Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/16659 )
Change subject: Add lock before verifying signature ...................................................................... Patch Set 3: (1 comment) http://gerrit.cloudera.org:8080/#/c/16659/3/src/kudu/security/tls_handshake.cc File src/kudu/security/tls_handshake.cc: http://gerrit.cloudera.org:8080/#/c/16659/3/src/kudu/security/tls_handshake.cc@101 PS3, Line 101: #if OPENSSL_VERSION_NUMBER < 0x10100000L : std::unique_lock<std::mutex> lock(mutex); : #endif > I don't think so, this method uses strings as input and output, and doesn't I think output/input parameters is only a part of the picture since there is also internal state of the TlsHandshake class. At least BIO_write()/BIO_read() perform writing/reading over the network. With this change, BIO_read() is performed while holding the lock, and it's global for a process, as I can see. This doesn't look good to me. -- To view, visit http://gerrit.cloudera.org:8080/16659 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ifafc7dcf91db910123276b657515e410bb7f6fcd Gerrit-Change-Number: 16659 Gerrit-PatchSet: 3 Gerrit-Owner: Attila Bukor <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Grant Henke <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Reviewer: Wenzhe Zhou <[email protected]> Gerrit-Comment-Date: Wed, 28 Oct 2020 21:57:43 +0000 Gerrit-HasComments: Yes
