hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wei-Chiu Chuang (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-12886) Exclude weak ciphers in SSLFactory through ssl-server.xml
Date Tue, 29 Mar 2016 22:34:25 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-12886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Wei-Chiu Chuang updated HADOOP-12886:
-------------------------------------
    Attachment: HADOOP-12886.004.patch

Thanks again [~zhz] for reviewing it.
In addition to addressing your comments, I added additional code to deal with the corner case
where the exclude list string is empty, and that it should initializes an empty list, instead
of initializing a one element list. This actually doesn't change anything though.

> Exclude weak ciphers in SSLFactory through ssl-server.xml
> ---------------------------------------------------------
>
>                 Key: HADOOP-12886
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12886
>             Project: Hadoop Common
>          Issue Type: Improvement
>    Affects Versions: 2.7.2
>            Reporter: Wei-Chiu Chuang
>            Assignee: Wei-Chiu Chuang
>              Labels: Netty, datanode, security
>         Attachments: HADOOP-12886.001.patch, HADOOP-12886.002.patch, HADOOP-12886.003.patch,
HADOOP-12886.004.patch
>
>
> HADOOP-12668 added support to exclude weak ciphers in HttpServer2, which is good for
name nodes. But data node web UI is based on Netty, which uses SSLFactory and does not read
ssl-server.xml to exclude the ciphers.
> We should also add the same support for Netty for consistency.
> I will attach a full patch later.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message