You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Till Toenshoff (JIRA)" <ji...@apache.org> on 2019/04/15 16:27:00 UTC
[jira] [Commented] (MESOS-9730) Executors cannot reconnect with
agents using TLS1.3
[ https://issues.apache.org/jira/browse/MESOS-9730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16818147#comment-16818147 ]
Till Toenshoff commented on MESOS-9730:
---------------------------------------
It appears this problem is not newly introduced or a regression codebase - instead something we did never properly support. Deprioritizing this to unblock the upcoming release. We need to come up with a plan here for proper OpenSSL 1.1 support; possibly following [~kaalh]'s reasonable suggestions.
> Executors cannot reconnect with agents using TLS1.3
> ---------------------------------------------------
>
> Key: MESOS-9730
> URL: https://issues.apache.org/jira/browse/MESOS-9730
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Affects Versions: 1.8.0
> Reporter: Stéphane Cottin
> Priority: Major
> Labels: ssl
>
> TLS 1.3 support is enabled by default from openssl >= 1.1.0
> Executors do not reconnect with agents after restart when using TLS 1.3, and I guess this should also affect master/slave communication.
> suggested action :
> add a `LIBPROCESS_SSL_ENABLE_TLS_V1_3` environment variable with a `false` default, and apply `SSL_OP_NO_TLSv1_3` ssl option when building with openssl >= 1.1.0
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)