Hello Dan Burkert, Alexey Serbin,
I'd like you to do a code review. Please visit
http://gerrit.cloudera.org:8080/5839
to review the following change.
Change subject: tls: move setting of verification modes into TlsHandshake
......................................................................
tls: move setting of verification modes into TlsHandshake
Depending on the particular type of connection, we need to configure the
TLS verification differently. For example, a connection that uses a
token for client authentication needs to verify the server cert for
server authentication, whereas the initial connection uses Kerberos for
mutual authentication and doesn't need TLS authentication at all.
As such, the global configuration of SSL verification mode in TlsContext
is no longer appropriate. This moves the configuration to be
per-TlsHandshake.
Change-Id: I37cbc20b1a70a7469a2a2f43702599b1b55ff294
---
M src/kudu/security/tls_context.cc
M src/kudu/security/tls_handshake-test.cc
M src/kudu/security/tls_handshake.cc
M src/kudu/security/tls_handshake.h
4 files changed, 229 insertions(+), 20 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/39/5839/1
--
To view, visit http://gerrit.cloudera.org:8080/5839
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I37cbc20b1a70a7469a2a2f43702599b1b55ff294
Gerrit-PatchSet: 1
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Todd Lipcon <[email protected]>
Gerrit-Reviewer: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Dan Burkert <[email protected]>
