Github user ivmaykov commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/184#discussion_r195516340
--- Diff: src/java/main/org/apache/zookeeper/common/X509Util.java ---
@@ -79,7 +91,7 @@
public X509Util() {
String cipherSuitesInput =
System.getProperty(cipherSuitesProperty);
if (cipherSuitesInput == null) {
- cipherSuites = null;
+ cipherSuites = getDefaultCipherSuites();
--- End diff --
nit: add "|| cipherSuitsInput.isEmpty()" to the if condition? Is there any
time we would want the cipher suites to be an empty array? I think that would
make SSL fail so I don't think we should allow it. Unless the SSL socket will
use some system default if you pass in an empty array, do you know?
---
