[
https://issues.apache.org/jira/browse/IMPALA-6418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sailesh Mukil resolved IMPALA-6418.
-----------------------------------
Resolution: Fixed
Fix Version/s: Impala 2.12.0
Commit in:
https://github.com/apache/impala/commit/a3c0fffa1275c1d1d2770b9fc35885a22dc7edce
> Find a reliable way to detect supported TLS versions
> ----------------------------------------------------
>
> Key: IMPALA-6418
> URL: https://issues.apache.org/jira/browse/IMPALA-6418
> Project: IMPALA
> Issue Type: Bug
> Components: Security
> Reporter: Sailesh Mukil
> Assignee: Sailesh Mukil
> Priority: Blocker
> Labels: security
> Fix For: Impala 2.12.0
>
>
> The problem in brief is that when we build against an older version of
> OpenSSL and run against a higher version of OpenSSL, the SSLeay() function
> (which is supposed to return the runtime version of OpenSSL), returns the
> compile time version of OpenSSL instead of the version that it's actually
> running against.
> Due to this, our version compatibility checking code doesn't allow us to use
> TLSv1.2 on certain platforms (specifically RHEL when it's built against
> OpenSSL 1.0.0 and run on a CentOS system with OpenSSL 1.0.1 or above).
> This was filed as a bug against RHEL:
> https://bugzilla.redhat.com/show_bug.cgi?id=1497859
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
