Github user ivmaykov commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/710#discussion_r235489458
--- Diff:
zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java ---
@@ -60,6 +60,12 @@
public abstract class X509Util {
private static final Logger LOG =
LoggerFactory.getLogger(X509Util.class);
+ static {
+ // Client-initiated renegotiation in TLS is unsafe and
+ // allows MITM attacks, so we should always disable it.
+ System.setProperty("jdk.tls.rejectClientInitiatedRenegotiation",
"true");
--- End diff --
I'm not sure. However, setting it to true before any SSLContext objects are
created by X509Util seems to do the trick. I'm not sure if flipping it back to
`false` after the server is running and sockets are created would lead to
future connections allowing client-initiated renegotiation or not. I don't
think it matters since we don't have a way to flip the option back to `false`.
---
