subject:"\[kudu\-CR\] KUDU\-1926\: disable TLS\/SSL session renegotiation"

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-22 Thread Andrew Wong (Code Review)

Andrew Wong has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 2: Code-Review+1

(3 comments)

http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG
Commit Message:

http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG@11
PS2, Line 11: to all
nit: to disable all?


http://gerrit.cloudera.org:8080/#/c/17204/2//COMMIT_MSG@16
PS2, Line 16: The moot point is the version interval between 1.1.0a and 1.1.0g: 
the
: SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is already gone, but
: SSL_OP_NO_RENEGOTIATION is not yet present.
Just making sure I understand: this means we still renegotiate if compiling 
with an OpenSSL version in this range, right?


http://gerrit.cloudera.org:8080/#/c/17204/2/src/kudu/security/tls_context.cc
File src/kudu/security/tls_context.cc:

http://gerrit.cloudera.org:8080/#/c/17204/2/src/kudu/security/tls_context.cc@186
PS2, Line 186:   //
nit: maybe note the Jira here too?



--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Andrew Wong 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Mon, 22 Mar 2021 20:43:10 +
Gerrit-HasComments: Yes

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-20 Thread Grant Henke (Code Review)

Grant Henke has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 2: Code-Review+1


--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Sun, 21 Mar 2021 01:19:29 +
Gerrit-HasComments: No

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-19 Thread Alexey Serbin (Code Review)

Alexey Serbin has removed a vote on this change.

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Removed Verified-1 by Kudu Jenkins (120)
--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: deleteVote
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-19 Thread Alexey Serbin (Code Review)

Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 2: Verified+1

> There is funny crash with SIGSEGV if running under TSAN: I'll need
 > to clarify on that.
 >
 >
 > home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:315
 > Failed
 > Bad status: Runtime error: /tmp/dist-test-task4slHfE/build/tsan/bin/kudu:
 > process exited on signal 11 (core dumped)
 > Google Test trace:
 > /home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:314:
 > W0319 06:43:49.983834 27011 flags.cc:411] Enabled unsafe flag:
 > --openssl_security_level_override=0
 > W0319 06:43:49.984328 27011 flags.cc:411] Enabled unsafe flag:
 > --never_fsync=true
 > W0319 06:43:50.808722 27011 thread.cc:616] rpc reactor (reactor)
 > Time spent creating pthread: real 0.775s user 0.356s sys 0.418s
 > W0319 06:43:50.809056 27011 thread.cc:582] rpc reactor (reactor)
 > Time spent starting thread: real 0.775s  user 0.356s sys 0.418s
 > *** Aborted at 1616136230 (unix time) try "date -d @1616136230" if
 > you are using GNU date ***
 > PC: @ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
 > *** SIGSEGV (@0x18) received by PID 27011 (TID 0x7fd2a1883700) from
 > PID 24; stack trace: ***
 > @   0x4f8b10 __tsan::CallUserSignalHandler()
 > @   0x4fb027 rtl_sigaction()
 > @ 0x7fd2b07ff980 (unknown)
 > @ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
 > @   0x4ff2b2 pthread_rwlock_unlock
 > @ 0x7fd2aed4e8a9 CRYPTO_THREAD_unlock
 > @ 0x7fd2aece481f CRYPTO_free_ex_data
 > @ 0x7fd2aed183b2 RSA_free
 > @ 0x7fd2aecdfc9b (unknown)
 > @ 0x7fd2aece0899 EVP_PKEY_free
 > @ 0x7fd2aed6965c (unknown)
 > @ 0x7fd2aec0fac7 (unknown)
 > @ 0x7fd2aec0fc30 (unknown)
 > @ 0x7fd2aec0fa26 (unknown)
 > @ 0x7fd2aec0fc30 (unknown)
 > @ 0x7fd2aec0fa26 (unknown)
 > @ 0x7fd2aec0fb55 ASN1_item_free
 > @ 0x7fd2aed5d069 X509_OBJECT_free
 > @ 0x7fd2aed4afc0 OPENSSL_sk_pop_free
 > @ 0x7fd2aed5d5ac X509_STORE_free
 > @ 0x7fd2ae919af4 SSL_CTX_free
 > @ 0x7fd2af657c88 
 > _ZNSt3__18__invokeIRPFvP10ssl_ctx_stEJS2_EEEDTclclsr3std3__1E7forwardIT_Efp_Espclsr3std3__1E7forwardIT0_Efp0_EEEOS6_DpOS7_
 > @ 0x7fd2af657bf4 
 > _ZNSt3__128__invoke_void_return_wrapperIvE6__callIJRPFvP10ssl_ctx_stES4_EEEvDpOT_
 > @ 0x7fd2af657ba4 std::__1::__function::__alloc_func<>::operator()()
 > @ 0x7fd2af6567dd std::__1::__function::__func<>::operator()()
 > @ 0x7fd2afd074b7 std::__1::__function::__value_func<>::operator()()
 > @ 0x7fd2afd073ec std::__1::function<>::operator()()
 > @ 0x7fd2afd072fe std::__1::unique_ptr<>::reset()
 > @ 0x7fd2afd06dbc std::__1::unique_ptr<>::~unique_ptr()
 > @ 0x7fd2afd06d4a kudu::security::TlsContext::~TlsContext()
 > @ 0x7fd2afd06c9f std::__1::default_delete<>::operator()()
 > @ 0x7fd2afd06c0e std::__1::unique_ptr<>::reset()
 > /home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:313:
 > (int32 key=1) (int32 key=2) (int32 key=3) (int32 key=4) (int32
 > key=5) T ebd1313dc9ed4e9393c8c966988f7681 scanned count 5 cost
 > 0.0375527 seconds Total count 5 cost 0.0400349 seconds

