subject:"hadoop git commit\: HADOOP\-12817. Enable TLS v1.1 and 1.2 \(rkanter\)"

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

2018-02-14 Thread brahma

Repository: hadoop
Updated Branches:
  refs/heads/branch-2.8 bfd8fb309 -> 0ab74b21a


HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

(cherry picked from commit a365a3941cf96a31c289cb22678a602738880f74)
(cherry picked from commit f864faaafafcddb2bbcfd1171b4597e3e51e5c3d)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/0ab74b21
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/0ab74b21
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/0ab74b21

Branch: refs/heads/branch-2.8
Commit: 0ab74b21ab891e0b77382562d35b8cf04bb5554e
Parents: bfd8fb3
Author: Robert Kanter 
Authored: Thu Feb 18 11:09:50 2016 -0800
Committer: Brahma Reddy Battula 
Committed: Thu Feb 15 00:32:54 2018 +0530

--
 .../src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 3 ++-
 .../hadoop-common/src/main/resources/core-default.xml| 4 ++--
 .../src/site/markdown/EncryptedShuffle.md| 2 +-
 3 files changed, 5 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/0ab74b21/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
index 7148a65..45532bc 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
@@ -76,9 +76,10 @@ public class SSLFactory implements ConnectionConfigurator {
 
   public static final String SSL_ENABLED_PROTOCOLS_KEY =
   "hadoop.ssl.enabled.protocols";
-  public static final String SSL_ENABLED_PROTOCOLS_DEFAULT = "TLSv1";
   public static final String SSL_SERVER_EXCLUDE_CIPHER_LIST =
   "ssl.server.exclude.cipher.list";
+  public static final String SSL_ENABLED_PROTOCOLS_DEFAULT =
+  "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
 
   private Configuration conf;
   private Mode mode;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/0ab74b21/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml 
b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
index 6ef91b1..875ad53 100644
--- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
+++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
@@ -1850,9 +1850,9 @@
 
 
   hadoop.ssl.enabled.protocols
-  TLSv1
+  TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2
   
-Protocols supported by the ssl.
+The supported SSL protocols.
   
 
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/0ab74b21/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
--
diff --git 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
index c23be7a..4083182 100644
--- 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
+++ 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
@@ -44,7 +44,7 @@ To enable encrypted shuffle, set the following properties in 
core-site.xml of al
 | `hadoop.ssl.keystores.factory.class` | 
`org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory` | The 
KeyStoresFactory implementation to use |
 | `hadoop.ssl.server.conf` | `ssl-server.xml` | Resource file from which ssl 
server keystore information will be extracted. This file is looked up in the 
classpath, typically it should be in Hadoop conf/ directory |
 | `hadoop.ssl.client.conf` | `ssl-client.xml` | Resource file from which ssl 
server keystore information will be extracted. This file is looked up in the 
classpath, typically it should be in Hadoop conf/ directory |
-| `hadoop.ssl.enabled.protocols` | `TLSv1` | The supported SSL protocols (JDK6 
can use **TLSv1**, JDK7+ can use **TLSv1,TLSv1.1,TLSv1.2**) |
+| `hadoop.ssl.enabled.protocols` | `TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2` | The 
supported SSL protocols |
 
 **IMPORTANT:** Currently requiring client certificates should be set to false. 
Refer the [Client

[11/50] [abbrv] hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

2016-02-24 Thread jing9

HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/a365a394
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/a365a394
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/a365a394

Branch: refs/heads/HDFS-7240
Commit: a365a3941cf96a31c289cb22678a602738880f74
Parents: 5d1889a
Author: Robert Kanter 
Authored: Thu Feb 18 11:09:50 2016 -0800
Committer: Robert Kanter 
Committed: Thu Feb 18 11:09:50 2016 -0800

--
 hadoop-common-project/hadoop-common/CHANGES.txt  | 2 ++
 .../src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 3 ++-
 .../hadoop-common/src/main/resources/core-default.xml| 4 ++--
 .../src/site/markdown/EncryptedShuffle.md| 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/CHANGES.txt
--
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt 
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 9269960..41ba87d 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -691,6 +691,8 @@ Release 2.9.0 - UNRELEASED
 HADOOP-12710. Remove dependency on commons-httpclient for 
TestHttpServerLogs
 (Wei-Chiu Chuang via iwasakims)
 
+HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)
+
   BUG FIXES
 
 HADOOP-12605. Fix intermittent failure of TestIPC.testIpcWithReaderQueuing

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
index edec347..518de80 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
@@ -69,7 +69,8 @@ public class SSLFactory implements ConnectionConfigurator {
 
   public static final String SSL_ENABLED_PROTOCOLS =
   "hadoop.ssl.enabled.protocols";
-  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
+  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS =
+  "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
 
   private Configuration conf;
   private Mode mode;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml 
b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
index 34e1236..dd4919c 100644
--- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
+++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
@@ -1644,9 +1644,9 @@ for ldap providers in the same way as above does.
 
 
   hadoop.ssl.enabled.protocols
-  TLSv1
+  TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2
   
-Protocols supported by the ssl.
+The supported SSL protocols.
   
