geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [17/33] incubator-geode git commit: GEODE-620 Geode SSL configuration is out of date
Date Thu, 17 Mar 2016 22:58:17 GMT
GEODE-620 Geode SSL configuration is out of date

In reviewing uses of SSL I found that SocketCreator did not have support for
TLSv1.2 and that one of the test classes had a reference to an RC4-based
cipher suite.


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/442718f4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/442718f4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/442718f4

Branch: refs/heads/feature/GEODE-1050
Commit: 442718f45f49add3c4b1e4d47049174f038663b3
Parents: d8f28d2
Author: Bruce Schuchardt <bschuchardt@pivotal.io>
Authored: Wed Mar 16 15:57:55 2016 -0700
Committer: Bruce Schuchardt <bschuchardt@pivotal.io>
Committed: Wed Mar 16 16:01:17 2016 -0700

----------------------------------------------------------------------
 .../src/main/java/com/gemstone/gemfire/internal/SocketCreator.java | 2 +-
 geode-core/src/test/java/security/SSLCredentialGenerator.java      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/442718f4/geode-core/src/main/java/com/gemstone/gemfire/internal/SocketCreator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/SocketCreator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/SocketCreator.java
index 5bfa7bd..458f41a 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/SocketCreator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/SocketCreator.java
@@ -571,7 +571,7 @@ public class SocketCreator {
       return c;
     }
     // lookup known algorithms
-    String[] knownAlgorithms = {"SSL", "SSLv2", "SSLv3", "TLS", "TLSv1", "TLSv1.1"};
+    String[] knownAlgorithms = {"SSL", "SSLv2", "SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"};
     for (String algo : knownAlgorithms) {
       try {
         c = SSLContext.getInstance(algo);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/442718f4/geode-core/src/test/java/security/SSLCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/security/SSLCredentialGenerator.java b/geode-core/src/test/java/security/SSLCredentialGenerator.java
index e547630..d05e963 100755
--- a/geode-core/src/test/java/security/SSLCredentialGenerator.java
+++ b/geode-core/src/test/java/security/SSLCredentialGenerator.java
@@ -76,7 +76,7 @@ public class SSLCredentialGenerator extends CredentialGenerator {
     Properties props = new Properties();
     props.setProperty("ssl-enabled", "true");
     props.setProperty("ssl-require-authentication", "true");
-    props.setProperty("ssl-ciphers", "SSL_RSA_WITH_RC4_128_MD5");
+    props.setProperty("ssl-ciphers", "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
     props.setProperty("ssl-protocols", "TLSv1");
     return props;
   }


Mime
View raw message