You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "Grant Henke (Jira)" <ji...@apache.org> on 2020/06/03 15:19:00 UTC

[jira] [Updated] (KUDU-2871) TLS 1.3 not supported by krpc

     [ https://issues.apache.org/jira/browse/KUDU-2871?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Grant Henke updated KUDU-2871:
------------------------------
    Target Version/s:   (was: 1.10.0)

> TLS 1.3 not supported by krpc
> -----------------------------
>
>                 Key: KUDU-2871
>                 URL: https://issues.apache.org/jira/browse/KUDU-2871
>             Project: Kudu
>          Issue Type: Bug
>          Components: master, rpc, security, tserver
>    Affects Versions: 1.8.0, 1.9.0, 1.9.1
>            Reporter: Todd Lipcon
>            Priority: Major
>
> The TLS negotiation in our RPC protocol assumes a whole number of round trips between client and server. For TLS 1.3, the exchange has 1.5 round trips (the client is the last sender rather than the server) which breaks negotiation. Most tests thus fail with OpenSSL 1.1.1.
> We should temporarily disable TLS 1.3 and then fix RPC to support this.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)