You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ignite.apache.org by av...@apache.org on 2019/02/14 10:53:18 UTC

[ignite] branch master updated: IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)

This is an automated email from the ASF dual-hosted git repository.

av pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ignite.git


The following commit(s) were added to refs/heads/master by this push:
     new 224e747  IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)
224e747 is described below

commit 224e747f42a1804ab8c6ee1796faff2a601f607e
Author: Andrey Kuznetsov <st...@gmail.com>
AuthorDate: Thu Feb 14 13:53:10 2019 +0300

    IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)
---
 .../org/apache/ignite/internal/commandline/CommandHandler.java   | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java b/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
index 5f844a0..03bb1cc 100644
--- a/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
+++ b/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
@@ -1945,6 +1945,9 @@ public class CommandHandler {
 
         char sslTrustStorePassword[] = null;
 
+        final String pwdArgWarnFmt = "Warning: %s is insecure. " +
+            "Whenever possible, use interactive prompt for password (just discard %s option).";
+
         while (hasNextArg()) {
             String str = nextArg("").toLowerCase();
 
@@ -2055,6 +2058,8 @@ public class CommandHandler {
                     case CMD_PASSWORD:
                         pwd = nextArg("Expected password");
 
+                        log(String.format(pwdArgWarnFmt, CMD_PASSWORD, CMD_PASSWORD));
+
                         break;
 
                     case CMD_SSL_PROTOCOL:
@@ -2080,6 +2085,8 @@ public class CommandHandler {
                     case CMD_KEYSTORE_PASSWORD:
                         sslKeyStorePassword = nextArg("Expected SSL key store password").toCharArray();
 
+                        log(String.format(pwdArgWarnFmt, CMD_KEYSTORE_PASSWORD, CMD_KEYSTORE_PASSWORD));
+
                         break;
 
                     case CMD_KEYSTORE_TYPE:
@@ -2095,6 +2102,8 @@ public class CommandHandler {
                     case CMD_TRUSTSTORE_PASSWORD:
                         sslTrustStorePassword = nextArg("Expected SSL trust store password").toCharArray();
 
+                        log(String.format(pwdArgWarnFmt, CMD_TRUSTSTORE_PASSWORD, CMD_TRUSTSTORE_PASSWORD));
+
                         break;
 
                     case CMD_TRUSTSTORE_TYPE: