Michael Ho has posted comments on this change. ( http://gerrit.cloudera.org:8080/10129 )
Change subject: thrift-0.9.3-p4: forward compatibility of TLS protocols ...................................................................... Patch Set 1: (2 comments) http://gerrit.cloudera.org:8080/#/c/10129/1/source/thrift/thrift-0.9.3-patches/0004-TLS-forward-compatibility.patch File source/thrift/thrift-0.9.3-patches/0004-TLS-forward-compatibility.patch: http://gerrit.cloudera.org:8080/#/c/10129/1/source/thrift/thrift-0.9.3-patches/0004-TLS-forward-compatibility.patch@24 PS1, Line 24: + int options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; This may warrant a comment copied from below. // Disable horribly insecure SSLv2 and SSLv3 protocols but allow a handshake // with older clients so they get a graceful denial. http://gerrit.cloudera.org:8080/#/c/10129/1/source/thrift/thrift-0.9.3-patches/0004-TLS-forward-compatibility.patch@30 PS1, Line 30: case TLSv1_0: Should this also include SSLTLS ? -- To view, visit http://gerrit.cloudera.org:8080/10129 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: native-toolchain Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ifdca94a9426feff5ab52a80cf4da669a3fbfe812 Gerrit-Change-Number: 10129 Gerrit-PatchSet: 1 Gerrit-Owner: Tianyi Wang <tw...@cloudera.com> Gerrit-Reviewer: Michael Ho <k...@cloudera.com> Gerrit-Comment-Date: Mon, 23 Apr 2018 18:12:56 +0000 Gerrit-HasComments: Yes