Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/17204 )
Change subject: KUDU-1926: disable TLS/SSL session renegotiation ...................................................................... Patch Set 2: Code-Review+1 (3 comments) http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG@11 PS2, Line 11: to all nit: to disable all? http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG@16 PS2, Line 16: The moot point is the version interval between 1.1.0a and 1.1.0g: the : SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is already gone, but : SSL_OP_NO_RENEGOTIATION is not yet present. Just making sure I understand: this means we still renegotiate if compiling with an OpenSSL version in this range, right? http://gerrit.cloudera.org:8080/#/c/17204/2/src/kudu/security/tls_context.cc File src/kudu/security/tls_context.cc: http://gerrit.cloudera.org:8080/#/c/17204/2/src/kudu/security/tls_context.cc@186 PS2, Line 186: // nit: maybe note the Jira here too? -- To view, visit http://gerrit.cloudera.org:8080/17204 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1 Gerrit-Change-Number: 17204 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Grant Henke <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Mon, 22 Mar 2021 20:43:10 +0000 Gerrit-HasComments: Yes
