[jira] [Comment Edited] (CASSANDRA-18124) Config parameter keystore_password should be nullable

Mon, 10 Apr 2023 13:42:07 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-18124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17710306#comment-17710306
 ] 

Maulin Vasavada edited comment on CASSANDRA-18124 at 4/10/23 8:41 PM:
----------------------------------------------------------------------

[~smiklosovic] This might have conflict with 4.1 because the trunk's 
compilation on examples/ssl-factory was broken and originally you fixed it in 
your branch and I picked up the same changes in my PR. I made sure in my PR I 
have a separate commit just to fix that compilation issue on the trunk to 
clearly see what was needed for that vs my actual intended changes for this 
ticket.

 

Yes based on CASSANDRA-17513 changes the examples/ssl-factory needed to have 
the changes it didn't have I think.


was (Author: maulin.vasavada):
[~smiklosovic] This might have conflict with 4.1 because the trunk's 
compilation on examples/ssl-factory was broken and originally you fixed it in 
your branch and I picked up the same changes in my PR. I made sure in my PR I 
have a separate commit just to fix that compilation issue on the trunk to 
clearly see what was needed for that vs my actual intended changes for this 
ticket.

> Config parameter keystore_password should be nullable
> -----------------------------------------------------
>
>                 Key: CASSANDRA-18124
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-18124
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Local/Config
>            Reporter: Tibor Repasi
>            Assignee: Maulin Vasavada
>            Priority: Normal
>             Fix For: 4.1.x, 5.x
>
>          Time Spent: 5h 10m
>  Remaining Estimate: 0h
>
> Some SSL configuration may pass unencrypted private keys. PEMReader might 
> accept that by assuming keyPassword to be null in that case (e.g. 
> https://github.com/apache/cassandra/blob/f9e033f519c14596da4dc954875756a69aea4e78/src/java/org/apache/cassandra/security/PEMReader.java#L103).
> Current configuration reader does not accept keystore_password parameter to 
> be set null or empty in the cassandra.yaml.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to