Bug 1809536

Summary: Enable TLS support into Memcached (rebase to memcached 1.5.22)
Product: Red Hat Enterprise Linux 8 Reporter: Moises Guimaraes <moguimar>
Component: memcachedAssignee: Tomas Korbar <tkorbar>
Status: CLOSED ERRATA QA Contact: Petr Sklenar <psklenar>
Severity: high Docs Contact: Mariya Pershina <mpershin>
Priority: high    
Version: 8.4CC: apmukher, fiezzi, lbragstad, mpershin, nkinder, pasik, psklenar, thozza, tkorbar
Target Milestone: rcKeywords: FutureFeature, Rebase, TestCaseProvided, Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: memcached-1.5.22-2.el8 Doc Type: Enhancement
Doc Text:
.`memcached` rebased to version 1.5.22 The `memcached` packages have been upgraded to version 1.5.22. Notable changes over the previous version include: * TLS has been enabled. * The `-o inline_ascii_response` option has been removed. * The `-Y [authfile]` option has been added along with authentication mode for the ASCII protocol. * `memcached` can now recover its cache between restarts. * New experimental meta commands have been added. * Various performance improvements.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 02:46:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1761768, 1817044, 1825061, 1989732    

Description Moises Guimaraes 2020-03-03 11:15:51 UTC 
The Red Hat OpenStack Security DFG has an effort to enable TLS in all OpenStack endpoints called "TLS Everywhere". It was reported by one of our customers that the caching service was not covered by it. Therefore, we need to enable TLS on Memcached.
Comment 1 Moises Guimaraes 2020-03-03 11:19:36 UTC 
This feature is also required in OpenStack Platform 13, which uses RHEL 7. So I'd like to raise the discussion on how hard is to get this backported since RHEL 7 has Memcached 1.4.x while the TLS feature only came up in 1.5.13 and also depends on a newer version of OpenSSL.
Comment 3 Moises Guimaraes 2020-03-05 11:47:55 UTC 
Great, thanks Tomas.
Comment 37 errata-xmlrpc 2020-11-04 02:46:57 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (memcached bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4664