----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70991/ -----------------------------------------------------------
(Updated July 5, 2019, 9:03 a.m.) Review request for mesos, Benjamin Mahler, Joseph Wu, and Till Toenshoff. Changes ------- Add some wording changes. Bugs: MESOS-9878 https://issues.apache.org/jira/browse/MESOS-9878 Repository: mesos Description ------- Users of libprocess can now pass a custom SSL context when connecting a generic socket via the `Socket::connect()` function. Additionally the API of `Socket::connect()` was also reworked according to the following boundary conditions requested by libprocess maintainers: * When libprocess is compiled without SSL support, neither the declaration of the TLS configuration object nor the `connnect()` overload that accepts the TLS configuration should be available. * Passing just the servername is not an acceptable short-hand for using the default TLS configuration together with that servername. * When the incorrect overload is selected (i.e. passing TLS config to a poll socket or omitting TLS configuration for a TLS socket), the program should abort. This following changes are introduced according to the requirements above: * A new class `openssl::TLSClientConfig` is introduced when libprocess is compiled with ssl support. * A new overload `Socket::connect(const Address&, const TLSClientConfig&)` is introduced when libprocess is compiled with ssl support. * All call sites are adjusted to check the socket kind before calling `connect()`. Diffs (updated) ----- 3rdparty/libprocess/include/Makefile.am 1ddcc2d5a30f7bf3914138e497a9b228b515cd29 3rdparty/libprocess/include/process/socket.hpp 4f0f6e9aa6e95e826e3de96e518a7200ad7a8f83 3rdparty/libprocess/include/process/ssl/tls_config.hpp PRE-CREATION 3rdparty/libprocess/src/http.cpp 3e73ee936f5c6329f41704a179f3d88ab65dfb6d 3rdparty/libprocess/src/openssl.hpp 17bec246e516261f8d772f1647c17f092fae82d1 3rdparty/libprocess/src/openssl.cpp 19d25a89f7dda1f6c66dd1ffc5051e35457d26b0 3rdparty/libprocess/src/poll_socket.hpp 15b7902ba2b10fad63e2ba7b8d5081d4b9e2d1c7 3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.hpp 6ef5a86566af3439cfe0b06ab3576076623f7be0 3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.cpp 7e2229a9ed815727500bd457356e5531607fa6cf 3rdparty/libprocess/src/posix/poll_socket.cpp 74acb6942682a9d9626df81b303eba0a1c24ecf7 3rdparty/libprocess/src/process.cpp 799666f03d6a78708aa9336c2dd04bc9b5023aa0 3rdparty/libprocess/src/tests/http_tests.cpp 4d372943a2d417d24d06444ec2e72909fb348017 3rdparty/libprocess/src/tests/socket_tests.cpp b09ae23a551c6587656b2d5f6f58c5267e8e0088 3rdparty/libprocess/src/tests/ssl_client.cpp de87b3b89c84d17f2ebba1f09e9ec682f139aace 3rdparty/libprocess/src/tests/ssl_tests.cpp 5d360221937e68da185754f0633fa41a217c7107 Diff: https://reviews.apache.org/r/70991/diff/3/ Changes: https://reviews.apache.org/r/70991/diff/2-3/ Testing ------- Thanks, Benno Evers