impala-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sailesh Mukil (Code Review)" <ger...@cloudera.org>
Subject [native-toolchain-CR] IMPALA-5743: Allow TLS version configuration
Date Wed, 02 Aug 2017 19:03:06 GMT
Sailesh Mukil has posted comments on this change.

Change subject: IMPALA-5743: Allow TLS version configuration
......................................................................


Patch Set 1:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/7558/1/source/thrift/thrift-0.9.0-patches/0010-THRIFT-2258-Add-TLS-configuration.patch
File source/thrift/thrift-0.9.0-patches/0010-THRIFT-2258-Add-TLS-configuration.patch:

PS1, Line 36:     case TLSv1_2_plus:
            : +      options |= SSL_OP_NO_TLSv1_1;
            : +    case TLSv1_1_plus:
            : +      options |= SSL_OP_NO_TLSv1;
            : +    case TLSv1_0_plus:
            : +      ctx_ = SSL_CTX_new(SSLv23_method());
            : +      break;
I'm a little nervous about this extra change.

How have you tested these changes?

Also, did you test them with:
TSSLSocketFactory(TLSv1_1_plus)
TSSLSocketFactory(TLSv1_2_plus) ?


-- 
To view, visit http://gerrit.cloudera.org:8080/7558
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ida75e74682606eefcc59a17cb2dd2b4e71862e9c
Gerrit-PatchSet: 1
Gerrit-Project: native-toolchain
Gerrit-Branch: master
Gerrit-Owner: Henry Robinson <henry@cloudera.com>
Gerrit-Reviewer: Sailesh Mukil <sailesh@cloudera.com>
Gerrit-HasComments: Yes

Mime
View raw message