You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ignite.apache.org by av...@apache.org on 2019/02/14 10:53:18 UTC
[ignite] branch master updated: IGNITE-11267 Added warnings about
plain keystore/truststore passwords. (#6068)
This is an automated email from the ASF dual-hosted git repository.
av pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/master by this push:
new 224e747 IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)
224e747 is described below
commit 224e747f42a1804ab8c6ee1796faff2a601f607e
Author: Andrey Kuznetsov <st...@gmail.com>
AuthorDate: Thu Feb 14 13:53:10 2019 +0300
IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)
---
.../org/apache/ignite/internal/commandline/CommandHandler.java | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java b/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
index 5f844a0..03bb1cc 100644
--- a/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
+++ b/modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java
@@ -1945,6 +1945,9 @@ public class CommandHandler {
char sslTrustStorePassword[] = null;
+ final String pwdArgWarnFmt = "Warning: %s is insecure. " +
+ "Whenever possible, use interactive prompt for password (just discard %s option).";
+
while (hasNextArg()) {
String str = nextArg("").toLowerCase();
@@ -2055,6 +2058,8 @@ public class CommandHandler {
case CMD_PASSWORD:
pwd = nextArg("Expected password");
+ log(String.format(pwdArgWarnFmt, CMD_PASSWORD, CMD_PASSWORD));
+
break;
case CMD_SSL_PROTOCOL:
@@ -2080,6 +2085,8 @@ public class CommandHandler {
case CMD_KEYSTORE_PASSWORD:
sslKeyStorePassword = nextArg("Expected SSL key store password").toCharArray();
+ log(String.format(pwdArgWarnFmt, CMD_KEYSTORE_PASSWORD, CMD_KEYSTORE_PASSWORD));
+
break;
case CMD_KEYSTORE_TYPE:
@@ -2095,6 +2102,8 @@ public class CommandHandler {
case CMD_TRUSTSTORE_PASSWORD:
sslTrustStorePassword = nextArg("Expected SSL trust store password").toCharArray();
+ log(String.format(pwdArgWarnFmt, CMD_TRUSTSTORE_PASSWORD, CMD_TRUSTSTORE_PASSWORD));
+
break;
case CMD_TRUSTSTORE_TYPE: