mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Till Toenshoff <toensh...@me.com>
Subject Re: Review Request 52031: Added openssl error string output to initializing failures.
Date Tue, 20 Sep 2016 13:04:43 GMT


> On Sept. 20, 2016, 1:23 a.m., Joris Van Remoortere wrote:
> > 3rdparty/libprocess/src/openssl.cpp, lines 481-482
> > <https://reviews.apache.org/r/52031/diff/1/?file=1502587#file1502587line481>
> >
> >     Is there any information we can provide here about where we are looking for
the defaults to help the user identify the problem?

The defaults are baked into the openssl libraries at compile-time. The user may override those
using openssl's `SSL_CERT_FILE` and `SSL_CERT_DIR`. There seems to be no public way to extract
those paths back out to get them displayed.

Quick background: that information is obviously attached to the context, internally that specific
certificate stuff is handled by the `X509_STORE`-API. The above call effectively attaches
a new cert store to our context and populates it with the content of the given file/dir path.
The result is a (bunch of) certificate/s attached. The source path however is unknown later
on - at least from the API point of view. So all we could possibly show here are the context
attached certificates but not their source locations.


- Till


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52031/#review149593
-----------------------------------------------------------


On Sept. 19, 2016, 1:13 p.m., Till Toenshoff wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52031/
> -----------------------------------------------------------
> 
> (Updated Sept. 19, 2016, 1:13 p.m.)
> 
> 
> Review request for mesos, Joris Van Remoortere and Joseph Wu.
> 
> 
> Bugs: MESOS-5320
>     https://issues.apache.org/jira/browse/MESOS-5320
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Adds the human readable openssl error messages for failure cases. Also
> fixes a spacing nit in one of the existing messages.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/openssl.cpp c09cdc89509e4e4ca4c8a0f4fb0a57156a3a6091 
> 
> Diff: https://reviews.apache.org/r/52031/diff/
> 
> 
> Testing
> -------
> 
> make check && functional testing
> 
> 
> Thanks,
> 
> Till Toenshoff
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message