[
https://issues.apache.org/jira/browse/DRILL-5643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sorabh Hamirwasia reassigned DRILL-5643:
----------------------------------------
Assignee: Sindhuri Ramanarayan Rayavaram
> Provide a way to configure excluded list of protocols and ciphers to be used
> by WebServer
> -----------------------------------------------------------------------------------------
>
> Key: DRILL-5643
> URL: https://issues.apache.org/jira/browse/DRILL-5643
> Project: Apache Drill
> Issue Type: Improvement
> Components: Web Server
> Affects Versions: 1.11.0
> Reporter: Sorabh Hamirwasia
> Assignee: Sindhuri Ramanarayan Rayavaram
>
> Drill's WebServer uses the default protocol for TLS which is TLSv1 and
> default list of cipher suites when SSL is enabled. This task is to add
> capability to configure list of protocols / cipher to exclude from being used
> by WebServer.
> *Supported Protocols:*
> enabledProtocols = {ProtocolList@6589} "[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]”
> *Selected Protocol Version:*
> protocolVersion = {ProtocolVersion@6566} "TLSv1"
> *Cipher Suites:*
> cipherSuites = {ArrayList@6755} size = 36
> 0 = {CipherSuite@6607} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
> 1 = {CipherSuite@6608} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
> 2 = {CipherSuite@6609} "TLS_RSA_WITH_AES_256_CBC_SHA256"
> 3 = {CipherSuite@6610} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
> 4 = {CipherSuite@6611} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
> 5 = {CipherSuite@6612} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
> 6 = {CipherSuite@6613} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
> 7 = {CipherSuite@6614} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
> 8 = {CipherSuite@6615} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
> 9 = {CipherSuite@6616} "TLS_RSA_WITH_AES_256_CBC_SHA"
> 10 = {CipherSuite@6617} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
> 11 = {CipherSuite@6618} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
> 12 = {CipherSuite@6619} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
> 13 = {CipherSuite@6620} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
> 14 = {CipherSuite@6621} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
> 15 = {CipherSuite@6622} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
> 16 = {CipherSuite@6623} "TLS_RSA_WITH_AES_128_CBC_SHA256"
> 17 = {CipherSuite@6624} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
> 18 = {CipherSuite@6625} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
> 19 = {CipherSuite@6626} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
> 20 = {CipherSuite@6627} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
> 21 = {CipherSuite@6628} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
> 22 = {CipherSuite@6629} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
> 23 = {CipherSuite@6630} "TLS_RSA_WITH_AES_128_CBC_SHA"
> 24 = {CipherSuite@6631} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
> 25 = {CipherSuite@6632} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
> 26 = {CipherSuite@6633} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
> 27 = {CipherSuite@6634} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
> 28 = {CipherSuite@6635} "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
> 29 = {CipherSuite@6636} "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
> 30 = {CipherSuite@6637} "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
> 31 = {CipherSuite@6638} "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
> 32 = {CipherSuite@6639} "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
> 33 = {CipherSuite@6640} "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
> 34 = {CipherSuite@6641} "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
> 35 = {CipherSuite@6642} "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
