Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/8328 )
Change subject: [tls_socket] workaround for TLS short read ...................................................................... Patch Set 3: (4 comments) http://gerrit.cloudera.org:8080/#/c/8328/3//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/8328/3//COMMIT_MSG@7 PS3, Line 7: [tls_socket] workaround for TLS short read > this is no longer a workaround, right? it's just proper handling of the EIN It's still a workaround by my understanding, since they way how it works now contradicts the openssl doc. http://gerrit.cloudera.org:8080/#/c/8328/3/src/kudu/security/tls_socket.cc File src/kudu/security/tls_socket.cc: http://gerrit.cloudera.org:8080/#/c/8328/3/src/kudu/security/tls_socket.cc@61 PS3, Line 61: if re-negotiation : // is initiated in the middle of transfer. > don't we disable renegotiation? can this actually happen? Nope, I don't think we disable re-negotiations. As far as I know, nothing prevents the client start re-negotiation. http://gerrit.cloudera.org:8080/#/c/8328/3/src/kudu/security/tls_socket.cc@67 PS3, Line 67: // TODO(aserbin): clarify on this and remove the workaround. > I thought we determined this wasn't kernel-dependent. Well, as far as I can see, it does not appear with kernel 2.6.x. So, it's dependent on the kernel version. http://gerrit.cloudera.org:8080/#/c/8328/3/src/kudu/security/tls_socket.cc@117 PS3, Line 117: // is initiated in the middle of transfer. > same question regarding re-negotiation same answer as above -- To view, visit http://gerrit.cloudera.org:8080/8328 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I72b2050d1aa683731faa02b2adb360d46cd0f94c Gerrit-Change-Number: 8328 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Fri, 03 Nov 2017 18:31:27 +0000 Gerrit-HasComments: Yes
