ambari git commit: AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered when Ambari starts up (rlevas)

Wed, 16 Nov 2016 11:44:53 -0800 

Repository: ambari
Updated Branches:
  refs/heads/branch-2.5 31caa528f -> 18ea7cf57


AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered 
when Ambari starts up (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/18ea7cf5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/18ea7cf5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/18ea7cf5

Branch: refs/heads/branch-2.5
Commit: 18ea7cf57997b0579407822f821c96d0b11bd7dd
Parents: 31caa52
Author: Robert Levas <[email protected]>
Authored: Wed Nov 16 14:43:41 2016 -0500
Committer: Robert Levas <[email protected]>
Committed: Wed Nov 16 14:43:55 2016 -0500

----------------------------------------------------------------------
 .../java/org/apache/ambari/server/controller/AmbariServer.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/18ea7cf5/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
index 193d677..d264dad 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -769,7 +769,7 @@ public class AmbariServer {
   private void disableInsecureProtocols(SslContextFactory factory) {
     // by default all protocols should be available
     factory.setExcludeProtocols();
-    factory.setIncludeProtocols(new String[] { "SSLv2Hello", "TLSv1" });
+    factory.setIncludeProtocols(new String[] 
{"SSLv2Hello","SSLv3","TLSv1","TLSv1.1","TLSv1.2"});
 
     if (!configs.getSrvrDisabledCiphers().isEmpty()) {
       String[] masks = 
configs.getSrvrDisabledCiphers().split(DISABLED_ENTRIES_SPLITTER);

Reply via email to