Benjamin Mahler created MESOS-7933:
--------------------------------------
Summary: LibeventSSLSocket downgrade is broken, assumes HTTP.
Key: MESOS-7933
URL: https://issues.apache.org/jira/browse/MESOS-7933
Project: Mesos
Issue Type: Bug
Components: libprocess
Reporter: Benjamin Mahler
The {{LibeventSSLSocket}}, in order to support downgrades, will peek at the
first bytes received in order to figure out if SSL data is being sent.
This was done to allow us to handle both SSL and non-SSL traffic on the same
port. However, this peeking assumes HTTP or some other protocol in which the
client sends data first (and enough data for us to peek into). And of course,
it's possible that some binary protocol happens to collide with what an SSL
connection looks like!
This works for HTTP, so currently the {{LibeventSSLSocket}} is essentially an
HTTP-only socket, it should not be used for anything else, especially binary
traffic, and it won't work if the server needs to send first.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
