Repository: mesos Updated Branches: refs/heads/master b5ba769c6 -> bfa89f22e
MESOS-2973: Allow SSL tests to run using gtest_repeat. The SSL ctx object carried some settings between reinitialize() calls. Re-construct the object to avoid this state transition. Review: https://reviews.apache.org/r/36074 Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/bfa89f22 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/bfa89f22 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/bfa89f22 Branch: refs/heads/master Commit: bfa89f22e9d6a3f365113b32ee1cac5208a0456f Parents: b5ba769 Author: Joris Van Remoortere <[email protected]> Authored: Wed Jul 1 16:16:52 2015 -0700 Committer: Benjamin Hindman <[email protected]> Committed: Wed Jul 1 16:16:53 2015 -0700 ---------------------------------------------------------------------- 3rdparty/libprocess/src/openssl.cpp | 15 +++++++++++---- 3rdparty/libprocess/src/tests/ssl_tests.cpp | 1 + 2 files changed, 12 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/bfa89f22/3rdparty/libprocess/src/openssl.cpp ---------------------------------------------------------------------- diff --git a/3rdparty/libprocess/src/openssl.cpp b/3rdparty/libprocess/src/openssl.cpp index 8ffc409..118ce55 100644 --- a/3rdparty/libprocess/src/openssl.cpp +++ b/3rdparty/libprocess/src/openssl.cpp @@ -305,13 +305,20 @@ void reinitialize() CRYPTO_set_dynlock_lock_callback(&dyn_lock_function); CRYPTO_set_dynlock_destroy_callback(&dyn_destroy_function); - ctx = SSL_CTX_new(SSLv23_method()); - CHECK(ctx) << "Failed to create SSL context: " - << ERR_error_string(ERR_get_error(), NULL); - initialized_single_entry->done(); } + // Clean up if we had a previous SSL context object. We want to + // re-initialize this to get rid of any non-default settings. + if (ctx != NULL) { + SSL_CTX_free(ctx); + ctx = NULL; + } + + ctx = SSL_CTX_new(SSLv23_method()); + CHECK(ctx) << "Failed to create SSL context: " + << ERR_error_string(ERR_get_error(), NULL); + // Disable SSL session caching. SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); http://git-wip-us.apache.org/repos/asf/mesos/blob/bfa89f22/3rdparty/libprocess/src/tests/ssl_tests.cpp ---------------------------------------------------------------------- diff --git a/3rdparty/libprocess/src/tests/ssl_tests.cpp b/3rdparty/libprocess/src/tests/ssl_tests.cpp index e6917c1..6bd762f 100644 --- a/3rdparty/libprocess/src/tests/ssl_tests.cpp +++ b/3rdparty/libprocess/src/tests/ssl_tests.cpp @@ -255,6 +255,7 @@ protected: // This unsets all the SSL environment variables. Necessary for // ensuring a clean starting slate between tests. os::unsetenv("SSL_ENABLED"); + os::unsetenv("SSL_SUPPORT_DOWNGRADE"); os::unsetenv("SSL_CERT_FILE"); os::unsetenv("SSL_KEY_FILE"); os::unsetenv("SSL_VERIFY_CERT");
