This is an automated email from the ASF dual-hosted git repository. sijie pushed a commit to branch branch-2.1 in repository https://gitbox.apache.org/repos/asf/incubator-pulsar.git
The following commit(s) were added to refs/heads/branch-2.1 by this push: new 227e1df C++ should default not allow insecure connections with TLS (#2229) 227e1df is described below commit 227e1dfd9dc3b62cdb13780064ff1751f9c34542 Author: Ivan Kelly <iv...@apache.org> AuthorDate: Wed Jul 25 20:40:34 2018 +0100 C++ should default not allow insecure connections with TLS (#2229) If tlsAllowInsecureConnection is true, then the client doesn't validate the server's TLS cert, allowing for MITM attacks. This shouldn't be the default option. --- pulsar-client-cpp/lib/ClientConfigurationImpl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pulsar-client-cpp/lib/ClientConfigurationImpl.h b/pulsar-client-cpp/lib/ClientConfigurationImpl.h index 7160a65..cb23a14 100644 --- a/pulsar-client-cpp/lib/ClientConfigurationImpl.h +++ b/pulsar-client-cpp/lib/ClientConfigurationImpl.h @@ -44,7 +44,7 @@ struct ClientConfigurationImpl { concurrentLookupRequest(50000), logConfFilePath(), useTls(false), - tlsAllowInsecureConnection(true), + tlsAllowInsecureConnection(false), statsIntervalInSeconds(600), // 10 minutes loggerFactory() {} };