Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-16000. Remove TLSv1 and SSLv2Hello from the default value of hadoop.ssl.enabled.protocols 

Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
This commit is contained in:
Gabor Bota 2018-12-12 07:28:35 +01:00 committed by Akira Ajisaka
parent 26e55d4ceb
commit 1ea29b7385
No known key found for this signature in database
GPG Key ID: C1EDBB9CA400FD50
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
View File

@ -72,7 +72,7 @@ public enum Mode { CLIENT, SERVER }
public static final String SSL_ENABLED_PROTOCOLS_KEY =
"hadoop.ssl.enabled.protocols";
public static final String SSL_ENABLED_PROTOCOLS_DEFAULT =
"TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
"TLSv1.1,TLSv1.2";
public static final String SSL_SERVER_NEED_CLIENT_AUTH =
"ssl.server.need.client.auth";

5
hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
View File

@ -2417,9 +2417,10 @@
<property>
<name>hadoop.ssl.enabled.protocols</name>
<value>TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2</value>
<value>TLSv1.1,TLSv1.2</value>
<description>
The supported SSL protocols.
The supported SSL protocols. The parameter will only used from
DatanodeHttpServer.
</description>
</property>