Attila Bukor has posted comments on this change. ( http://gerrit.cloudera.org:8080/16659 )
Change subject: KUDU-3210 Add lock before verifying signature ...................................................................... Patch Set 8: (2 comments) http://gerrit.cloudera.org:8080/#/c/16659/6//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/16659/6//COMMIT_MSG@21 PS6, Line 21: OpenSSL locking callbacks are : properly registered too > I'm suggesting to try using the same locking callbacks for both FIPS and re CRYPTO_lock() is just calling the callback function we registered: https://github.com/openssl/openssl/blob/d11e6a4410d5aae70ad545d085d344644c33d9cc/crypto/lock.c#L469 I tried registering a dynamic locking callback, but it didn't change anything, so I removed it. http://gerrit.cloudera.org:8080/#/c/16659/3/src/kudu/security/tls_handshake.cc File src/kudu/security/tls_handshake.cc: http://gerrit.cloudera.org:8080/#/c/16659/3/src/kudu/security/tls_handshake.cc@101 PS3, Line 101: DCHECK(n == recv.size() || (n == -1 && recv.empty())); : DCHECK_EQ(BIO_ctrl_pending(rbio), recv.size()); : > I guess BIO_write() and BIO_read() is an API to abstract actual IO happenin The tls_handshake-test.cc doesn't even use sockets, it seems it's doing the whole TLS handshake sequence passing strings between the client and the server. -- To view, visit http://gerrit.cloudera.org:8080/16659 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ifafc7dcf91db910123276b657515e410bb7f6fcd Gerrit-Change-Number: 16659 Gerrit-PatchSet: 8 Gerrit-Owner: Attila Bukor <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Grant Henke <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Reviewer: Wenzhe Zhou <[email protected]> Gerrit-Comment-Date: Thu, 29 Oct 2020 19:19:13 +0000 Gerrit-HasComments: Yes
