Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/20076
Change subject: [rpc] clean up JWT-related client-side negotiation code ...................................................................... [rpc] clean up JWT-related client-side negotiation code Since now there is an API to add a trusted TLS certificate into the chain of trusted certificates of a Kudu C++ client application, the test-only flag --jwt_client_require_trusted_tls_cert isn't longer needed. This patch removes the flag along with corresponding test scenario. Correspondingly, the client now verifies the server's TLS certificate during TLS handshake since there isn't a case when a client would send out its JWT to a server it doesn't trust once the --jwt_client_require_trusted_tls_cert test-only flag is removed. This patch also adds an extra logging about a connection negotiation condition when the client has a JWT, but it doesn't trust the server's TLS certificate. In addition, I took the liberty of removing a few TODOs related to KUDU-1921 since the referred functionality has already been implemented. Change-Id: I85574ed05396fcf3740d9d068afa524cf125f5ff --- M src/kudu/integration-tests/security-itest.cc M src/kudu/rpc/client_negotiation.cc 2 files changed, 27 insertions(+), 49 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/76/20076/1 -- To view, visit http://gerrit.cloudera.org:8080/20076 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I85574ed05396fcf3740d9d068afa524cf125f5ff Gerrit-Change-Number: 20076 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]>
