Sailesh Mukil has posted comments on this change. Change subject: IMPALA-5743: Allow TLS version configuration ......................................................................
Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/7558/1/source/thrift/thrift-0.9.0-patches/0010-THRIFT-2258-Add-TLS-configuration.patch File source/thrift/thrift-0.9.0-patches/0010-THRIFT-2258-Add-TLS-configuration.patch: PS1, Line 36: case TLSv1_2_plus: : + options |= SSL_OP_NO_TLSv1_1; : + case TLSv1_1_plus: : + options |= SSL_OP_NO_TLSv1; : + case TLSv1_0_plus: : + ctx_ = SSL_CTX_new(SSLv23_method()); : + break; I'm a little nervous about this extra change. How have you tested these changes? Also, did you test them with: TSSLSocketFactory(TLSv1_1_plus) TSSLSocketFactory(TLSv1_2_plus) ? -- To view, visit http://gerrit.cloudera.org:8080/7558 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ida75e74682606eefcc59a17cb2dd2b4e71862e9c Gerrit-PatchSet: 1 Gerrit-Project: native-toolchain Gerrit-Branch: master Gerrit-Owner: Henry Robinson <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-HasComments: Yes
