[GitHub] ctubbsii closed pull request #417: Make TLSv1.2 the default

Mon, 09 Apr 2018 13:41:01 -0700 

ctubbsii closed pull request #417: Make TLSv1.2 the default
URL: https://github.com/apache/accumulo/pull/417
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/core/src/main/java/org/apache/accumulo/core/conf/Property.java 
b/core/src/main/java/org/apache/accumulo/core/conf/Property.java
index eea039f75d..1eed867d01 100644
--- a/core/src/main/java/org/apache/accumulo/core/conf/Property.java
+++ b/core/src/main/java/org/apache/accumulo/core/conf/Property.java
@@ -130,11 +130,9 @@
           + "javax.net.ssl.* Accumulo properties"),
   RPC_SSL_CIPHER_SUITES("rpc.ssl.cipher.suites", "", PropertyType.STRING,
       "Comma separated list of cipher suites that can be used by accepted 
connections"),
-  RPC_SSL_ENABLED_PROTOCOLS("rpc.ssl.server.enabled.protocols", 
"TLSv1,TLSv1.1,TLSv1.2",
-      PropertyType.STRING,
+  RPC_SSL_ENABLED_PROTOCOLS("rpc.ssl.server.enabled.protocols", "TLSv1.2", 
PropertyType.STRING,
       "Comma separated list of protocols that can be used to accept 
connections"),
-  // TLSv1.2 should be used as the default when JDK6 support is dropped
-  RPC_SSL_CLIENT_PROTOCOL("rpc.ssl.client.protocol", "TLSv1", 
PropertyType.STRING,
+  RPC_SSL_CLIENT_PROTOCOL("rpc.ssl.client.protocol", "TLSv1.2", 
PropertyType.STRING,
       "The protocol used to connect to a secure server, must be in the list of 
enabled protocols "
           + "on the server side (rpc.ssl.server.enabled.protocols)"),
   /**
@@ -580,8 +578,8 @@
   MONITOR_SSL_EXCLUDE_CIPHERS("monitor.ssl.exclude.ciphers", "", 
PropertyType.STRING,
       "A comma-separated list of disallowed SSL Ciphers, see"
           + " monitor.ssl.include.ciphers to allow ciphers"),
-  MONITOR_SSL_INCLUDE_PROTOCOLS("monitor.ssl.include.protocols", 
"TLSv1,TLSv1.1,TLSv1.2",
-      PropertyType.STRING, "A comma-separate list of allowed SSL protocols"),
+  MONITOR_SSL_INCLUDE_PROTOCOLS("monitor.ssl.include.protocols", "TLSv1.2", 
PropertyType.STRING,
+      "A comma-separate list of allowed SSL protocols"),
 
   MONITOR_LOCK_CHECK_INTERVAL("monitor.lock.check.interval", "5s", 
PropertyType.TIMEDURATION,
       "The amount of time to sleep between checking for the Montior ZooKeeper 
lock"),


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to