Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id CE65A200CF4 for ; Sun, 20 Aug 2017 03:11:49 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 07463163256; Sun, 20 Aug 2017 01:11:47 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 4F8EC161E2A for ; Sun, 20 Aug 2017 03:11:46 +0200 (CEST) Received: (qmail 13195 invoked by uid 500); 20 Aug 2017 01:11:45 -0000 Mailing-List: contact reviews-help@impala.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list reviews@impala.incubator.apache.org Received: (qmail 13174 invoked by uid 99); 20 Aug 2017 01:11:44 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 20 Aug 2017 01:11:44 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 6F8411A0471 for ; Sun, 20 Aug 2017 01:11:44 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 0.362 X-Spam-Level: X-Spam-Status: No, score=0.362 tagged_above=-999 required=6.31 tests=[RDNS_DYNAMIC=0.363, SPF_PASS=-0.001] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id nR2jxxAsMKBp for ; Sun, 20 Aug 2017 01:11:41 +0000 (UTC) Received: from ip-10-146-233-104.ec2.internal (ec2-75-101-130-251.compute-1.amazonaws.com [75.101.130.251]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id CF06F5F1B3 for ; Sun, 20 Aug 2017 01:11:40 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by ip-10-146-233-104.ec2.internal (8.14.4/8.14.4) with ESMTP id v7K1Be89001182; Sun, 20 Aug 2017 01:11:40 GMT Date: Sun, 20 Aug 2017 01:11:40 +0000 From: "Michael Ho (Code Review)" To: Sailesh Mukil , Marcel Kornacker , impala-cr@cloudera.com, reviews@impala.incubator.apache.org Message-ID: Reply-To: kwho@cloudera.com X-Gerrit-MessageType: newchange Subject: =?UTF-8?Q?=5BImpala-ASF-CR=5D_KUDU-1929=3A_=5Brpc=5D_Allow_using_encrypted_private_keys_for_TLS=0A?= X-Gerrit-Change-Id: Ifd6369581fa426ceab11e4a10441658c7da47e81 X-Gerrit-ChangeURL: X-Gerrit-Commit: 9f68af4d70f2f8683c1f1d9e6ad084503a690c79 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Content-Disposition: inline User-Agent: Gerrit/2.12.7 archived-at: Sun, 20 Aug 2017 01:11:50 -0000 Hello Sailesh Mukil, Kudu Jenkins, I'd like you to do a code review. Please visit http://gerrit.cloudera.org:8080/7741 to review the following change. Change subject: KUDU-1929: [rpc] Allow using encrypted private keys for TLS ...................................................................... KUDU-1929: [rpc] Allow using encrypted private keys for TLS * This patch adds a new flag for a "password command" for the RPC private key. * This also makes the webserver move to using the new function GetPasswordFromShellCommand(). * This also consolidates certificates from security-test-util into security/tests/test_certs Testing: Adds 2 tests. One to verify that RPCs work when providing the right password for password protected private keys, and one to verify that the Messenger does not startup if the wrong password is provided when using a password protected private key. Change-Id: Ifd6369581fa426ceab11e4a10441658c7da47e81 Reviewed-on: http://gerrit.cloudera.org:8080/6635 Tested-by: Kudu Jenkins Reviewed-by: Sailesh Mukil --- M be/src/kudu/rpc/messenger.cc M be/src/kudu/rpc/rpc-test.cc M be/src/kudu/security/crypto.cc M be/src/kudu/security/crypto.h M be/src/kudu/security/openssl_util.cc M be/src/kudu/security/openssl_util.h M be/src/kudu/security/openssl_util_bio.h M be/src/kudu/security/security-test-util.cc M be/src/kudu/security/security-test-util.h M be/src/kudu/security/test/test_certs.cc M be/src/kudu/security/test/test_certs.h M be/src/kudu/security/tls_context.cc M be/src/kudu/security/tls_context.h 13 files changed, 329 insertions(+), 144 deletions(-) git pull ssh://gerrit.cloudera.org:29418/Impala-ASF refs/changes/41/7741/1 -- To view, visit http://gerrit.cloudera.org:8080/7741 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ifd6369581fa426ceab11e4a10441658c7da47e81 Gerrit-PatchSet: 1 Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-Owner: Michael Ho Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Sailesh Mukil