You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@kudu.apache.org by "Todd Lipcon (Code Review)" <ge...@cloudera.org> on 2019/06/20 06:51:28 UTC
[kudu-CR] KUDU-2871 (part 1): disable TLS 1.3.
Hello Alexey Serbin,
I'd like you to do a code review. Please visit
http://gerrit.cloudera.org:8080/13683
to review the following change.
Change subject: KUDU-2871 (part 1): disable TLS 1.3.
......................................................................
KUDU-2871 (part 1): disable TLS 1.3.
This disables TLS 1.3 for our RPC negotiations, since the 1.5-RTT
optimization breaks an assumption that the server sends the last token
in the negotiation exchange.
Tested that this fixes tls_handshake-test with Ubuntu 18 and libssl
1.1.1.
Change-Id: I431a1352ce1b8cca61b60c2dafbebadb4303e08a
---
M src/kudu/rpc/client_negotiation.cc
M src/kudu/security/tls_context.cc
2 files changed, 10 insertions(+), 1 deletion(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/83/13683/1
--
To view, visit http://gerrit.cloudera.org:8080/13683
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I431a1352ce1b8cca61b60c2dafbebadb4303e08a
Gerrit-Change-Number: 13683
Gerrit-PatchSet: 1
Gerrit-Owner: Todd Lipcon <to...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
[kudu-CR] KUDU-2871 (part 1): disable TLS 1.3.
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/13683 )
Change subject: KUDU-2871 (part 1): disable TLS 1.3.
......................................................................
Patch Set 1: Code-Review+2
--
To view, visit http://gerrit.cloudera.org:8080/13683
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I431a1352ce1b8cca61b60c2dafbebadb4303e08a
Gerrit-Change-Number: 13683
Gerrit-PatchSet: 1
Gerrit-Owner: Todd Lipcon <to...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Thu, 20 Jun 2019 07:04:28 +0000
Gerrit-HasComments: No
[kudu-CR] KUDU-2871 (part 1): disable TLS 1.3.
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/13683 )
Change subject: KUDU-2871 (part 1): disable TLS 1.3.
......................................................................
KUDU-2871 (part 1): disable TLS 1.3.
This disables TLS 1.3 for our RPC negotiations, since the 1.5-RTT
optimization breaks an assumption that the server sends the last token
in the negotiation exchange.
Tested that this fixes tls_handshake-test with Ubuntu 18 and libssl
1.1.1.
Change-Id: I431a1352ce1b8cca61b60c2dafbebadb4303e08a
Reviewed-on: http://gerrit.cloudera.org:8080/13683
Reviewed-by: Alexey Serbin <as...@cloudera.com>
Tested-by: Kudu Jenkins
---
M src/kudu/rpc/client_negotiation.cc
M src/kudu/security/tls_context.cc
2 files changed, 10 insertions(+), 1 deletion(-)
Approvals:
Alexey Serbin: Looks good to me, approved
Kudu Jenkins: Verified
--
To view, visit http://gerrit.cloudera.org:8080/13683
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I431a1352ce1b8cca61b60c2dafbebadb4303e08a
Gerrit-Change-Number: 13683
Gerrit-PatchSet: 2
Gerrit-Owner: Todd Lipcon <to...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)