[
https://issues.apache.org/jira/browse/HADOOP-12886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15216919#comment-15216919
]
Zhe Zhang commented on HADOOP-12886:
------------------------------------
Thanks Wei-Chiu for adding the test. +1 on the v3 patch pending 2 nits:
# Can we avoid wildcard import in the test class?
# Below type casting is unnecessary:
{code}
cipherSuites = (String[])(defaultEnabledCipherSuites.toArray(
new String[defaultEnabledCipherSuites.size()]));
{code}
> Exclude weak ciphers in SSLFactory through ssl-server.xml
> ---------------------------------------------------------
>
> Key: HADOOP-12886
> URL: https://issues.apache.org/jira/browse/HADOOP-12886
> Project: Hadoop Common
> Issue Type: Improvement
> Affects Versions: 2.7.2
> Reporter: Wei-Chiu Chuang
> Assignee: Wei-Chiu Chuang
> Labels: Netty, datanode, security
> Attachments: HADOOP-12886.001.patch, HADOOP-12886.002.patch,
> HADOOP-12886.003.patch
>
>
> HADOOP-12668 added support to exclude weak ciphers in HttpServer2, which is
> good for name nodes. But data node web UI is based on Netty, which uses
> SSLFactory and does not read ssl-server.xml to exclude the ciphers.
> We should also add the same support for Netty for consistency.
> I will attach a full patch later.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
