Sailesh Mukil has posted comments on this change. Change subject: [ssl] disable SSL/TLS compression ......................................................................
Patch Set 1: Code-Review+1 (1 comment) Good catch. I wasn't aware of this. Also just FYI, it looks like it's disabled by default from OpenSSLv1.1.0. http://gerrit.cloudera.org:8080/#/c/4962/1/src/kudu/util/net/ssl_factory.cc File src/kudu/util/net/ssl_factory.cc: PS1, Line 94: SSL_OP_NO_COMPRESSION Do you think adding a comment like this is necessary? "Disable compression as it's subject to the CRIME attack" -- To view, visit http://gerrit.cloudera.org:8080/4962 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ib470d1c00abb5a4bdf4650fc3ed19b6d588ea78f Gerrit-PatchSet: 1 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
