Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/7821 )
Change subject: rpc: allow setting --rpc_tls_min_protocol on older RHEL versions ...................................................................... Patch Set 2: (1 comment) http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc File src/kudu/security/tls_context.cc: http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc@52 PS2, Line 52: // --rpc-tls-min-protocol=TLSv1.2 option, negotiations will fail at runtime with : // a 'missing protocol' error: : / > I think it's possible to look at SSLv23_method()->version just after initia In other words, SSLv23_method()->version reports the highest version of the TLS/SSL protocol supported by the OpenSSL library. And it's straightforward to compare the reported version with the required protocol version: SSL2_VERSION 0x0002 SSL3_VERSION 0x0300 TLS1_VERSION 0x0301 TLS1_1_VERSION 0x0302 TLS1_2_VERSION 0x0303 -- To view, visit http://gerrit.cloudera.org:8080/7821 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ic61f31788d63072fae609c6a2186e52d5e2467b7 Gerrit-Change-Number: 7821 Gerrit-PatchSet: 2 Gerrit-Owner: Dan Burkert <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Henry Robinson <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Tue, 16 Jan 2018 19:19:05 +0000 Gerrit-HasComments: Yes
