[
https://issues.apache.org/jira/browse/CASSANDRA-9384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16773369#comment-16773369
]
Dinesh Joshi commented on CASSANDRA-9384:
-----------------------------------------
For trunk -
# Abort start up if {{auth_bcrypt_gensalt_log2_rounds = 31}}
# Upgrade the jbcrypt binary
For versions other than trunk (Approach 1) -
# Abort start up if {{auth_bcrypt_gensalt_log2_rounds = 31}}
# Upgrade the jbcrypt binary
With this approach, the operator will have to reduce
{{auth_bcrypt_gensalt_log2_rounds}} before they upgrade C*.
For versions other than trunk (Approach 2) -
# Abort start up if {{auth_bcrypt_gensalt_log2_rounds = 31}}
# Allow operator to start C* with {{auth_bcrypt_gensalt_log2_rounds = 31}} if
they pass in {{-Dcassandra.allow_unsafe_bcrypt}}
# Don't upgrade the jbcrypt binary
Any preferences for which of the two approaches we should use for non-trunk
versions?
> Update jBCrypt dependency to version 0.4
> ----------------------------------------
>
> Key: CASSANDRA-9384
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9384
> Project: Cassandra
> Issue Type: Bug
> Reporter: Sam Tunnicliffe
> Assignee: Dinesh Joshi
> Priority: Major
> Fix For: 2.1.x, 2.2.x, 3.0.x, 3.11.x
>
>
> https://bugzilla.mindrot.org/show_bug.cgi?id=2097
> Although the bug tracker lists it as NEW/OPEN, the release notes for 0.4
> indicate that this is now fixed, so we should update.
> Thanks to [~Bereng] for identifying the issue.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
