You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by bhavik patel <bh...@gmail.com> on 2017/05/02 06:40:13 UTC
Review Request 58915: RANGER-1500 : Add support to exclude/disable SSL
protocols
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/
-----------------------------------------------------------
Review request for ranger.
Bugs: RANGER-1500
https://issues.apache.org/jira/browse/RANGER-1500
Repository: ranger
Description
-------
Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
Diffs
-----
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
Diff: https://reviews.apache.org/r/58915/diff/1/
Testing
-------
Thanks,
bhavik patel
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by Colm O hEigeartaigh <co...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review173572
-----------------------------------------------------------
It would probably be a good idea to include "ssl" or "tls" in this configuration tag, as it's not obvious it refers to SSL configuration: "ranger.enabled.Protocols.defaultvalue"
- Colm O hEigeartaigh
On May 2, 2017, 6:42 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
>
> (Updated May 2, 2017, 6:42 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1500
> https://issues.apache.org/jira/browse/RANGER-1500
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
>
>
> Diffs
> -----
>
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
> security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
>
>
> Diff: https://reviews.apache.org/r/58915/diff/1/
>
>
> Testing
> -------
>
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by Gautam Borad <gb...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review174060
-----------------------------------------------------------
Ship it!
Ship It!
- Gautam Borad
On May 5, 2017, 6:53 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
>
> (Updated May 5, 2017, 6:53 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1500
> https://issues.apache.org/jira/browse/RANGER-1500
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
>
>
> Diffs
> -----
>
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
>
>
> Diff: https://reviews.apache.org/r/58915/diff/4/
>
>
> Testing
> -------
>
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review174024
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On May 5, 2017, 6:53 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
>
> (Updated May 5, 2017, 6:53 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1500
> https://issues.apache.org/jira/browse/RANGER-1500
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
>
>
> Diffs
> -----
>
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
>
>
> Diff: https://reviews.apache.org/r/58915/diff/4/
>
>
> Testing
> -------
>
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/
-----------------------------------------------------------
(Updated May 5, 2017, 6:53 a.m.)
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-1500
https://issues.apache.org/jira/browse/RANGER-1500
Repository: ranger
Description
-------
Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
Diffs (updated)
-----
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
Diff: https://reviews.apache.org/r/58915/diff/4/
Changes: https://reviews.apache.org/r/58915/diff/3-4/
Testing
-------
1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
Thanks,
bhavik patel
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/
-----------------------------------------------------------
(Updated May 4, 2017, 4:34 a.m.)
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-1500
https://issues.apache.org/jira/browse/RANGER-1500
Repository: ranger
Description
-------
Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
Diffs (updated)
-----
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
Diff: https://reviews.apache.org/r/58915/diff/3/
Changes: https://reviews.apache.org/r/58915/diff/2-3/
Testing
-------
1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
Thanks,
bhavik patel
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review173816
-----------------------------------------------------------
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
Lines 290 (patched)
<https://reviews.apache.org/r/58915/#comment246857>
This will affect upgrades. We should leave the decision to the user to override this property from the default value (and default value should be supporting all protocols from previous version)
- Velmurugan Periasamy
On May 2, 2017, 12:56 p.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
>
> (Updated May 2, 2017, 12:56 p.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1500
> https://issues.apache.org/jira/browse/RANGER-1500
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
>
>
> Diffs
> -----
>
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
> security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
>
>
> Diff: https://reviews.apache.org/r/58915/diff/2/
>
>
> Testing
> -------
>
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by Colm O hEigeartaigh <co...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review173713
-----------------------------------------------------------
Ship it!
Ship It!
- Colm O hEigeartaigh
On May 2, 2017, 12:56 p.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
>
> (Updated May 2, 2017, 12:56 p.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-1500
> https://issues.apache.org/jira/browse/RANGER-1500
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
>
>
> Diffs
> -----
>
> embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
> security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
>
>
> Diff: https://reviews.apache.org/r/58915/diff/2/
>
>
> Testing
> -------
>
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/
-----------------------------------------------------------
(Updated May 2, 2017, 12:56 p.m.)
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Changes
-------
Patch updated as per Colm comment
Bugs: RANGER-1500
https://issues.apache.org/jira/browse/RANGER-1500
Repository: ranger
Description
-------
Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
Diffs (updated)
-----
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
Diff: https://reviews.apache.org/r/58915/diff/2/
Changes: https://reviews.apache.org/r/58915/diff/1-2/
Testing
-------
1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
Thanks,
bhavik patel
Re: Review Request 58915: RANGER-1500 : Add support to
exclude/disable SSL protocols
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/
-----------------------------------------------------------
(Updated May 2, 2017, 6:42 a.m.)
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-1500
https://issues.apache.org/jira/browse/RANGER-1500
Repository: ranger
Description
-------
Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
Diffs
-----
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java aef59bd
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0
Diff: https://reviews.apache.org/r/58915/diff/1/
Testing (updated)
-------
1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different protocols.
Thanks,
bhavik patel