HADOOP-16000. Remove TLSv1 and SSLv2Hello from the default value of hadoop.ssl.enabled.protocols
Signed-off-by: Akira Ajisaka <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1ea29b73 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1ea29b73 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1ea29b73 Branch: refs/heads/HDFS-13891 Commit: 1ea29b7385bc1545d7aa452549073d81f0c24b36 Parents: 26e55d4 Author: Gabor Bota <[email protected]> Authored: Wed Dec 12 07:28:35 2018 +0100 Committer: Akira Ajisaka <[email protected]> Committed: Sat Dec 15 10:53:52 2018 +0900 ---------------------------------------------------------------------- .../main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 2 +- .../hadoop-common/src/main/resources/core-default.xml | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/1ea29b73/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java index 10c1d7d..3189b44 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java @@ -72,7 +72,7 @@ public class SSLFactory implements ConnectionConfigurator { public static final String SSL_ENABLED_PROTOCOLS_KEY = "hadoop.ssl.enabled.protocols"; public static final String SSL_ENABLED_PROTOCOLS_DEFAULT = - "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2"; + "TLSv1.1,TLSv1.2"; public static final String SSL_SERVER_NEED_CLIENT_AUTH = "ssl.server.need.client.auth"; http://git-wip-us.apache.org/repos/asf/hadoop/blob/1ea29b73/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml index f7d61c6..ddcee2f 100644 --- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml +++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml @@ -2417,9 +2417,10 @@ <property> <name>hadoop.ssl.enabled.protocols</name> - <value>TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2</value> + <value>TLSv1.1,TLSv1.2</value> <description> - The supported SSL protocols. + The supported SSL protocols. The parameter will only used from + DatanodeHttpServer. </description> </property> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
