Github user ivmaykov commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/184#discussion_r195517105
--- Diff: src/java/main/org/apache/zookeeper/common/X509Util.java ---
@@ -79,7 +91,7 @@
public X509Util() {
String cipherSuitesInput =
System.getProperty(cipherSuitesProperty);
if (cipherSuitesInput == null) {
- cipherSuites = null;
+ cipherSuites = getDefaultCipherSuites();
--- End diff --
Should we also intersect the selected cipher suites with enabled cipher
suites (after this if/else so it covers both branches)? I'm not an expert on
Java SSL APIs so I'm not sure if it's necessary. Maybe @dain or @electrum can
chime in.
---
