Re: Review Request 29406: Introduce libevent ssl socket.

Ben Mahler Fri, 12 Jun 2015 11:18:15 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/29406/#review87735
-----------------------------------------------------------



Are the changes to process.cpp, libevent.{hpp|cpp} independent? Hard to tell if 
these are related to SSL, can you pull them out into separate reviews?

- Ben Mahler


On June 12, 2015, 6:06 p.m., Joris Van Remoortere wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/29406/
> -----------------------------------------------------------
> 
> (Updated June 12, 2015, 6:06 p.m.)
> 
> 
> Review request for mesos, Benjamin Hindman and Michael Park.
> 
> 
> Bugs: MESOS-1913
>     https://issues.apache.org/jira/browse/MESOS-1913
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Requires:
> configure --enable-libevent --enable-libevent-socket --enable-ssl
> New environment variables:
> ```
> SSL_ENABLED=(false|0,true|1)
> SSL_CERT_FILE=(path to certificate)
> SSL_KEY_FILE=(path to key)
> SSL_VERIFY_CERT=(false|0,true|1)
> SSL_REQUIRE_CERT=(false|0,true|1)
> SSL_VERIFY_DEPTH=(4)
> SSL_CA_DIR=(path to CA directory)
> SSL_CA_FILE=(path to CA file)
> SSL_CIPHERS=(accepted ciphers separated by ':')
> SSL_ENABLE_SSL_V2=(false|0,true|1)
> SSL_ENABLE_SSL_V3=(false|0,true|1)
> SSL_ENABLE_TLS_V1_0=(false|0,true|1)
> SSL_ENABLE_TLS_V1_1=(false|0,true|1)
> SSL_ENABLE_TLS_V1_2=(false|0,true|1)
> ```
> 
> Only TLSV1.2 is enabled by default.
> Use the `ENABLE_SSL_V*` and `ENABLE_TLS_V*` environment variables to open up 
> more protocols.
> Use the `SSL_CIPHERS` environment variable to restrict or open up the 
> supported ciphers.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/Makefile.am 489ce359f383d819299335cbaa8c95724b0c6ac2 
>   3rdparty/libprocess/include/process/socket.hpp 
> b8c2274de535ac473e49a09165b601c96d3ebe8b 
>   3rdparty/libprocess/src/libevent.hpp 
> f6cc72178613a30446629532a773afccfd404212 
>   3rdparty/libprocess/src/libevent.cpp 
> fb038597358135a06c1927d079cb7cb09fea7452 
>   3rdparty/libprocess/src/libevent_ssl_socket.hpp PRE-CREATION 
>   3rdparty/libprocess/src/libevent_ssl_socket.cpp PRE-CREATION 
>   3rdparty/libprocess/src/openssl.hpp PRE-CREATION 
>   3rdparty/libprocess/src/openssl.cpp PRE-CREATION 
>   3rdparty/libprocess/src/process.cpp 
> aadd7bb0ae12b93336900c76d8d5aaa4421ea198 
>   3rdparty/libprocess/src/socket.cpp 0e1cebb19e21c706b152d35a0b8722924c971a35 
> 
> Diff: https://reviews.apache.org/r/29406/diff/
> 
> 
> Testing
> -------
> 
> make check (uses non-ssl socket)
> benchmarks using ssl sockets
> master, slave, framework, webui launch with ssl sockets
> 
> 
> Thanks,
> 
> Joris Van Remoortere
> 
>

Re: Review Request 29406: Introduce libevent ssl socket.

Reply via email to