Dan Burkert has posted comments on this change. ( http://gerrit.cloudera.org:8080/9025 )
Change subject: WIP [rpc] don't issue authn tokens over non-confidential connections ...................................................................... Patch Set 1: (1 comment) LGTM, I agree about the need for a test. http://gerrit.cloudera.org:8080/#/c/9025/1/src/kudu/rpc/negotiation.cc File src/kudu/rpc/negotiation.cc: http://gerrit.cloudera.org:8080/#/c/9025/1/src/kudu/rpc/negotiation.cc@224 PS1, Line 224: (conn->socket()->IsLoopbackConnection() && !FLAGS_rpc_encrypt_loopback_connections)); This LGTM. I originally expected it would just be client_negotiation.tls_negotiated() || conn->socket()->IsLoopbackConnection() But I think it makes sense to also gate on rpc-encrypt-loopback-connections in order to allow opting-out of this behavior, and I think it makes sense to do it with the same flag in both instances. -- To view, visit http://gerrit.cloudera.org:8080/9025 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ie31aa492bcc460dbd43975bccfe571354f3bf885 Gerrit-Change-Number: 9025 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Tue, 16 Jan 2018 19:39:17 +0000 Gerrit-HasComments: Yes
