mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph Wu <jos...@mesosphere.io>
Subject Re: Review Request 71665: SSL Wrapper: Implemented socket connection and handshake.
Date Mon, 16 Dec 2019 21:58:40 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71665/
-----------------------------------------------------------

(Updated Dec. 16, 2019, 1:58 p.m.)


Review request for mesos, Benno Evers, Benjamin Mahler, Greg Mann, and Till Toenshoff.


Changes
-------

Mostly commenting changes.


Bugs: MESOS-10010
    https://issues.apache.org/jira/browse/MESOS-10010


Repository: mesos


Description
-------

This fills in some of the SSL socket implementation,
in particular the constructor, destructor, connect(),
and accept() methods.

Much of the setup and verification is taken verbatim from the
libevent socket implementation.

A change to the poll socket was necessary to prevent the SSL
socket from holding a self-reference indefinitely.


Diffs (updated)
-----

  3rdparty/libprocess/include/process/socket.hpp 48860f8646d388685f0a60ad2a2f613b1f4be61a

  3rdparty/libprocess/src/posix/poll_socket.cpp ecc2bd492c4edd2f6ab0aae52d50bb3954881893 
  3rdparty/libprocess/src/ssl/openssl_socket.hpp PRE-CREATION 
  3rdparty/libprocess/src/ssl/openssl_socket.cpp PRE-CREATION 
  3rdparty/libprocess/src/windows/poll_socket.cpp e2a84694ac554b4c23242fd93d93800c0334a943



Diff: https://reviews.apache.org/r/71665/diff/7/

Changes: https://reviews.apache.org/r/71665/diff/6-7/


Testing
-------

cmake --build . --target libprocess-tests

Successfully connected to Google :D
With something like this:
```
  set_environment_variables({
    {"LIBPROCESS_SSL_ENABLED", "true"},
    {"LIBPROCESS_SSL_KEY_FILE", key_path().string()},
    {"LIBPROCESS_SSL_CERT_FILE", certificate_path().string()}
  });

  Try<Socket> client = Socket::create(SocketImpl::Kind::SSL);
  ASSERT_SOME(client);

  AWAIT_ASSERT_READY(client->connect(
      network::inet::Address(net::IP::parse("216.58.194.206").get(), 443),
      openssl::create_tls_client_config(None())));
```


Thanks,

Joseph Wu


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message