 
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
--
diff --git 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
index fddd84f..f679781 100644
--- 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
+++ 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
@@ -44,7 +44,7 @@ To enable encrypted shuffle, set the following properties in 
core-site.xml of al
 | `hadoop.ssl.keystores.factory.class` | 
`org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory` | The 
KeyStoresFactory implementation to use |
 | `hadoop.ssl.server.conf` | `ssl-server.xml` | Resource file from which ssl 
server keystore information will be extracted. This file is looked up in the 
classpath, typically it should be in Hadoop conf/ directory |
 | `hadoop.ssl.client.conf` | `ssl-client.xml` | Resource file from

[26/50] [abbrv] hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

2016-02-22 Thread arp

HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/a365a394
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/a365a394
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/a365a394

Branch: refs/heads/HDFS-1312
Commit: a365a3941cf96a31c289cb22678a602738880f74
Parents: 5d1889a
Author: Robert Kanter 
Authored: Thu Feb 18 11:09:50 2016 -0800
Committer: Robert Kanter 
Committed: Thu Feb 18 11:09:50 2016 -0800

--
 hadoop-common-project/hadoop-common/CHANGES.txt  | 2 ++
 .../src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 3 ++-
 .../hadoop-common/src/main/resources/core-default.xml| 4 ++--
 .../src/site/markdown/EncryptedShuffle.md| 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/CHANGES.txt
--
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt 
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 9269960..41ba87d 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -691,6 +691,8 @@ Release 2.9.0 - UNRELEASED
 HADOOP-12710. Remove dependency on commons-httpclient for 
TestHttpServerLogs
 (Wei-Chiu Chuang via iwasakims)
 
+HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)
+
   BUG FIXES
 
 HADOOP-12605. Fix intermittent failure of TestIPC.testIpcWithReaderQueuing

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
index edec347..518de80 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
@@ -69,7 +69,8 @@ public class SSLFactory implements ConnectionConfigurator {
 
   public static final String SSL_ENABLED_PROTOCOLS =
   "hadoop.ssl.enabled.protocols";
-  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
+  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS =
+  "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
 
   private Configuration conf;
   private Mode mode;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml 
b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
index 34e1236..dd4919c 100644
--- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
+++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
@@ -1644,9 +1644,9 @@ for ldap providers in the same way as above does.
 
 
   hadoop.ssl.enabled.protocols
-  TLSv1
+  TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2
   
-Protocols supported by the ssl.
+The supported SSL protocols.
   
 
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
--
diff --git 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
index fddd84f..f679781 100644
--- 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
+++ 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
@@ -44,7 +44,7 @@ To enable encrypted shuffle, set the following properties in 
core-site.xml of al
 | `hadoop.ssl.keystores.factory.class` | 
`org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory` | The 
KeyStoresFactory implementation to use |
 | `hadoop.ssl.server.conf` | `ssl-server.xml` | Resource file from which ssl 
server keystore information will be extracted. This file is looked up in the 
classpath, typically it should be in Hadoop conf/ directory |
 | `hadoop.ssl.client.conf` | `ssl-client.xml` | Resource file from

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

2016-02-18 Thread rkanter

Repository: hadoop
Updated Branches:
  refs/heads/trunk 5d1889a66 -> a365a3941


HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/a365a394
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/a365a394
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/a365a394

Branch: refs/heads/trunk
Commit: a365a3941cf96a31c289cb22678a602738880f74
Parents: 5d1889a
Author: Robert Kanter 
Authored: Thu Feb 18 11:09:50 2016 -0800
Committer: Robert Kanter 
Committed: Thu Feb 18 11:09:50 2016 -0800

--
 hadoop-common-project/hadoop-common/CHANGES.txt  | 2 ++
 .../src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 3 ++-
 .../hadoop-common/src/main/resources/core-default.xml| 4 ++--
 .../src/site/markdown/EncryptedShuffle.md| 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/CHANGES.txt
--
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt 
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 9269960..41ba87d 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -691,6 +691,8 @@ Release 2.9.0 - UNRELEASED
 HADOOP-12710. Remove dependency on commons-httpclient for 
TestHttpServerLogs
 (Wei-Chiu Chuang via iwasakims)
 
+HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)
+
   BUG FIXES
 
 HADOOP-12605. Fix intermittent failure of TestIPC.testIpcWithReaderQueuing

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
index edec347..518de80 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
@@ -69,7 +69,8 @@ public class SSLFactory implements ConnectionConfigurator {
 
   public static final String SSL_ENABLED_PROTOCOLS =
   "hadoop.ssl.enabled.protocols";
-  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
+  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS =
+  "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
 
   private Configuration conf;
   private Mode mode;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml 
b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
index 34e1236..dd4919c 100644
--- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
+++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
@@ -1644,9 +1644,9 @@ for ldap providers in the same way as above does.
 
 
   hadoop.ssl.enabled.protocols
-  TLSv1
+  TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2
   
-Protocols supported by the ssl.
+The supported SSL protocols.
   
 
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/a365a394/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
--
diff --git 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
index fddd84f..f679781 100644
--- 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
+++ 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
@@ -44,7 +44,7 @@ To enable encrypted shuffle, set the following properties in 
core-site.xml of al
 | `hadoop.ssl.keystores.factory.class` | 
`org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory` | The 
KeyStoresFactory implementation to use |
 | `hadoop.ssl.server.conf` | `ssl-server.xml` | Resource file from which ssl 
server keystore information will be extracted. This file is looked up in the 
classpath, typically it should be in Hadoop conf/

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

2016-02-18 Thread rkanter

Repository: hadoop
Updated Branches:
  refs/heads/branch-2 779a69e28 -> f864faaaf


HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

(cherry picked from commit a365a3941cf96a31c289cb22678a602738880f74)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/f864faaa
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/f864faaa
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/f864faaa

Branch: refs/heads/branch-2
Commit: f864faaafafcddb2bbcfd1171b4597e3e51e5c3d
Parents: 779a69e
Author: Robert Kanter 
Authored: Thu Feb 18 11:09:50 2016 -0800
Committer: Robert Kanter 
Committed: Thu Feb 18 11:11:32 2016 -0800

--
 hadoop-common-project/hadoop-common/CHANGES.txt  | 2 ++
 .../src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java | 3 ++-
 .../hadoop-common/src/main/resources/core-default.xml| 4 ++--
 .../src/site/markdown/EncryptedShuffle.md| 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/f864faaa/hadoop-common-project/hadoop-common/CHANGES.txt
--
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt 
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 4332c6c..e122df6 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -41,6 +41,8 @@ Release 2.9.0 - UNRELEASED
 HADOOP-12710. Remove dependency on commons-httpclient for 
TestHttpServerLogs
 (Wei-Chiu Chuang via iwasakims)
 
+HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)
+
   BUG FIXES
 
 HADOOP-12605. Fix intermittent failure of TestIPC.testIpcWithReaderQueuing

http://git-wip-us.apache.org/repos/asf/hadoop/blob/f864faaa/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
index edec347..518de80 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
@@ -69,7 +69,8 @@ public class SSLFactory implements ConnectionConfigurator {
 
   public static final String SSL_ENABLED_PROTOCOLS =
   "hadoop.ssl.enabled.protocols";
-  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
+  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS =
+  "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
 
   private Configuration conf;
   private Mode mode;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/f864faaa/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml 
b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
index e1cd883..839deed 100644
--- a/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
+++ b/hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
@@ -1646,9 +1646,9 @@ for ldap providers in the same way as above does.
 
 
   hadoop.ssl.enabled.protocols
-  TLSv1
+  TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2
   
-Protocols supported by the ssl.
+The supported SSL protocols.
   
 
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/f864faaa/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
--
diff --git 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
index c23be7a..4083182 100644
--- 
a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
+++ 
b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/site/markdown/EncryptedShuffle.md
@@ -44,7 +44,7 @@ To enable encrypted shuffle, set the following properties in 
core-site.xml of al
 | `hadoop.ssl.keystores.factory.class` | 
`org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory` | The 
KeyStoresFactory implementation to use |
 | `hadoop.ssl.server.conf` | `ssl-server.xml` | Resource file from which ssl 
server keystore information will be extracted. This file

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

[11/50] [abbrv] hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

[26/50] [abbrv] hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

hadoop git commit: HADOOP-12817. Enable TLS v1.1 and 1.2 (rkanter)

5 matches

Site Navigation

Mail list logo

Footer information