Dan Burkert has submitted this change and it was merged. Change subject: KUDU-1965: Allow user provided TLS certificates to work with KRPC ......................................................................
KUDU-1965: Allow user provided TLS certificates to work with KRPC This patch adds a bool in the TlsContext class to keep track of whether the certificates provided are externally provided or not. If it is externally provided, then authenticated TLS is not negotiated, causing a fallback to SASL authentication. The certificates are used only for encryption. This adds some tests in negotiation-test Change-Id: Idd44770a1fe85e9934a657ee79d93139b9a86dff Reviewed-on: http://gerrit.cloudera.org:8080/6594 Reviewed-by: Dan Burkert <[email protected]> Tested-by: Kudu Jenkins --- M docs/design-docs/rpc.md M src/kudu/rpc/client_negotiation.cc M src/kudu/rpc/negotiation-test.cc M src/kudu/rpc/server_negotiation.cc M src/kudu/security/security-test-util.cc M src/kudu/security/security-test-util.h M src/kudu/security/tls_context.cc M src/kudu/security/tls_context.h 8 files changed, 171 insertions(+), 6 deletions(-) Approvals: Dan Burkert: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/6594 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: merged Gerrit-Change-Id: Idd44770a1fe85e9934a657ee79d93139b9a86dff Gerrit-PatchSet: 6 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Sailesh Mukil <[email protected]>
