[ZOOKEEPER-3930] Security issues: config zookeeper.ssl.ciphersuites do not effect for zookeeper client - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.5.7, 3.5.8
Fix Version/s: None
Component/s: java client
Labels:
None

Description

I have set zookeeper.ssl.ciphersuites :TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 in ZKClientConfig ,but when i dump the tcp package , i find the ciphersuites do not match what i set

i debug with the code of zookeeper

maybe it need be add

sslEngine.setEnabledCipherSuites(cipherSuites);

after red tag 1,and cipherSuites can get from clientConfig

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image-2020-09-08-19-58-14-156.png
08/Sep/20 11:58
64 kB
xiaotong.wang
image-2020-09-08-19-51-41-970.png
08/Sep/20 11:51
54 kB
xiaotong.wang

Activity

People

Assignee:: Unassigned

Reporter:: xiaotong.wang

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Sep/20 11:57

Updated:: 08/Sep/20 13:15