSLServerSocket sslServerSocket = (SSLServerSocket) sslServer.getServerSocket();
-                    sslServerSocket.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1",
"TLSv1.1", "TLSv1.2"});
+                    sslServerSocket.setEnabledProtocols(SSLFactory.ACCEPTED_PROTOCOLS);
                     serverTransport = new TCustomServerSocket(sslServer.getServerSocket(),
args.keepAlive, args.sendBufferSize, args.recvBufferSize);
                 }
                 else

http://git-wip-us.apache.org/repos/asf/cassandra/blob/37d33b20/src/java/org/apache/cassandra/transport/Server.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/transport/Server.java b/src/java/org/apache/cassandra/transport/Server.java
index 092e1ba..df4f127 100644
--- a/src/java/org/apache/cassandra/transport/Server.java
+++ b/src/java/org/apache/cassandra/transport/Server.java
@@ -296,7 +296,7 @@ public class Server implements CassandraDaemon.Server
             sslEngine.setUseClientMode(false);
             sslEngine.setEnabledCipherSuites(encryptionOptions.cipher_suites);
             sslEngine.setNeedClientAuth(encryptionOptions.require_client_auth);
-            sslEngine.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1",
"TLSv1.2"});
+            sslEngine.setEnabledProtocols(SSLFactory.ACCEPTED_PROTOCOLS);
             
             SslHandler sslHandler = new SslHandler(sslEngine);
             sslHandler.setIssueHandshake(true);

http://git-wip-us.apache.org/repos/asf/cassandra/blob/37d33b20/src/java/org/apache/cassandra/transport/SimpleClient.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/transport/SimpleClient.java b/src/java/org/apache/cassandra/transport/SimpleClient.java
index 3bcf751..1ed9ab9 100644
--- a/src/java/org/apache/cassandra/transport/SimpleClient.java
+++ b/src/java/org/apache/cassandra/transport/SimpleClient.java
@@ -259,7 +259,7 @@ public class SimpleClient
             SSLEngine sslEngine = sslContext.createSSLEngine();
             sslEngine.setUseClientMode(true);
             sslEngine.setEnabledCipherSuites(encryptionOptions.cipher_suites);
-            sslEngine.setEnabledProtocols(new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1",
"TLSv1.2"});
+            sslEngine.setEnabledProtocols(SSLFactory.ACCEPTED_PROTOCOLS);
             ChannelPipeline pipeline = super.getPipeline();
 
             pipeline.addFirst("ssl", new SslHandler(sslEngine));


Mime
View raw message