[jira] [Commented] (HADOOP-16647) Support OpenSSL 1.1.1 LTS

Wed, 01 Apr 2020 08:19:10 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-16647?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17072858#comment-17072858
 ] 

Luca Toscano commented on HADOOP-16647:
---------------------------------------

I just did a quick test with Debian Buster on Docker, installing the hadoop 
package from BigTop 1.4 (containing the patch that I mentioned) and checknative 
-a returns to me openssl: true /usr/lib/x86_64-linux-gnu/libcrypto.so.

I guess that checknative doesn't test OpensslSecureRandom.c, that is where the 
bug reported by [~weichiu] should come from. I don't have a test cluster with 
openssl 1.1.1 to test yarn on, but I'd try to simply add crypto.h to 
OpensslSecureRandom.c (or possibly only if openssl 1.1.1 is used as ifdef 
etc..) and see how it goes with a yarn map-reduce job.

> Support OpenSSL 1.1.1 LTS
> -------------------------
>
>                 Key: HADOOP-16647
>                 URL: https://issues.apache.org/jira/browse/HADOOP-16647
>             Project: Hadoop Common
>          Issue Type: Task
>          Components: security
>            Reporter: Wei-Chiu Chuang
>            Priority: Critical
>         Attachments: HADOOP-16647-00.patch
>
>
> See Hadoop user mailing list 
> http://mail-archives.apache.org/mod_mbox/hadoop-user/201910.mbox/%3CCADiq6%3DweDFxHTL_7eGwDNnxVCza39y2QYQTSggfLn7mXhMLOdg%40mail.gmail.com%3E
> Hadoop 2 supports OpenSSL 1.0.2.
> Hadoop 3 supports OpenSSL 1.1.0 (HADOOP-14597) and I believe 1.0.2 too.
> Per OpenSSL blog https://www.openssl.org/policies/releasestrat.html
> * 1.1.0 is EOL 2019/09/11
> * 1.0.2 EOL 2019/12/31
> * 1.1.1 is EOL 2023/09/11 (LTS)
> Many Hadoop installation relies on the OpenSSL package provided by Linux 
> distros, but it's not clear to me if Linux distros are going support 
> 1.1.0/1.0.2 beyond this date.
> We should make sure Hadoop works with OpenSSL 1.1.1, as well as document the 
> openssl version supported. File this jira to test/document/fix bugs.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to