Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14341

Support multi-line value for ssl.server.exclude.cipher.list

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.7.4
    • 2.9.0, 3.0.0-alpha4, 2.8.2
    • None
    • None

    Description

      The multi-line value for ssl.server.exclude.cipher.list shown in ssl-server.xml.exmple does not work. The property value

      <property>
        <name>ssl.server.exclude.cipher.list</name>
        <value>TLS_ECDHE_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
        SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA,
        SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
        SSL_RSA_WITH_RC4_128_MD5</value>
        <description>Optional. The weak security cipher suites that you want excluded
        from SSL communication.</description>
      </property>
      

      is actually parsed into:

      • "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
      • "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
      • "\nSSL_RSA_WITH_DES_CBC_SHA"
      • "SSL_DHE_RSA_WITH_DES_CBC_SHA"
      • "\nSSL_RSA_EXPORT_WITH_RC4_40_MD5"
      • "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"
      • "\nSSL_RSA_WITH_RC4_128_MD5"

      Attachments

        1. HADOOP-14341.001.patch
          11 kB
          John Zhuge
        2. HADOOP-14341.002.patch
          11 kB
          John Zhuge
        3. HADOOP-14341.003.patch
          11 kB
          John Zhuge

        Issue Links

          Activity

            People

              jzhuge John Zhuge
              jzhuge John Zhuge
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: