[jira] [Updated] (KUDU-2871) TLS 1.3 not supported by krpc

Alexey Serbin (Jira) Mon, 15 Mar 2021 20:05:23 -0700


     [ 
https://issues.apache.org/jira/browse/KUDU-2871?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Alexey Serbin updated KUDU-2871:
--------------------------------
    Code Review: http://gerrit.cloudera.org:8080/17189

> TLS 1.3 not supported by krpc
> -----------------------------
>
>                 Key: KUDU-2871
>                 URL: https://issues.apache.org/jira/browse/KUDU-2871
>             Project: Kudu
>          Issue Type: Bug
>          Components: master, rpc, security, tserver
>    Affects Versions: 1.8.0, 1.9.0, 1.9.1
>            Reporter: Todd Lipcon
>            Assignee: Alexey Serbin
>            Priority: Major
>
> The TLS negotiation in our RPC protocol assumes a whole number of round trips 
> between client and server. For TLS 1.3, the exchange has 1.5 round trips (the 
> client is the last sender rather than the server) which breaks negotiation. 
> Most tests thus fail with OpenSSL 1.1.1.
> We should temporarily disable TLS 1.3 and then fix RPC to support this.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (KUDU-2871) TLS 1.3 not supported by krpc

Reply via email to