Todd Lipcon has posted comments on this change. Change subject: [security] add --rpc_tls_ciphers flag ......................................................................
Patch Set 6: (2 comments) http://gerrit.cloudera.org:8080/#/c/6055/6/src/kudu/security/tls_context.cc File src/kudu/security/tls_context.cc: PS6, Line 123: nit: funky indentation. Line 128: return Status::RuntimeError("failed to configure ECDH support"); should we just WARN in this case? also above for the RET_IF_NULL, etc. I wonder if it's possible for OpenSSL to be built/configured in such a way that these things are disabled, in which case we still feel like the non-ECDH stuff is secure enough. -- To view, visit http://gerrit.cloudera.org:8080/6055 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I050e2295041a98fe2c3118c6258b910423bd3816 Gerrit-PatchSet: 6 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
