[21/51] [abbrv] ambari git commit: AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered when Ambari starts up (rlevas)

Mon, 27 Mar 2017 15:57:36 -0700 

AMBARI-18910. SSL/TLS protocols should be explicitly enabled and then filtered 
when Ambari starts up (rlevas)

(cherry picked from commit b8d6580593e13f1b5c722bca73190c07b5ed1e41)

Change-Id: Ic57e80b530905ce5831a096aa47531fe256ec705


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/4e03c183
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/4e03c183
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/4e03c183

Branch: refs/heads/AMBARI-2.4.2.16
Commit: 4e03c183a5e90af87594f506b9a3d0409d06ac5a
Parents: 8e34693
Author: Robert Levas <[email protected]>
Authored: Wed Nov 16 14:44:56 2016 -0500
Committer: Robert Levas <[email protected]>
Committed: Wed Nov 16 20:25:14 2016 +0000

----------------------------------------------------------------------
 .../java/org/apache/ambari/server/controller/AmbariServer.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/4e03c183/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
index aa6c394..cb631d2 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -715,7 +715,7 @@ public class AmbariServer {
   private void disableInsecureProtocols(SslContextFactory factory) {
     // by default all protocols should be available
     factory.setExcludeProtocols();
-    factory.setIncludeProtocols(new String[] { "SSLv2Hello","TLSv1"});
+    factory.setIncludeProtocols(new String[] 
{"SSLv2Hello","SSLv3","TLSv1","TLSv1.1","TLSv1.2"});
 
     if (!configs.getSrvrDisabledCiphers().isEmpty()) {
       String[] masks = 
configs.getSrvrDisabledCiphers().split(DISABLED_ENTRIES_SPLITTER);

Reply via email to