You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@drill.apache.org by "Sorabh Hamirwasia (JIRA)" <ji...@apache.org> on 2017/06/30 20:09:00 UTC
[jira] [Created] (DRILL-5643) Provide a way to configure excluded
list of protocols and ciphers to be used by WebServer
Sorabh Hamirwasia created DRILL-5643:
----------------------------------------
Summary: Provide a way to configure excluded list of protocols and ciphers to be used by WebServer
Key: DRILL-5643
URL: https://issues.apache.org/jira/browse/DRILL-5643
Project: Apache Drill
Issue Type: Improvement
Components: Web Server
Affects Versions: 1.11.0
Reporter: Sorabh Hamirwasia
Drill's WebServer uses the default protocol for TLS which is TLSv1 and default list of cipher suites when SSL is enabled. This task is to add capability to configure list of protocols / cipher to exclude from being used by WebServer.
*Supported Protocols:*
enabledProtocols = {ProtocolList@6589} "[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]”
*Selected Protocol Version:*
protocolVersion = {ProtocolVersion@6566} "TLSv1"
*Cipher Suites:*
cipherSuites = {ArrayList@6755} size = 36
0 = {CipherSuite@6607} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
1 = {CipherSuite@6608} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
2 = {CipherSuite@6609} "TLS_RSA_WITH_AES_256_CBC_SHA256"
3 = {CipherSuite@6610} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
4 = {CipherSuite@6611} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
5 = {CipherSuite@6612} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
6 = {CipherSuite@6613} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
7 = {CipherSuite@6614} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
8 = {CipherSuite@6615} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
9 = {CipherSuite@6616} "TLS_RSA_WITH_AES_256_CBC_SHA"
10 = {CipherSuite@6617} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
11 = {CipherSuite@6618} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
12 = {CipherSuite@6619} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
13 = {CipherSuite@6620} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
14 = {CipherSuite@6621} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
15 = {CipherSuite@6622} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
16 = {CipherSuite@6623} "TLS_RSA_WITH_AES_128_CBC_SHA256"
17 = {CipherSuite@6624} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
18 = {CipherSuite@6625} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
19 = {CipherSuite@6626} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
20 = {CipherSuite@6627} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
21 = {CipherSuite@6628} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
22 = {CipherSuite@6629} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
23 = {CipherSuite@6630} "TLS_RSA_WITH_AES_128_CBC_SHA"
24 = {CipherSuite@6631} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
25 = {CipherSuite@6632} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
26 = {CipherSuite@6633} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
27 = {CipherSuite@6634} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
28 = {CipherSuite@6635} "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
29 = {CipherSuite@6636} "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
30 = {CipherSuite@6637} "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
31 = {CipherSuite@6638} "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
32 = {CipherSuite@6639} "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
33 = {CipherSuite@6640} "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
34 = {CipherSuite@6641} "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
35 = {CipherSuite@6642} "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)