IGNITE-11267 Added warnings about plain keystore/truststore passwords. (#6068)
authorAndrey Kuznetsov <stkuzma@gmail.com>
Thu, 14 Feb 2019 10:53:10 +0000 (13:53 +0300)
committeranton-vinogradov <av@apache.org>
Thu, 14 Feb 2019 10:53:10 +0000 (13:53 +0300)
modules/core/src/main/java/org/apache/ignite/internal/commandline/CommandHandler.java

index 5f844a0..03bb1cc 100644 (file)
@@ -1945,6 +1945,9 @@ public class CommandHandler {
 
         char sslTrustStorePassword[] = null;
 
+        final String pwdArgWarnFmt = "Warning: %s is insecure. " +
+            "Whenever possible, use interactive prompt for password (just discard %s option).";
+
         while (hasNextArg()) {
             String str = nextArg("").toLowerCase();
 
@@ -2055,6 +2058,8 @@ public class CommandHandler {
                     case CMD_PASSWORD:
                         pwd = nextArg("Expected password");
 
+                        log(String.format(pwdArgWarnFmt, CMD_PASSWORD, CMD_PASSWORD));
+
                         break;
 
                     case CMD_SSL_PROTOCOL:
@@ -2080,6 +2085,8 @@ public class CommandHandler {
                     case CMD_KEYSTORE_PASSWORD:
                         sslKeyStorePassword = nextArg("Expected SSL key store password").toCharArray();
 
+                        log(String.format(pwdArgWarnFmt, CMD_KEYSTORE_PASSWORD, CMD_KEYSTORE_PASSWORD));
+
                         break;
 
                     case CMD_KEYSTORE_TYPE:
@@ -2095,6 +2102,8 @@ public class CommandHandler {
                     case CMD_TRUSTSTORE_PASSWORD:
                         sslTrustStorePassword = nextArg("Expected SSL trust store password").toCharArray();
 
+                        log(String.format(pwdArgWarnFmt, CMD_TRUSTSTORE_PASSWORD, CMD_TRUSTSTORE_PASSWORD));
+
                         break;
 
                     case CMD_TRUSTSTORE_TYPE: