From e3ee3a3c3f3f8da03dcecf2c7cd617ec6826b445 Mon Sep 17 00:00:00 2001 From: Sriharsha Chintalapani Date: Mon, 2 Feb 2015 16:49:40 -0800 Subject: [PATCH] STORM-640. Storm UI vulnerable to poodle attack. --- storm-core/src/clj/backtype/storm/ui/helpers.clj | 1 + 1 file changed, 1 insertion(+) diff --git a/storm-core/src/clj/backtype/storm/ui/helpers.clj b/storm-core/src/clj/backtype/storm/ui/helpers.clj index 413a68d92c4..925b9dc01ae 100644 --- a/storm-core/src/clj/backtype/storm/ui/helpers.clj +++ b/storm-core/src/clj/backtype/storm/ui/helpers.clj @@ -156,6 +156,7 @@ $(\"table#%s\").each(function(i) { $(this).tablesorter({ sortList: %s, headers: (defn- mk-ssl-connector [port ks-path ks-password ks-type] (doto (SslSocketConnector.) (.setExcludeCipherSuites (into-array String ["SSL_RSA_WITH_RC4_128_MD5" "SSL_RSA_WITH_RC4_128_SHA"])) + (.setExcludeProtocols (into-array String ["SSLv3"])) (.setAllowRenegotiate false) (.setKeystore ks-path) (.setKeystoreType ks-type)