Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12445 )
Change subject: [security] fix CheckOpenSSLInitialized() for OpenSSL 1.1+ ...................................................................... Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/12445/1/src/kudu/security/openssl_util.cc File src/kudu/security/openssl_util.cc: http://gerrit.cloudera.org:8080/#/c/12445/1/src/kudu/security/openssl_util.cc@99 PS1, Line 99: #if OPENSSL_VERSION_NUMBER >= 0x10100000L : // The OPENSSL_init_ssl manpage [1] says "As of version 1.1.0 OpenSSL will : // automatically allocate all resources it needs so no explicit initialisation : // is required." However, eliding library initialization leads to a memory : // leak in some versions of OpenSSL 1.1 when the first OpenSSL is : // ERR_peek_error [2]. I > Yes, but I'm not sure it will work otherwise. Before this change, down the After some consideration I think this #if protected us against some version which is not in any Ubuntu distro. E.g., with libssl-dev 1.1.0g-2ubuntu4.3: /usr/include/openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER 0x1010007fL I don't understand how the strict inequality was helpful to reduce flakiness in TSAN-enabled tests. -- To view, visit http://gerrit.cloudera.org:8080/12445 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ica7cf22ef81bbeffd25ef2826d925c41b97dc2d8 Gerrit-Change-Number: 12445 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-Comment-Date: Tue, 12 Feb 2019 04:24:01 +0000 Gerrit-HasComments: Yes