This is an automated email from the ASF dual-hosted git repository. grag pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mesos.git
commit 599b9e83c6c0659e12b0bccaf7c610b70158737c Author: Joseph Wu <[email protected]> AuthorDate: Wed Feb 26 17:14:55 2020 +0100 Reverted SSL Socket guard against downgrade. This reverts commit 34bac34419ebec8441e69d3a5684381468352399. Review: https://reviews.apache.org/r/72016/ --- 3rdparty/libprocess/src/openssl.cpp | 6 ------ 3rdparty/libprocess/src/tests/ssl_tests.cpp | 3 --- 2 files changed, 9 deletions(-) diff --git a/3rdparty/libprocess/src/openssl.cpp b/3rdparty/libprocess/src/openssl.cpp index b2dd2fe..ec7d6e8 100644 --- a/3rdparty/libprocess/src/openssl.cpp +++ b/3rdparty/libprocess/src/openssl.cpp @@ -550,14 +550,8 @@ void reinitialize() // Notify users of the 'SSL_SUPPORT_DOWNGRADE' flag that this // setting allows insecure connections. if (ssl_flags->support_downgrade) { -#ifdef USE_LIBEVENT LOG(WARNING) << "Failed SSL connections will be downgraded to a non-SSL socket"; -#else - EXIT(EXIT_FAILURE) - << "Non-libevent SSL sockets do not support downgrade yet," - << " see MESOS-10073"; -#endif // USE_LIBEVENT } // TODO(bevers): Remove the deprecated names for these flags after an diff --git a/3rdparty/libprocess/src/tests/ssl_tests.cpp b/3rdparty/libprocess/src/tests/ssl_tests.cpp index a6563fb..3f1d103 100644 --- a/3rdparty/libprocess/src/tests/ssl_tests.cpp +++ b/3rdparty/libprocess/src/tests/ssl_tests.cpp @@ -483,8 +483,6 @@ TEST_F(SSLTest, ECDHESupport) } -// TODO(josephw): Support downgrades on the native OpenSSL socket (MESOS-10073). -#ifdef USE_LIBEVENT // Ensure we can communicate between a POLL based socket and an SSL // socket if 'SSL_SUPPORT_DOWNGRADE' is enabled. TEST_F(SSLTest, ValidDowngrade) @@ -583,7 +581,6 @@ TEST_F(SSLTest, ValidDowngradeEachProtocol) AWAIT_ASSERT_READY(await_subprocess(client.get(), 0)); } } -#endif // USE_LIBEVENT // For each protocol: ensure we CANNOT communicate between a POLL
