-
Notifications
You must be signed in to change notification settings - Fork 280
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove OpenSSL provider as an option. JDK SSL Provider will be used by default. #2298
Conversation
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@@ -328,9 +325,7 @@ public List<Setting<?>> getSettings() { | |||
settings.add(Setting.simpleString(SSLConfigConstants.SECURITY_SSL_HTTP_TRUSTSTORE_FILEPATH, Property.NodeScope, Property.Filtered)); | |||
settings.add(Setting.simpleString(SSLConfigConstants.SECURITY_SSL_HTTP_TRUSTSTORE_PASSWORD, Property.NodeScope, Property.Filtered)); | |||
settings.add(Setting.simpleString(SSLConfigConstants.SECURITY_SSL_HTTP_TRUSTSTORE_TYPE, Property.NodeScope, Property.Filtered)); | |||
settings.add(Setting.boolSetting(SSLConfigConstants.SECURITY_SSL_HTTP_ENABLE_OPENSSL_IF_AVAILABLE, OPENSSL_SUPPORTED, Property.NodeScope, Property.Filtered)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since this is removed will this create an error before the OpenSearch starts up?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not certain if I would want this failure to happen, it could be seen as non-bwc compatible. Instead logging a notice that the feature doesn't work and the setting wouldn't be used could be better in the interim until 3.0.0 when we'd could force this as a breaking change.
Codecov Report
@@ Coverage Diff @@
## main #2298 +/- ##
============================================
+ Coverage 61.02% 61.24% +0.21%
+ Complexity 3267 3266 -1
============================================
Files 259 259
Lines 18337 18267 -70
Branches 3248 3226 -22
============================================
- Hits 11191 11188 -3
+ Misses 5561 5507 -54
+ Partials 1585 1572 -13
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
Closing this PR in favor of #2301 Looks like boring ssl is able to work after requisite changes are merged into core. |
Description
Removes OpenSSL which has been broken since 1.3.0
This PR that was included in 1.3.0 which broke OpenSSL support: #1649
There have not been any issues filed or posts in the forum regarding OpenSSL support.
Maintenance
Issues Resolved
See relevant PR: #2219
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.