Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/7821 )

Change subject: rpc: allow setting --rpc_tls_min_protocol on older RHEL versions
......................................................................


Patch Set 2:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc
File src/kudu/security/tls_context.cc:

http://gerrit.cloudera.org:8080/#/c/7821/2/src/kudu/security/tls_context.cc@155
PS2, Line 155:    options |= SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1;
I'm curious what happens if the built binary is run with the library that does 
not support TLSv1.2.  Is it going just to silently run the with TLSv1.1 here 
regardless of the fact that the --rpc_tls_min_protocol=TLSv1.2 is set?



--
To view, visit http://gerrit.cloudera.org:8080/7821
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ic61f31788d63072fae609c6a2186e52d5e2467b7
Gerrit-Change-Number: 7821
Gerrit-PatchSet: 2
Gerrit-Owner: Dan Burkert <danburk...@apache.org>
Gerrit-Reviewer: Adar Dembo <a...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <danburk...@apache.org>
Gerrit-Reviewer: Henry Robinson <he...@cloudera.com>
Gerrit-Reviewer: Todd Lipcon <t...@apache.org>
Gerrit-Comment-Date: Thu, 11 Jan 2018 20:25:05 +0000
Gerrit-HasComments: Yes

Reply via email to