Till Rohrmann created FLINK-9437:
------------------------------------
Summary: Revert cypher suite update
Key: FLINK-9437
URL: https://issues.apache.org/jira/browse/FLINK-9437
Project: Flink
Issue Type: Bug
Components: Security
Affects Versions: 1.5.0
Reporter: Till Rohrmann
Fix For: 1.5.1
The changes of FLINK-9310 causes Flink to fail when sending data between
{{TaskManagers}} as reported by a user [1]. The problem seems to be that
Netty's {{SslHandler}} (v4.0.27) tries to allocate heap buffers when using a
GCM enabled cypher suite. However, since we explicitly prohibit the allocation
of heap buffers it fails. In later Netty versions, this behaviour seems to be
fixed.
I propose to revert the changes of FLINK-9310 and set the default cypher
algorithm to {{TLS_RSA_WITH_AES_128_CBC_SHA}}.
[1]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/Flink-1-5-Job-fails-to-execute-in-multiple-taskmanagers-parallelism-gt-1-td22467.html
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
