Return-Path: X-Original-To: apmail-mesos-reviews-archive@minotaur.apache.org Delivered-To: apmail-mesos-reviews-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5E47517216 for ; Mon, 29 Jun 2015 18:49:16 +0000 (UTC) Received: (qmail 21358 invoked by uid 500); 29 Jun 2015 18:49:16 -0000 Delivered-To: apmail-mesos-reviews-archive@mesos.apache.org Received: (qmail 21341 invoked by uid 500); 29 Jun 2015 18:49:16 -0000 Mailing-List: contact reviews-help@mesos.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: reviews@mesos.apache.org Delivered-To: mailing list reviews@mesos.apache.org Received: (qmail 21326 invoked by uid 99); 29 Jun 2015 18:49:16 -0000 Received: from reviews-vm.apache.org (HELO reviews.apache.org) (140.211.11.40) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Jun 2015 18:49:16 +0000 Received: from reviews.apache.org (localhost [127.0.0.1]) by reviews.apache.org (Postfix) with ESMTP id 7D8FAABED9; Mon, 29 Jun 2015 18:49:14 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============4169206978455055394==" MIME-Version: 1.0 Subject: Re: Review Request 31207: Support for SSL and non-ssl traffic simultaneously. From: "Joris Van Remoortere" To: "Benjamin Hindman" Cc: "Joris Van Remoortere" , "Marco Massenzio" , "Mesos ReviewBot" , "mesos" Date: Mon, 29 Jun 2015 18:49:14 -0000 Message-ID: <20150629184914.13307.52385@reviews.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: "Joris Van Remoortere" X-ReviewGroup: mesos X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/31207/ X-Sender: "Joris Van Remoortere" References: <20150629063634.13308.52088@reviews.apache.org> In-Reply-To: <20150629063634.13308.52088@reviews.apache.org> Reply-To: "Joris Van Remoortere" X-ReviewRequest-Repository: mesos --===============4169206978455055394== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31207/ ----------------------------------------------------------- (Updated June 29, 2015, 6:49 p.m.) Review request for mesos and Benjamin Hindman. Changes ------- Factor out (now) un-used process reference from link_connect. Cleanup. Bugs: MESOS-2085 https://issues.apache.org/jira/browse/MESOS-2085 Repository: mesos Description ------- Add a flag SSL_SUPPORT_DOWNGRADE which allows: 1. an SSL accepting socket to peek at the incoming data. If the hello handshake bits are not set, then accept as a Socket::POLL socket instead. 2. When calling Process::link or Process:send(Message), if a new connection is required, allow a second attempt using Socket::POLL if an SSL connection was first attempted. Diffs (updated) ----- 3rdparty/libprocess/include/process/socket.hpp f53d2e1dbb31e135c8951145d379cbbff3044448 3rdparty/libprocess/src/libevent_ssl_socket.hpp 4f2cd357bfdb5268d2bae2df5d7138ff14064bf6 3rdparty/libprocess/src/libevent_ssl_socket.cpp 2920e0e1a5643118b14911d77fb682e60958b4e6 3rdparty/libprocess/src/openssl.hpp 60c7b078b891e09d53d82508bb2965addf359d68 3rdparty/libprocess/src/openssl.cpp 6ff4adb4c9792ff10d8c6ed2f3b2f3d8d0d7f1a8 3rdparty/libprocess/src/poll_socket.hpp 553aa641525d587a44608d7c6c4f16b09b47cfe0 3rdparty/libprocess/src/process.cpp 52649fb90cdbefb495b68d0beb8c7f7e5ef6888e 3rdparty/libprocess/src/tests/ssl_tests.cpp c077aaeaecbe2cdcdad2b042741eeb8906699a22 Diff: https://reviews.apache.org/r/31207/diff/ Testing ------- Running with: 1) An SSL master - connect a non-ssl slave - connect a non-ssl framework - connect an ssl slave - connect an ssl framework 2) A non-ssl master - connect a non-ssl slave - connect a non-ssl framework - connect an ssl slave - connect an ssl framework Thanks, Joris Van Remoortere --===============4169206978455055394==--