----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/29406/#review87858 -----------------------------------------------------------
Ship it! This looks good Joris! Thans for all the hard work, iterations, simplifications, cleanup, etc. **To the broader dev community:** *I'm going to be committing this code but Joris still has other work to be done in order to use this in production! Look for an email from Joris to the d...@mesos.apache.org list addressing these things.* - Benjamin Hindman On June 13, 2015, 9:23 a.m., Joris Van Remoortere wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/29406/ > ----------------------------------------------------------- > > (Updated June 13, 2015, 9:23 a.m.) > > > Review request for mesos, Benjamin Hindman and Michael Park. > > > Bugs: MESOS-1913 > https://issues.apache.org/jira/browse/MESOS-1913 > > > Repository: mesos > > > Description > ------- > > Requires: > configure --enable-libevent --enable-libevent-socket --enable-ssl > New environment variables: > ``` > SSL_ENABLED=(false|0,true|1) > SSL_CERT_FILE=(path to certificate) > SSL_KEY_FILE=(path to key) > SSL_VERIFY_CERT=(false|0,true|1) > SSL_REQUIRE_CERT=(false|0,true|1) > SSL_VERIFY_DEPTH=(4) > SSL_CA_DIR=(path to CA directory) > SSL_CA_FILE=(path to CA file) > SSL_CIPHERS=(accepted ciphers separated by ':') > SSL_ENABLE_SSL_V2=(false|0,true|1) > SSL_ENABLE_SSL_V3=(false|0,true|1) > SSL_ENABLE_TLS_V1_0=(false|0,true|1) > SSL_ENABLE_TLS_V1_1=(false|0,true|1) > SSL_ENABLE_TLS_V1_2=(false|0,true|1) > ``` > > Only TLSV1.2 is enabled by default. > Use the `ENABLE_SSL_V*` and `ENABLE_TLS_V*` environment variables to open up > more protocols. > Use the `SSL_CIPHERS` environment variable to restrict or open up the > supported ciphers. > > > Diffs > ----- > > 3rdparty/libprocess/Makefile.am 489ce359f383d819299335cbaa8c95724b0c6ac2 > 3rdparty/libprocess/include/process/address.hpp > 729f5cd7ea981e43a33c1fe9d99d58b906a31158 > 3rdparty/libprocess/include/process/socket.hpp > b8c2274de535ac473e49a09165b601c96d3ebe8b > 3rdparty/libprocess/src/libevent.hpp > f6cc72178613a30446629532a773afccfd404212 > 3rdparty/libprocess/src/libevent.cpp > fb038597358135a06c1927d079cb7cb09fea7452 > 3rdparty/libprocess/src/libevent_ssl_socket.hpp PRE-CREATION > 3rdparty/libprocess/src/libevent_ssl_socket.cpp PRE-CREATION > 3rdparty/libprocess/src/openssl.hpp PRE-CREATION > 3rdparty/libprocess/src/openssl.cpp PRE-CREATION > 3rdparty/libprocess/src/process.cpp > aadd7bb0ae12b93336900c76d8d5aaa4421ea198 > 3rdparty/libprocess/src/socket.cpp 0e1cebb19e21c706b152d35a0b8722924c971a35 > > Diff: https://reviews.apache.org/r/29406/diff/ > > > Testing > ------- > > make check (uses non-ssl socket) > benchmarks using ssl sockets > master, slave, framework, webui launch with ssl sockets > > > Thanks, > > Joris Van Remoortere > >
