> On July 4, 2019, 11:53 p.m., Till Toenshoff wrote: > > 3rdparty/libprocess/src/openssl.cpp > > Line 806 (original), 807 (patched) > > <https://reviews.apache.org/r/70991/diff/2/?file=2153776#file2153776line807> > > > > s/libprocess/legacy/
Actually, please make sure you dont end up with ``` // i.e. the lagacy 'legacy' scheme ``` :D - Till ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70991/#review216396 ----------------------------------------------------------- On July 4, 2019, 7 p.m., Benno Evers wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70991/ > ----------------------------------------------------------- > > (Updated July 4, 2019, 7 p.m.) > > > Review request for mesos, Benjamin Mahler, Joseph Wu, and Till Toenshoff. > > > Bugs: MESOS-9878 > https://issues.apache.org/jira/browse/MESOS-9878 > > > Repository: mesos > > > Description > ------- > > Users of libprocess can now pass a custom SSL context when > connecting a generic socket via the `Socket::connect()` > function. > > Additionally the API of `Socket::connect()` was also reworked > according to the following boundary conditions requested by > libprocess maintainers: > > * When libprocess is compiled without SSL support, neither the > declaration of the TLS configuration object nor the `connnect()` > overload that accepts the TLS configuration should be available. > * Passing just the servername is not an acceptable short-hand for > using the default TLS configuration together with that servername. > * When the incorrect overload is selected (i.e. passing TLS config > to a poll socket or omitting TLS configuration for a TLS socket), > the program should abort. > > This following changes are introduced according to the requirements > above: > > * A new class `openssl::TLSClientConfig` is introduced when libprocess > is compiled with ssl support. > * A new overload > `Socket::connect(const Address&, const TLSClientConfig&)` is > introduced when libprocess is compiled with ssl support. > * All call sites are adjusted to check the socket kind before calling > `connect()`. > > > Diffs > ----- > > 3rdparty/libprocess/include/Makefile.am > 1ddcc2d5a30f7bf3914138e497a9b228b515cd29 > 3rdparty/libprocess/include/process/socket.hpp > 4f0f6e9aa6e95e826e3de96e518a7200ad7a8f83 > 3rdparty/libprocess/include/process/ssl/tls_config.hpp PRE-CREATION > 3rdparty/libprocess/src/http.cpp 3e73ee936f5c6329f41704a179f3d88ab65dfb6d > 3rdparty/libprocess/src/openssl.hpp > 17bec246e516261f8d772f1647c17f092fae82d1 > 3rdparty/libprocess/src/openssl.cpp > 19d25a89f7dda1f6c66dd1ffc5051e35457d26b0 > 3rdparty/libprocess/src/poll_socket.hpp > 15b7902ba2b10fad63e2ba7b8d5081d4b9e2d1c7 > 3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.hpp > 6ef5a86566af3439cfe0b06ab3576076623f7be0 > 3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.cpp > 7e2229a9ed815727500bd457356e5531607fa6cf > 3rdparty/libprocess/src/posix/poll_socket.cpp > 74acb6942682a9d9626df81b303eba0a1c24ecf7 > 3rdparty/libprocess/src/process.cpp > 799666f03d6a78708aa9336c2dd04bc9b5023aa0 > 3rdparty/libprocess/src/tests/http_tests.cpp > 4d372943a2d417d24d06444ec2e72909fb348017 > 3rdparty/libprocess/src/tests/socket_tests.cpp > b09ae23a551c6587656b2d5f6f58c5267e8e0088 > 3rdparty/libprocess/src/tests/ssl_client.cpp > de87b3b89c84d17f2ebba1f09e9ec682f139aace > 3rdparty/libprocess/src/tests/ssl_tests.cpp > 5d360221937e68da185754f0633fa41a217c7107 > > > Diff: https://reviews.apache.org/r/70991/diff/2/ > > > Testing > ------- > > > Thanks, > > Benno Evers > >
