[
https://issues.apache.org/jira/browse/ZOOKEEPER-2122?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16857862#comment-16857862
]
Suhas Dantkale commented on ZOOKEEPER-2122:
-------------------------------------------
[~roodkcab], [~asamarna], [~andorm],
I've opened this PR - [https://github.com/apache/zookeeper/pull/970] for SSL
support in ZK C Client:-
There is an original PR opened for this by
[@SHUOSHI|https://github.com/SHUOSHI] and reviewed by
[@anmolnar|https://github.com/anmolnar] -
[#639|https://github.com/apache/zookeeper/pull/639]. The PR #970 picks up those
changes and fixes following bugs and design issues:
# OPENSSL 1.0.2 version support:
PR#639 doesn't take care of any version of openssl less than 1.1.1.
# SSL connection on non-blocking socket is handled correctly.
PR#639 starts the ZK protocol(prime_connection()) before establishing the SSL
connection.
This leads to the connection failures sometimes.
# Certificate Chain:
With clients cert chain(the intermediate certs), PR#639 doesn't work.
# Memory Leaks
Currently, this PR is opened against branch 3.5.5. Let me know if we need to
port these changes to master first?
> Impplement SSL support in the Zookeeper C client library
> --------------------------------------------------------
>
> Key: ZOOKEEPER-2122
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2122
> Project: ZooKeeper
> Issue Type: Sub-task
> Components: c client
> Affects Versions: 3.5.0
> Reporter: Ashish Amarnath
> Assignee: shuoshi
> Priority: Trivial
> Labels: build, pull-request-available, security, ssl-tls
> Fix For: 3.6.0, 3.5.6
>
> Time Spent: 8h 10m
> Remaining Estimate: 0h
>
> Implement SSL support in the Zookeeper C client library to work with the
> secure server.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