I could not reproduce the flake.

 > There is funny crash with SIGSEGV if running under TSAN: I'll need
 > to clarify on that.
 > 
 >
 > home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:315
 > Failed
 > Bad status: Runtime error: /tmp/dist-test-task4slHfE/build/tsan/bin/kudu:
 > process exited on signal 11 (core dumped)
 > Google Test trace:
 > /home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:314:
 > W0319 06:43:49.983834 27011 flags.cc:411] Enabled unsafe flag:
 > --openssl_security_level_override=0
 > W0319 06:43:49.984328 27011 flags.cc:411] Enabled unsafe flag:
 > --never_fsync=true
 > W0319 06:43:50.808722 27011 thread.cc:616] rpc reactor (reactor)
 > Time spent creating pthread: real 0.775s user 0.356s sys 0.418s
 > W0319 06:43:50.809056 27011 thread.cc:582] rpc reactor (reactor)
 > Time spent starting thread: real 0.775s  user 0.356s sys 0.418s
 > *** Aborted at 1616136230 (unix time) try "date -d @1616136230" if
 > you are using GNU date ***
 > PC: @ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
 > *** SIGSEGV (@0x18) received by PID 27011 (TID 0x7fd2a1883700) from
 > PID 24; stack trace: ***
 > @   0x4f8b10 __tsan::CallUserSignalHandler()
 > @   0x4fb027 rtl_sigaction()
 > @ 0x7fd2b07ff980 (unknown)
 > @ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
 > @   0x4ff2b2 pthread_rwlock_unlock
 > @ 0x7fd2aed4e8a9 CRYPTO_THREAD_unlock
 > @ 0x7fd2aece481f CRYPTO_free_ex_data
 > @ 0x7fd2aed183b2 RSA_free
 > @ 0x7fd2aecdfc9b (unknown)
 > @ 0x7fd2aece0899 EVP_PKEY_free
 > @ 0x7fd2aed6965c

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-19 Thread Alexey Serbin (Code Review)

Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 2:

There is funny crash with SIGSEGV if running under TSAN: I'll need to clarify 
on that.


home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:315
Failed
Bad status: Runtime error: /tmp/dist-test-task4slHfE/build/tsan/bin/kudu: 
process exited on signal 11 (core dumped)
Google Test trace:
/home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:314:
 W0319 06:43:49.983834 27011 flags.cc:411] Enabled unsafe flag: 
--openssl_security_level_override=0
W0319 06:43:49.984328 27011 flags.cc:411] Enabled unsafe flag: 
--never_fsync=true
W0319 06:43:50.808722 27011 thread.cc:616] rpc reactor (reactor) Time spent 
creating pthread: real 0.775s   user 0.356s sys 0.418s
W0319 06:43:50.809056 27011 thread.cc:582] rpc reactor (reactor) Time spent 
starting thread: real 0.775suser 0.356s sys 0.418s
*** Aborted at 1616136230 (unix time) try "date -d @1616136230" if you are 
using GNU date ***
PC: @ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
*** SIGSEGV (@0x18) received by PID 27011 (TID 0x7fd2a1883700) from PID 24; 
stack trace: ***
@   0x4f8b10 __tsan::CallUserSignalHandler()
@   0x4fb027 rtl_sigaction()
@ 0x7fd2b07ff980 (unknown)
@ 0x7fd2b07fa26a __GI___pthread_rwlock_unlock
@   0x4ff2b2 pthread_rwlock_unlock
@ 0x7fd2aed4e8a9 CRYPTO_THREAD_unlock
@ 0x7fd2aece481f CRYPTO_free_ex_data
@ 0x7fd2aed183b2 RSA_free
@ 0x7fd2aecdfc9b (unknown)
@ 0x7fd2aece0899 EVP_PKEY_free
@ 0x7fd2aed6965c (unknown)
@ 0x7fd2aec0fac7 (unknown)
@ 0x7fd2aec0fc30 (unknown)
@ 0x7fd2aec0fa26 (unknown)
@ 0x7fd2aec0fc30 (unknown)
@ 0x7fd2aec0fa26 (unknown)
@ 0x7fd2aec0fb55 ASN1_item_free
@ 0x7fd2aed5d069 X509_OBJECT_free
@ 0x7fd2aed4afc0 OPENSSL_sk_pop_free
@ 0x7fd2aed5d5ac X509_STORE_free
@ 0x7fd2ae919af4 SSL_CTX_free
@ 0x7fd2af657c88 
_ZNSt3__18__invokeIRPFvP10ssl_ctx_stEJS2_EEEDTclclsr3std3__1E7forwardIT_Efp_Espclsr3std3__1E7forwardIT0_Efp0_EEEOS6_DpOS7_
@ 0x7fd2af657bf4 
_ZNSt3__128__invoke_void_return_wrapperIvE6__callIJRPFvP10ssl_ctx_stES4_EEEvDpOT_
@ 0x7fd2af657ba4 std::__1::__function::__alloc_func<>::operator()()
@ 0x7fd2af6567dd std::__1::__function::__func<>::operator()()
@ 0x7fd2afd074b7 std::__1::__function::__value_func<>::operator()()
@ 0x7fd2afd073ec std::__1::function<>::operator()()
@ 0x7fd2afd072fe std::__1::unique_ptr<>::reset()
@ 0x7fd2afd06dbc std::__1::unique_ptr<>::~unique_ptr()
@ 0x7fd2afd06d4a kudu::security::TlsContext::~TlsContext()
@ 0x7fd2afd06c9f std::__1::default_delete<>::operator()()
@ 0x7fd2afd06c0e std::__1::unique_ptr<>::reset()
/home/jenkins-slave/workspace/kudu-master/1/src/kudu/tools/kudu-tool-test.cc:313:
 (int32 key=1) (int32 key=2) (int32 key=3) (int32 key=4) (int32 key=5) T 
ebd1313dc9ed4e9393c8c966988f7681 scanned count 5 cost 0.0375527 seconds Total 
count 5 cost 0.0400349 seconds


--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Fri, 19 Mar 2021 07:10:20 +
Gerrit-HasComments: No

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-19 Thread Alexey Serbin (Code Review)

Hello Attila Bukor, Kudu Jenkins, Grant Henke,

I'd like you to reexamine a change. Please visit

http://gerrit.cloudera.org:8080/17204

to look at the new patch set (#2).

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..

KUDU-1926: disable TLS/SSL session renegotiation

This patch disables TLS ciphers renegotiation for TLSv1.2 and prior.
In case of OpenSSL version 1.1.0h and newer, we are using
SSL_OP_NO_RENEGOTIATION option to all renegotiation.  In case of OpenSSL
version prior to 1.1.0a, the undocumented
SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is used.  See [1], [2] and [3]
for more context.

The moot point is the version interval between 1.1.0a and 1.1.0g: the
SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is already gone, but
SSL_OP_NO_RENEGOTIATION is not yet present.

[1] https://www.openssl.org/docs/man1.1.0/man3/SSL_set_options.html
[2] 
https://github.com/openssl/openssl/blob/f9398cc2b31858ddaaea3f5cfec2fce7f9b90347/CHANGES#L1038-L1049
[3] https://github.com/openssl/openssl/issues/4739

Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
---
M src/kudu/security/tls_context.cc
1 file changed, 25 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/04/17204/2
--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-18 Thread Alexey Serbin (Code Review)

Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 1:

> Unrelated TSAN warning while running Params/ScanYourWritesParamTest.Test/1

I posted a separate patch to fix the race reported by TSAN:
  https://gerrit.cloudera.org/#/c/17205/


--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Fri, 19 Mar 2021 04:04:04 +
Gerrit-HasComments: No

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-18 Thread Alexey Serbin (Code Review)

Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/17204 )

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Patch Set 1: Verified+1

Unrelated TSAN warning while running Params/ScanYourWritesParamTest.Test/1


--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Fri, 19 Mar 2021 00:50:02 +
Gerrit-HasComments: No

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-18 Thread Alexey Serbin (Code Review)

Alexey Serbin has removed a vote on this change.

Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..


Removed Verified-1 by Kudu Jenkins (120)
--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: deleteVote
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin 
Gerrit-Reviewer: Attila Bukor 
Gerrit-Reviewer: Grant Henke 
Gerrit-Reviewer: Kudu Jenkins (120)

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

2021-03-18 Thread Alexey Serbin (Code Review)

Alexey Serbin has uploaded this change for review. ( 
http://gerrit.cloudera.org:8080/17204


Change subject: KUDU-1926: disable TLS/SSL session renegotiation
..

KUDU-1926: disable TLS/SSL session renegotiation

This patch disables TLS ciphers renegotiation for TLSv1.2 and prior.
In case of OpenSSL version 1.1.0h and newer, we are using
SSL_OP_NO_RENEGOTIATION option to all renegotiation.  In case of OpenSSL
version prior to 1.1.0a, the undocumented
SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is used.  See [1], [2] and [3]
for more context.

The moot point is the version interval between 1.1.0a and 1.1.0g: the
SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag is already gone, but
SSL_OP_NO_RENEGOTIATION is not yet present.

[1] https://www.openssl.org/docs/man1.1.0/man3/SSL_set_options.html
[2] 
https://github.com/openssl/openssl/blob/f9398cc2b31858ddaaea3f5cfec2fce7f9b90347/CHANGES#L1038-L1049
[3] https://github.com/openssl/openssl/issues/4739

Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
---
M src/kudu/security/tls_context.cc
1 file changed, 26 insertions(+), 0 deletions(-)



  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/04/17204/1
--
To view, visit http://gerrit.cloudera.org:8080/17204
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ib585dcfc2c3f641268ceded19e0ea5c551d97ae1
Gerrit-Change-Number: 17204
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

[kudu-CR] KUDU-1926: disable TLS/SSL session renegotiation

10 matches

Site Navigation

Mail list logo

Footer information