You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@geode.apache.org by GitBox <gi...@apache.org> on 2022/05/11 19:35:15 UTC

[GitHub] [geode] DonalEvans opened a new pull request, #7680: GEODE-10297: Create SSLContext using default protocols

DonalEvans opened a new pull request, #7680:
URL: https://github.com/apache/geode/pull/7680

    - Modify SSLUtil to attempt to create SSLContext using the default
      protocols
    - Add WANSSLDistributedTest to test protocol/cipher combinations in WAN
      context
    - Do not hide exception when generating key pair in CertificateBuilder
    - Fix javadoc error in SocketCreator
   
   Authored-by: Donal Evans <do...@vmware.com>
   
   <!-- Thank you for submitting a contribution to Apache Geode. -->
   
   <!-- In order to streamline the review of the contribution we ask you
   to ensure the following steps have been taken: 
   -->
   
   ### For all changes:
   - [ ] Is there a JIRA ticket associated with this PR? Is it referenced in the commit message?
   
   - [ ] Has your PR been rebased against the latest commit within the target branch (typically `develop`)?
   
   - [ ] Is your initial contribution a single, squashed commit?
   
   - [ ] Does `gradlew build` run cleanly?
   
   - [ ] Have you written or updated unit tests to verify your changes?
   
   - [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
   
   <!-- Note:
   Please ensure that once the PR is submitted, check Concourse for build issues and
   submit an update to your PR as soon as possible. If you need help, please send an
   email to dev@geode.apache.org.
   -->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@geode.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [geode] pivotal-jbarrett commented on a diff in pull request #7680: GEODE-10297: Create SSLContext using default protocols

Posted by GitBox <gi...@apache.org>.

pivotal-jbarrett commented on code in PR #7680:
URL: https://github.com/apache/geode/pull/7680#discussion_r871517286


##########
geode-core/src/main/java/org/apache/geode/internal/net/SSLUtil.java:
##########
@@ -36,48 +35,15 @@
 
 public class SSLUtil {
   /**
-   * This is a list of the algorithms that are tried, in order, when "any" is specified. Update
+   * This is a list of the algorithms that are tried, in order, to create an SSLContext. Update
    * this list as new algorithms become available and are supported by Geode. Remove old,
    * no-longer trusted algorithms.
    */
   static final String[] DEFAULT_ALGORITHMS = {"TLSv1.3", "TLSv1.2"};

Review Comment:
   I wonder now if this makes more sense as `SUPPORTED_CONTEXTS` or `SUPPORTED_PROTOCOLS` now?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@geode.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [geode] DonalEvans merged pull request #7680: GEODE-10297: Create SSLContext using default protocols

Posted by GitBox <gi...@apache.org>.

DonalEvans merged PR #7680:
URL: https://github.com/apache/geode/pull/7680


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@geode.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [geode] DonalEvans commented on a diff in pull request #7680: GEODE-10297: Create SSLContext using default protocols

Posted by GitBox <gi...@apache.org>.

DonalEvans commented on code in PR #7680:
URL: https://github.com/apache/geode/pull/7680#discussion_r871551644


##########
geode-core/src/main/java/org/apache/geode/internal/net/SSLUtil.java:
##########
@@ -36,48 +35,15 @@
 
 public class SSLUtil {
   /**
-   * This is a list of the algorithms that are tried, in order, when "any" is specified. Update
+   * This is a list of the algorithms that are tried, in order, to create an SSLContext. Update
    * this list as new algorithms become available and are supported by Geode. Remove old,
    * no-longer trusted algorithms.
    */
   static final String[] DEFAULT_ALGORITHMS = {"TLSv1.3", "TLSv1.2"};

Review Comment:
   Good call. I think `SUPPORTED_CONTEXTS` is best, since my understanding is that these contexts both technically allow support for other protocols.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@geode.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org