honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/plugin
History
Ioannis Kakavas ba37e3c4a0
Disable DiagnosticTrustManager in FIPS 140 (#49888) 
This commit changes the default behavior for
xpack.security.ssl.diagnose.trust when running in a FIPS 140 JVM.

More specifically, when xpack.security.fips_mode.enabled is true:

- If xpack.security.ssl.diagnose.trust is not explicitly set, the
    default value of it becomes false and a log message is printed
    on info level, notifying of the fact that the TLS/SSL diagnostic
    messages are not enabled when in a FIPS 140 JVM.
- If xpack.security.ssl.diagnose.trust is explicitly set, the value of
    it is honored, even in FIPS mode.

This is relevant only for 7.x where we support Java 8 in which
SunJSSE can still be used as a FIPS 140 provider for TLS. SunJSSE
in FIPS mode, disallows the use of other TrustManager implementations
than the one shipped with SunJSSE.
 		2020-01-13 17:04:23 +02:00
..
analytics Drop "funny" functions building parsers (#50715) (#50814) 2020-01-09 15:53:03 -05:00
ccr Make some ObjectParsers final (#50471) (#50556) 2020-01-02 10:47:38 -05:00
core Disable DiagnosticTrustManager in FIPS 140 (#49888) 2020-01-13 17:04:23 +02:00
deprecation Apply 2-space indent to all gradle scripts (#49071) 2019-11-14 11:01:23 +00:00
enrich Backport: Fix ingest simulate response document order if processor executes async (#50269) 2019-12-17 12:27:07 +01:00
frozen-indices Use more specific loggers in subclasses of TMNA (#50076) 2019-12-11 15:07:47 +00:00
graph Apply 2-space indent to all gradle scripts (#49071) 2019-11-14 11:01:23 +00:00
ilm [7.x] Fix SLM check for restore in progress (#50868) (#50876) 2020-01-10 14:27:55 -07:00
logstash Apply 2-space indent to all gradle scripts (#49071) 2019-11-14 11:01:23 +00:00
mapper-flattened Add telemetry for flattened fields. (#48972) (#49125) 2019-11-18 12:29:42 -08:00
ml [ML][Inference] minor fixes for created_by, and action permission (#50890) (#50911) 2020-01-13 07:59:31 -05:00
monitoring [7.x] Add ILM histore store index (#50287) (#50345) 2019-12-20 12:33:36 -07:00
rollup Use more specific loggers in subclasses of TMNA (#50076) 2019-12-11 15:07:47 +00:00
search-business-rules Use Void context on parsers where possible (#50573) (#50617) 2020-01-03 13:28:55 -05:00
security Disable DiagnosticTrustManager in FIPS 140 (#49888) 2020-01-13 17:04:23 +02:00
spatial Geo: Switch generated GeoJson type names to camel case (#50400) 2019-12-20 15:37:22 -05:00
sql Make .async-search-* a restricted namespace (#50294) 2020-01-13 12:20:54 +02:00
src/test [7.x] [ML][Inference] PUT API (#50852) (#50887) 2020-01-12 10:59:11 -05:00
transform [7.x][ML] Reuse SourceDestValidator for data frame analytics (#50841) (#50850) 2020-01-10 14:24:13 +02:00
vectors Increase the number of vector dims to 2048 (#46895) 2019-11-20 07:47:33 -05:00
voting-only-node Apply 2-space indent to all gradle scripts (#49071) 2019-11-14 11:01:23 +00:00
watcher Wrap triggering of a watch inside an assertBusy(...) invocation 2020-01-09 09:05:20 +01:00
build.gradle Skip enterprise license tests in release build (#50182) 2019-12-16 10:11:21 +11:00