impala-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sailesh Mukil (Code Review)" <ger...@cloudera.org>
Subject [Impala-ASF-CR] IMPALA-5054: [SECURITY] Enable KRPC w/ TLS in Impala
Date Tue, 28 Nov 2017 18:31:22 GMT
Sailesh Mukil has posted comments on this change. ( http://gerrit.cloudera.org:8080/8439 )

Change subject: IMPALA-5054: [SECURITY] Enable KRPC w/ TLS in Impala
......................................................................


Patch Set 1:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/8439/1/be/src/rpc/rpc-mgr.h
File be/src/rpc/rpc-mgr.h:

http://gerrit.cloudera.org:8080/#/c/8439/1/be/src/rpc/rpc-mgr.h@183
PS1, Line 183:  /// The following strings preserve the Kudu flags original values to restore
in
             :   /// Shutdown() as they will be modified by us.
             :   string flag_save_ca_certificate_file;
             :   string flag_save_rpc_private_key_file;
             :   string flag_save_rpc_certificate_file;
             :   string flag_save_rpc_private_key_password_cmd;
             :   string flag_save_rpc_tls_ciphers;
             :   string flag_save_rpc_tls_min_protocol;
> But in the tests, wouldn't each test case that creates a messenger need to 
We don't set all of them for all the tests. We could set the ones we don't need as defaults
for the tests that don't need them, but the defaults of some of these flags are pretty large.
Eg, see the FLAGS_rpc_tls_ciphers:
https://github.com/apache/incubator-impala/blob/32baa695f499a936b72c5a51ae3649c408aa5a85/be/src/kudu/security/tls_context.cc#L53-L70

So it would be odd setting it to this hardcoded value before every test.

Some flags are only used by the builder but others are used at runtime too.

The validators are automatically run while creating Messenger objects.



-- 
To view, visit http://gerrit.cloudera.org:8080/8439
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: Impala-ASF
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I9a14a44fdea9ab668f3714eb69fdb188bce38f5a
Gerrit-Change-Number: 8439
Gerrit-PatchSet: 1
Gerrit-Owner: Sailesh Mukil <sailesh@cloudera.com>
Gerrit-Reviewer: Dan Hecht <dhecht@cloudera.com>
Gerrit-Reviewer: Michael Ho <kwho@cloudera.com>
Gerrit-Reviewer: Sailesh Mukil <sailesh@cloudera.com>
Gerrit-Comment-Date: Tue, 28 Nov 2017 18:31:22 +0000
Gerrit-HasComments: Yes

Mime
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message