Adar Dembo has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/15554 )
Change subject: [python] KUDU-3087 use 2048-bit RSA keys for CA and server certs ...................................................................... [python] KUDU-3087 use 2048-bit RSA keys for CA and server certs In changelist 3343144fe, the external mini-cluster is configured to use 768-bit RSA cryptography for CA and server TLS certificates. To make this work with OpenSSL 1.1.x, it's necessary to set security level to 0 for the client side. That's done for C++ and Java tests in the mentioned changelist, but Python tests were not updated correspondingly. This patch addresses the described issue for tests in the kudu-python project. Since kudu-python is a wrapper around kudu-client C++ library, it's not trivial to configure the security level using gflags in a non-invasive way. The solution is to make kudu-master and kudu-tserver processes using 2048-bit RSA keys instead of 768-bit ones, allowing the tests in kudu-python to pass on contemporary or security-hardened Linux distros which set security level 2 by default for the OpenSSL library. This is a follow-up to 3343144fefaad5a30e95e21297c64c78e308fa1f. Change-Id: I740d81291832bfc28c395443f2c01b0c9a7dbadf Reviewed-on: http://gerrit.cloudera.org:8080/15554 Tested-by: Alexey Serbin <aser...@cloudera.com> Reviewed-by: <huangtianhua...@gmail.com> Reviewed-by: Grant Henke <granthe...@apache.org> Reviewed-by: Adar Dembo <a...@cloudera.com> --- M python/kudu/tests/common.py 1 file changed, 15 insertions(+), 1 deletion(-) Approvals: Alexey Serbin: Verified huangtianhua...@gmail.com: Looks good to me, but someone else must approve Grant Henke: Looks good to me, approved Adar Dembo: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/15554 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I740d81291832bfc28c395443f2c01b0c9a7dbadf Gerrit-Change-Number: 15554 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Adar Dembo <a...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Anonymous Coward <huangtianhua...@gmail.com> Gerrit-Reviewer: Grant Henke <granthe...@apache.org> Gerrit-Reviewer: Kudu Jenkins (120)