[
https://issues.apache.org/jira/browse/HADOOP-16718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16978839#comment-16978839
]
Siyao Meng commented on HADOOP-16718:
-------------------------------------
6. One more thing about the branch. I see the patch applies cleanly on trunk.
There shouldn't be any conflicts/incompatibilities. This way we should do the
work on trunk first then backport it to 3.2/3.1 (should still be clean). It
should be safe to simply remove the {{-branch-3.2-}} in the patch name so the
precommits can run on trunk.
> Allow disabling Server Name Indication (SNI) for Jetty
> ------------------------------------------------------
>
> Key: HADOOP-16718
> URL: https://issues.apache.org/jira/browse/HADOOP-16718
> Project: Hadoop Common
> Issue Type: Improvement
> Affects Versions: 3.2.1
> Reporter: Siyao Meng
> Assignee: Aravindan Vijayan
> Priority: Major
> Fix For: 3.2.2
>
> Attachments: HADOOP-16718-branch-3.2-v000.patch
>
>
> As of now, {{createHttpsChannelConnector()}} enables SNI by default with
> Jetty:
> {code}
> private ServerConnector createHttpsChannelConnector(
> Server server, HttpConfiguration httpConfig) {
> httpConfig.setSecureScheme(HTTPS_SCHEME);
> httpConfig.addCustomizer(new SecureRequestCustomizer());
> ServerConnector conn = createHttpChannelConnector(server, httpConfig);
> {code}
> with the default constructor without any parameters automatically setting
> {{sniHostCheck}} to {{true}}:
> {code}
> public SecureRequestCustomizer()
> {
> this(true);
> }
> {code}
> Proposal: We should make this configurable and probably default this to false.
> Credit: Aravindan Vijayan
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
