mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joris Van Remoortere" <joris.van.remoort...@gmail.com>
Subject Review Request 31207: WIP: Support for SSL and non-ssl traffic simultaneously.
Date Thu, 19 Feb 2015 21:06:31 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31207/
-----------------------------------------------------------

Review request for mesos, Benjamin Hindman and Niklas Nielsen.


Bugs: MESOS-2085
    https://issues.apache.org/jira/browse/MESOS-2085


Repository: mesos


Description
-------

Add a flag SSL_SUPPORT_DOWNGRADE which allows:
1. an SSL accepting socket to peek at the incoming data. If the hello handshake bits are not
set, then accept as a Socket::POLL socket instead.
2. When calling Process::link or Process:send(Message), if a new connection is required, allow
a second attempt using Socket::POLL if an SSL connection was first attempted.


Diffs
-----

  3rdparty/libprocess/include/process/socket.hpp ddb9e365fc1e65a568bdac4973964df1ab8cc05e

  3rdparty/libprocess/src/libevent_ssl_socket.cpp PRE-CREATION 
  3rdparty/libprocess/src/openssl.hpp PRE-CREATION 
  3rdparty/libprocess/src/openssl.cpp PRE-CREATION 
  3rdparty/libprocess/src/poll_socket.hpp f7ca08e04f0e2a6c4436579b8e18881376985aa5 
  3rdparty/libprocess/src/process.cpp 67b6b3b9c13d95fa1a24b48a12c5c831c7f249bf 

Diff: https://reviews.apache.org/r/31207/diff/


Testing
-------

Running with:
1) An SSL master
  - connect a non-ssl slave
  - connect a non-ssl framework
  - connect an ssl slave
  - connect an ssl framework
2) A non-ssl master
  - connect a non-ssl slave
  - connect a non-ssl framework
  - connect an ssl slave
  - connect an ssl framework


Thanks,

Joris Van Remoortere


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message