Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Grant Henke, Wenzhe Zhou,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/16659
to look at the new patch set (#3).
Change subject: Add lock before verifying signature
......................................................................
Add lock before verifying signature
It seems there is a race condition somewhere in OpenSSL FIPS Object
Module, or at least in SafeLogic CryptoComply for Servers, as a
certificate can get corrupted when multiple certificates are being
verified in the same time. This commits adds additional locking to
crypto and TLS context/handshake to prevent this from happening.
Change-Id: Ifafc7dcf91db910123276b657515e410bb7f6fcd
---
M src/kudu/security/crypto.cc
M src/kudu/security/tls_context.cc
M src/kudu/security/tls_handshake.cc
3 files changed, 32 insertions(+), 0 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/59/16659/3
--
To view, visit http://gerrit.cloudera.org:8080/16659
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ifafc7dcf91db910123276b657515e410bb7f6fcd
Gerrit-Change-Number: 16659
Gerrit-PatchSet: 3
Gerrit-Owner: Attila Bukor <[email protected]>
Gerrit-Reviewer: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Attila Bukor <[email protected]>
Gerrit-Reviewer: Grant Henke <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Tidy Bot (241)
Gerrit-Reviewer: Wenzhe Zhou <[email protected]>
