Hello Tidy Bot, Zoltan Chovan, Alexey Serbin, Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/19615
to look at the new patch set (#2).
Change subject: KUDU-3448 Plumping for encrypting key material
......................................................................
KUDU-3448 Plumping for encrypting key material
Key material for the internal PKI and token signing keys are stored in
the syscatalog table in clear text, which is okay when volume-level
encryption or Kudu's built-in data at rest encryption is used, but in
some cases, this is either not used, or it's not enough (FISMA).
To allow storing these key materials in encrypted form in the syscatalog
table, this patch adds the necessary plumbing in Kudu's OpenSSL wrapper.
It is now possible to pass a password callback function to the utility
functions responsible for reading from and writing to OpenSSL BIO and
strings.
Change-Id: I24c5ac8ea0f9a4cab0f35ecccb1b7b00f3acefa8
---
M src/kudu/security/crypto.cc
M src/kudu/security/crypto.h
M src/kudu/util/openssl_util_bio.h
3 files changed, 75 insertions(+), 5 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/15/19615/2
--
To view, visit http://gerrit.cloudera.org:8080/19615
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I24c5ac8ea0f9a4cab0f35ecccb1b7b00f3acefa8
Gerrit-Change-Number: 19615
Gerrit-PatchSet: 2
Gerrit-Owner: Attila Bukor <[email protected]>
Gerrit-Reviewer: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Attila Bukor <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Tidy Bot (241)
Gerrit-Reviewer: Zoltan Chovan <[email protected]>
