Skip to content

HBASE-29403 Remove default TLS cipher overrides #7112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 19, 2025
Merged

HBASE-29403 Remove default TLS cipher overrides #7112

merged 5 commits into from
Jun 19, 2025

Conversation

stoty
Copy link
Contributor

@stoty stoty commented Jun 18, 2025

No description provided.

@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
@stoty
Copy link
Contributor Author

stoty commented Jun 18, 2025

Thanks @Apache9
Should we backport this to branch-2 , or only to master and branch-3 ?

@Apache-HBase
Copy link

🎊 +1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 31s Docker mode activated.
-0 ⚠️ yetus 0m 3s Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
_ Prechecks _
_ master Compile Tests _
+1 💚 mvninstall 3m 37s master passed
+1 💚 compile 0m 28s master passed
+1 💚 javadoc 0m 25s master passed
+1 💚 shadedjars 7m 11s branch has no errors when building our shaded downstream artifacts.
_ Patch Compile Tests _
+1 💚 mvninstall 3m 42s the patch passed
+1 💚 compile 0m 28s the patch passed
+1 💚 javac 0m 28s the patch passed
+1 💚 javadoc 0m 27s the patch passed
+1 💚 shadedjars 6m 42s patch has no errors when building our shaded downstream artifacts.
_ Other Tests _
+1 💚 unit 2m 51s hbase-common in the patch passed.
27m 44s
Subsystem Report/Notes
Docker ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7112/5/artifact/yetus-jdk17-hadoop3-check/output/Dockerfile
GITHUB PR #7112
Optional Tests javac javadoc unit compile shadedjars
uname Linux 45dd2519660b 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/hbase-personality.sh
git revision master / e9e7032
Default Java Eclipse Adoptium-17.0.11+9
Test Results https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7112/5/testReport/
Max. process+thread count 385 (vs. ulimit of 30000)
modules C: hbase-common U: hbase-common
Console output https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7112/5/console
versions git=2.34.1 maven=3.9.8
Powered by Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

@Apache-HBase
Copy link

🎊 +1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 30s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
+1 💚 hbaseanti 0m 0s Patch does not have any anti-patterns.
_ master Compile Tests _
+1 💚 mvninstall 3m 22s master passed
+1 💚 compile 0m 43s master passed
+1 💚 checkstyle 0m 14s master passed
+1 💚 spotbugs 0m 33s master passed
+1 💚 spotless 0m 50s branch has no errors when running spotless:check.
_ Patch Compile Tests _
+1 💚 mvninstall 3m 9s the patch passed
+1 💚 compile 0m 41s the patch passed
+1 💚 javac 0m 41s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 checkstyle 0m 13s the patch passed
+1 💚 spotbugs 0m 37s the patch passed
+1 💚 hadoopcheck 12m 0s Patch does not cause any errors with Hadoop 3.3.6 3.4.0.
+1 💚 spotless 0m 45s patch has no errors when running spotless:check.
_ Other Tests _
+1 💚 asflicense 0m 10s The patch does not generate ASF License warnings.
31m 32s
Subsystem Report/Notes
Docker ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7112/5/artifact/yetus-general-check/output/Dockerfile
GITHUB PR #7112
Optional Tests dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname Linux bc8bafe49850 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/hbase-personality.sh
git revision master / e9e7032
Default Java Eclipse Adoptium-17.0.11+9
Max. process+thread count 83 (vs. ulimit of 30000)
modules C: hbase-common U: hbase-common
Console output https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7112/5/console
versions git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

@Apache9
Copy link
Contributor

Apache9 commented Jun 19, 2025

All active release lines in HBase do not support JDK7. If these ciphers are for JDK7 only I think we can remove them from all active branches.

Thanks.

@stoty
Copy link
Contributor Author

stoty commented Jun 19, 2025
edited
Loading

@Apache9
That was my mistake in the JIRA, this was used for optimizing for early JDK8 JVMs, not JDK7 (I have since fixed the description)

Removing these will cause a pref regression with very old JDK8 versions.

@stoty stoty merged commit a47d3ea into apache:master Jun 19, 2025
1 check passed
stoty added a commit that referenced this pull request Jun 19, 2025
@stoty
HBASE-29403 Remove default TLS cipher overrides (#7112)
5227cdc 
Signed-off-by: Duo Zhang <zhangduo@apache.org>
(cherry picked from commit a47d3ea)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Apache9 Apache9 Apache9 approved these changes

@anmolnar anmolnar Awaiting requested review from anmolnar

@bbeaudreault bbeaudreault Awaiting requested review from bbeaudreault

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@stoty @Apache-HBase @Apache9