[
https://issues.apache.org/jira/browse/GEODE-1372?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15277271#comment-15277271
]
ASF subversion and git services commented on GEODE-1372:
--------------------------------------------------------
Commit 662e8cc7b5aef258ad2f478cf32db25d844bc8d2 in incubator-geode's branch
refs/heads/feature/GEODE-1372 from [~bschuchardt]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=662e8cc ]
GEODE-1372 Geode UDP communications are not secure when SSL is configured
This branch contains Diffe Hellman encoding of UDP communications in Geode
using the encryption scheme that is already available for client/server
communications. The current implementation uses security-client-dhalgo
to enable encryption.
Membership views hold the public keys of peers. GMSEncrypt is a new
object that is held by JGroupsMessenger and is used to perform the
encryption/decryption.
GMSJoinLeave is modified to send a new member's public key to the
membership coordinator. The coordinator sends its public key back prior
to announcing the new membership view with the new member. This should
be changed to have the coordinator's public key be sent to the joining
member and the coordinator should get the new member's public key from
a locator as well.
GMSEncrypt needs to be changed to record time spent encrypting and
decrypting in DistributionStats as well as the number of encryptions/decryptions
performed.
> Geode UDP communications are not secure when SSL is configured
> --------------------------------------------------------------
>
> Key: GEODE-1372
> URL: https://issues.apache.org/jira/browse/GEODE-1372
> Project: Geode
> Issue Type: New Feature
> Components: membership
> Reporter: Bruce Schuchardt
>
> Gemfire servers use UDP requests to communicate membership views, suspect
> processing and other information. When gemfire SSL is enabled, only the TCP
> requests are encrypted and UDP requests are not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
