Todd Lipcon has submitted this change and it was merged. Change subject: Fix TLS_AUTHENTICATION_ONLY detection ......................................................................
Fix TLS_AUTHENTICATION_ONLY detection The patch which added support for TLS_AUTHENTICATION_ONLY had a serious bug: it always got enabled due to a typo in Socket::IsLoopbackConnection. This fixes the typo and also adds some trace messages in negotiation when TLS-only auth is negotiated. I manually verified on an Impala cluster that tshark showed encrypted traffic between nodes and plaintext on the loopback interface after fixing this issue (previously I saw plaintext everywhere!) Change-Id: I76fd3bb7c64c6b831f406912852b064f9fec3d00 Reviewed-on: http://gerrit.cloudera.org:8080/5996 Tested-by: Kudu Jenkins Reviewed-by: Dan Burkert <[email protected]> --- M src/kudu/rpc/client_negotiation.cc M src/kudu/rpc/server_negotiation.cc M src/kudu/util/net/socket.cc 3 files changed, 3 insertions(+), 1 deletion(-) Approvals: Dan Burkert: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/5996 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: merged Gerrit-Change-Id: I76fd3bb7c64c6b831f406912852b064f9fec3d00 Gerrit-PatchSet: 2 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Todd Lipcon <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <[email protected]>
