I will update the documentation before I post it to the website — that should be good.
Thanks, Hari On Mon, Nov 10, 2014 at 6:18 PM, Roshan Naik <ros...@hortonworks.com> wrote: > Wouldnt we want to document in the http source section that SSL is being > blocked ? > -roshan > On Mon, Nov 10, 2014 at 2:56 PM, Hari Shreedharan <hshreedha...@cloudera.com >> wrote: >> The HTTP Source does not have any config parameter in the user guide. Only >> for the Avro Source, is there configuration mentioned in the user guide >> (though for now, it is possible to use SSLv3, but we can disable that in a >> future release - right now we provide the option, so I guess that would be >> enough). So I guess we are ok? >> >> >> Thanks, >> Hari >> >> On Mon, Nov 10, 2014 at 2:51 PM, Roshan Naik <ros...@hortonworks.com> >> wrote: >> >> > Looks like most major companies/products are moving away from SSLv2 & 3 >> > very quickly. I am ok with disabling it completely and allowing user to >> add >> > more protocols to disable list. Not a security expert & not sure how much >> > of a backward compat issue this implies. >> > I am fine with supporting the hard coded ban on the protocols in Avro >> > source with additional ban as per user config. Also fine with adding the >> > same behavior later to a later release. i think its good to keep the same >> > strategy for both Avro and HTTPS. >> > If the intent is to add the configurable option to HTTPS in a later >> > release, then please drop the setting from the doc too. We can track the >> > pending work for HTTPS on another jira. >> > -roshan >> > On Mon, Nov 10, 2014 at 11:15 AM, Hari Shreedharan < >> > hshreedha...@cloudera.com> wrote: >> >> Roshan, >> >> >> >> >> >> >> >> >> >> The Avro Source does make it configurable - >> >> >> https://git-wip-us.apache.org/repos/asf?p=flume.git;a=blob;f=flume-ng-core/src/main/java/org/apache/flume/source/AvroSource.java;h=59ee43a8e1b758ca3d98ba572a885ee2f01b7bed;hb=HEAD#l185 >> >> >> >> >> >> >> >> >> >> >> >> But the HTTPSource disables it completely (it is not a configurable >> >> option). >> >> >> >> >> >> >> >> >> >> Should we remove the option from the Avro Source (or add these two to >> the >> >> list of excluded protocols?). I believe it is best to not allow the >> >> protocols to be used at all, so it must be included anyway - any >> additional >> >> ones should just be added to these. I think we can add the configurable >> >> option for HTTP Source in a later release. >> >> >> >> >> >> Thanks, >> >> Hari >> >> >> >> On Sun, Nov 9, 2014 at 8:47 PM, Arvind Prabhakar <arv...@apache.org> >> >> wrote: >> >> >> >> > +1 >> >> > * Verified signatures >> >> > * Verified checksums >> >> > * Verified the tag (minor issues noted below - would be good to >> address >> >> if >> >> > there is RC2) >> >> > * Builds correctly >> >> > * All tests run with default profile and avro version set to 1.7.5 (to >> >> > avoid an issue with snappy on Mac OS) >> >> > Nits: >> >> > * The tag and sources match except that the src tarball contains the >> iml >> >> > files and does not contain the dev-support directory. Since both the >> iml >> >> > files and dev-support files are not related to product functionality, >> it >> >> is >> >> > OK for the tarball to not include them. However, if there is a respin >> it >> >> > would be good to address that. >> >> > * It is time we updated the avro version in the system to a newer >> >> release, >> >> > which among other things will allow people to build on Mac OS without >> >> > running into the JDK7+Snappy 1.0.4 problem where tests because native >> >> > library does not load. >> >> > Regards, >> >> > Arvind >> >> > On Thu, Nov 6, 2014 at 3:17 PM, Hari Shreedharan < >> >> hshreedha...@cloudera.com> >> >> > wrote: >> >> >> This is the seventh release for Apache Flume as a top-level project, >> >> >> version 1.5.1. We are voting on release candidate RC1. >> >> >> >> >> >> It fixes the following issues: >> >> >> >> >> >> >> >> >> https://git-wip-us.apache.org/repos/asf?p=flume.git;a=blob_plain;f=CHANGELOG;hb=c74804226bcee59823c0cbc09cdf803a3d9e6920 >> >> >> >> >> >> *** Please cast your vote within the next 72 hours *** >> >> >> >> >> >> The tarball (*.tar.gz), signature (*.asc), and checksums (*.md5, >> *.sha1) >> >> >> for the source and binary artifacts can be found here: >> >> >> https://people.apache.org/~hshreedharan/apache-flume-1.5.1-rc1/ >> >> >> >> >> >> Maven staging repo: >> >> >> >> >> https://repository.apache.org/content/repositories/orgapacheflume-1006/ >> >> >> >> >> >> The tag to be voted on: >> >> >> >> >> >> >> >> >> https://git-wip-us.apache.org/repos/asf?p=flume.git;a=commit;h=c74804226bcee59823c0cbc09cdf803a3d9e6920 >> >> >> >> >> >> Flume's KEYS file containing PGP keys we use to sign the release: >> >> >> http://www.apache.org/dist/flume/KEYS >> >> >> >> >> >> Thanks, >> >> >> Hari >> >> >> > -- >> > CONFIDENTIALITY NOTICE >> > NOTICE: This message is intended for the use of the individual or entity >> to >> > which it is addressed and may contain information that is confidential, >> > privileged and exempt from disclosure under applicable law. If the reader >> > of this message is not the intended recipient, you are hereby notified >> that >> > any printing, copying, dissemination, distribution, disclosure or >> > forwarding of this communication is strictly prohibited. If you have >> > received this communication in error, please contact the sender >> immediately >> > and delete it from your system. Thank You. > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity to > which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You.
