[jira] [Resolved] (IMPALA-6418) Find a reliable way to detect supported TLS versions

Sailesh Mukil (JIRA) Tue, 23 Jan 2018 11:53:19 -0800

     [ 
https://issues.apache.org/jira/browse/IMPALA-6418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sailesh Mukil resolved IMPALA-6418.
-----------------------------------
       Resolution: Fixed
    Fix Version/s: Impala 2.12.0

Commit in:
https://github.com/apache/impala/commit/a3c0fffa1275c1d1d2770b9fc35885a22dc7edce

> Find a reliable way to detect supported TLS versions
> ----------------------------------------------------
>
>                 Key: IMPALA-6418
>                 URL: https://issues.apache.org/jira/browse/IMPALA-6418
>             Project: IMPALA
>          Issue Type: Bug
>          Components: Security
>            Reporter: Sailesh Mukil
>            Assignee: Sailesh Mukil
>            Priority: Blocker
>              Labels: security
>             Fix For: Impala 2.12.0
>
>
> The problem in brief is that when we build against an older version of 
> OpenSSL and run against a higher version of OpenSSL, the SSLeay() function 
> (which is supposed to return the runtime version of OpenSSL), returns the 
> compile time version of OpenSSL instead of the version that it's actually 
> running against.
> Due to this, our version compatibility checking code doesn't allow us to use 
> TLSv1.2 on certain platforms (specifically RHEL when it's built against 
> OpenSSL 1.0.0 and run on a CentOS system with OpenSSL 1.0.1 or above).
> This was filed as a bug against RHEL:
> https://bugzilla.redhat.com/show_bug.cgi?id=1497859



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (IMPALA-6418) Find a reliable way to detect supported TLS versions

Reply via email to