You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@kudu.apache.org by "Alexey Serbin (Code Review)" <ge...@cloudera.org> on 2018/01/11 20:25:05 UTC

[kudu-CR] rpc: allow setting --rpc tls min protocol on older RHEL versions

Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/7821 )

Change subject: rpc: allow setting --rpc_tls_min_protocol on older RHEL versions
......................................................................


Patch Set 2:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc
File src/kudu/security/tls_context.cc:

http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc@155
PS2, Line 155:    options |= SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1;
I'm curious what happens if the built binary is run with the library that does not support TLSv1.2.  Is it going just to silently run the with TLSv1.1 here regardless of the fact that the --rpc_tls_min_protocol=TLSv1.2 is set?



-- 
To view, visit http://gerrit.cloudera.org:8080/7821
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ic61f31788d63072fae609c6a2186e52d5e2467b7
Gerrit-Change-Number: 7821
Gerrit-PatchSet: 2
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Henry Robinson <he...@cloudera.com>
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-Comment-Date: Thu, 11 Jan 2018 20:25:05 +0000
Gerrit-HasComments: Yes