Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14341

Support multi-line value for ssl.server.exclude.cipher.list

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.4
    • Fix Version/s: 2.9.0, 3.0.0-alpha4, 2.8.2
    • Component/s: None
    • Labels:
      None

      Description

      The multi-line value for ssl.server.exclude.cipher.list shown in ssl-server.xml.exmple does not work. The property value

      <property>
        <name>ssl.server.exclude.cipher.list</name>
        <value>TLS_ECDHE_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
        SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA,
        SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
        SSL_RSA_WITH_RC4_128_MD5</value>
        <description>Optional. The weak security cipher suites that you want excluded
        from SSL communication.</description>
      </property>
      

      is actually parsed into:

      • "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
      • "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
      • "\nSSL_RSA_WITH_DES_CBC_SHA"
      • "SSL_DHE_RSA_WITH_DES_CBC_SHA"
      • "\nSSL_RSA_EXPORT_WITH_RC4_40_MD5"
      • "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"
      • "\nSSL_RSA_WITH_RC4_128_MD5"

        Attachments

        1. HADOOP-14341.001.patch
          11 kB
          John Zhuge
        2. HADOOP-14341.002.patch
          11 kB
          John Zhuge
        3. HADOOP-14341.003.patch
          11 kB
          John Zhuge

          Issue Links

            Activity

              People

              • Assignee:
                jzhuge John Zhuge
                Reporter:
                jzhuge John Zhuge
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: