[ https://issues.apache.org/jira/browse/IMPALA-6418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sailesh Mukil resolved IMPALA-6418. ----------------------------------- Resolution: Fixed Fix Version/s: Impala 2.12.0 Commit in: https://github.com/apache/impala/commit/a3c0fffa1275c1d1d2770b9fc35885a22dc7edce > Find a reliable way to detect supported TLS versions > ---------------------------------------------------- > > Key: IMPALA-6418 > URL: https://issues.apache.org/jira/browse/IMPALA-6418 > Project: IMPALA > Issue Type: Bug > Components: Security > Reporter: Sailesh Mukil > Assignee: Sailesh Mukil > Priority: Blocker > Labels: security > Fix For: Impala 2.12.0 > > > The problem in brief is that when we build against an older version of > OpenSSL and run against a higher version of OpenSSL, the SSLeay() function > (which is supposed to return the runtime version of OpenSSL), returns the > compile time version of OpenSSL instead of the version that it's actually > running against. > Due to this, our version compatibility checking code doesn't allow us to use > TLSv1.2 on certain platforms (specifically RHEL when it's built against > OpenSSL 1.0.0 and run on a CentOS system with OpenSSL 1.0.1 or above). > This was filed as a bug against RHEL: > https://bugzilla.redhat.com/show_bug.cgi?id=1497859 -- This message was sent by Atlassian JIRA (v7.6.3#76005)