[jira] [Created] (MESOS-10012) Implement SSL socket downgrading on the native Windows SSL socket.
Joseph Wu created MESOS-10012: - Summary: Implement SSL socket downgrading on the native Windows SSL socket. Key: MESOS-10012 URL: https://issues.apache.org/jira/browse/MESOS-10012 Project: Mesos Issue Type: Task Components: libprocess Reporter: Joseph Wu Assignee: Joseph Wu The logic needed to determine whether a connection is SSL or not is already established in the libevent SSL socket: {code} // Based on the function 'ssl23_get_client_hello' in openssl, we // test whether to dispatch to the SSL or non-SSL based accept based // on the following rules: // 1. If there are fewer than 3 bytes: non-SSL. // 2. If the 1st bit of the 1st byte is set AND the 3rd byte is // equal to SSL2_MT_CLIENT_HELLO: SSL. // 3. If the 1st byte is equal to SSL3_RT_HANDSHAKE AND the 2nd // byte is equal to SSL3_VERSION_MAJOR and the 6th byte is // equal to SSL3_MT_CLIENT_HELLO: SSL. // 4. Otherwise: non-SSL. // For an ascii based protocol to falsely get dispatched to SSL it // needs to: // 1. Start with an invalid ascii character (0x80). // 2. OR have the first 2 characters be a SYN followed by ETX, and // then the 6th character be SOH. // These conditions clearly do not constitute valid HTTP requests, // and are unlikely to collide with other existing protocols. bool ssl = false; // Default to rule 4. if (size < 2) { // Rule 1. ssl = false; } else if ((data[0] & 0x80) && data[2] == SSL2_MT_CLIENT_HELLO) { // Rule 2. ssl = true; } else if (data[0] == SSL3_RT_HANDSHAKE && data[1] == SSL3_VERSION_MAJOR && data[5] == SSL3_MT_CLIENT_HELLO) { // Rule 3. ssl = true; } {code} This only requires us to peek at the first 6 bytes of data. One possible complication is that Overlapped sockets do not support peeking. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (MESOS-10010) Implement an SSL socket for Windows, using OpenSSL directly
[ https://issues.apache.org/jira/browse/MESOS-10010?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953113#comment-16953113 ] Joseph Wu edited comment on MESOS-10010 at 10/16/19 7:02 PM: - Once the BIO (MESOS-10009) is complete, this part will boil down to implementing the SSL handshake (i.e. putting {{SSL_do_handshake}} in the right places). I can probably only split out the SSL downgrade feature into a separate ticket. was (Author: kaysoky): Once the BIO (MESOS-10009) is complete, this part will boil down to implementing the SSL handshake. I can probably only split out the SSL downgrade feature into a separate ticket. > Implement an SSL socket for Windows, using OpenSSL directly > --- > > Key: MESOS-10010 > URL: https://issues.apache.org/jira/browse/MESOS-10010 > Project: Mesos > Issue Type: Task > Components: libprocess >Reporter: Joseph Wu >Assignee: Joseph Wu >Priority: Major > Labels: foundations > > {code} > class WindowsSSLSocketImpl : public SocketImpl > { > public: > // This will be the entry point for Socket::create(SSL). > static Try> create(int_fd s); > WindowsSSLSocketImpl(int_fd _s); > ~WindowsSSLSocketImpl() override; > // Overrides for the 'SocketImpl' interface below. > // Unreachable. > Future connect(const Address& address) override; > // This will initialize SSL objects then call windows::connect() > // and chain that onto the appropriate call to SSL_do_handshake. > Future connect( > const Address& address, > const openssl::TLSClientConfig& config) override; > // These will call SSL_read or SSL_write as appropriate. > // As long as the SSL context is set up correctly, these will be > // thin wrappers. (More details after the code block.) > Future recv(char* data, size_t size) override; > Future send(const char* data, size_t size) override; > Future sendfile(int_fd fd, off_t offset, size_t size) override; > // Nothing SSL here, just a plain old listener. > Try listen(int backlog) override; > // This will initialize SSL objects then call windows::accept() > // and then perform handshaking. Any downgrading will > // happen here. Since we control the event loop, we can > // easily peek at the first few bytes to check SSL-ness. > Future> accept() override; > SocketImpl::Kind kind() const override { return SocketImpl::Kind::SSL; } > } > {code} -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MESOS-10010) Implement an SSL socket for Windows, using OpenSSL directly
[ https://issues.apache.org/jira/browse/MESOS-10010?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953113#comment-16953113 ] Joseph Wu commented on MESOS-10010: --- Once the BIO (MESOS-10009) is complete, this part will boil down to implementing the SSL handshake. I can probably only split out the SSL downgrade feature into a separate ticket. > Implement an SSL socket for Windows, using OpenSSL directly > --- > > Key: MESOS-10010 > URL: https://issues.apache.org/jira/browse/MESOS-10010 > Project: Mesos > Issue Type: Task > Components: libprocess >Reporter: Joseph Wu >Assignee: Joseph Wu >Priority: Major > Labels: foundations > > {code} > class WindowsSSLSocketImpl : public SocketImpl > { > public: > // This will be the entry point for Socket::create(SSL). > static Try> create(int_fd s); > WindowsSSLSocketImpl(int_fd _s); > ~WindowsSSLSocketImpl() override; > // Overrides for the 'SocketImpl' interface below. > // Unreachable. > Future connect(const Address& address) override; > // This will initialize SSL objects then call windows::connect() > // and chain that onto the appropriate call to SSL_do_handshake. > Future connect( > const Address& address, > const openssl::TLSClientConfig& config) override; > // These will call SSL_read or SSL_write as appropriate. > // As long as the SSL context is set up correctly, these will be > // thin wrappers. (More details after the code block.) > Future recv(char* data, size_t size) override; > Future send(const char* data, size_t size) override; > Future sendfile(int_fd fd, off_t offset, size_t size) override; > // Nothing SSL here, just a plain old listener. > Try listen(int backlog) override; > // This will initialize SSL objects then call windows::accept() > // and then perform handshaking. Any downgrading will > // happen here. Since we control the event loop, we can > // easily peek at the first few bytes to check SSL-ness. > Future> accept() override; > SocketImpl::Kind kind() const override { return SocketImpl::Kind::SSL; } > } > {code} -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MESOS-10010) Implement an SSL socket for Windows, using OpenSSL directly
[ https://issues.apache.org/jira/browse/MESOS-10010?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953103#comment-16953103 ] Greg Mann commented on MESOS-10010: --- [~kaysoky] I think this should be more fine-grained, will this really complete in a single sprint? > Implement an SSL socket for Windows, using OpenSSL directly > --- > > Key: MESOS-10010 > URL: https://issues.apache.org/jira/browse/MESOS-10010 > Project: Mesos > Issue Type: Task > Components: libprocess >Reporter: Joseph Wu >Assignee: Joseph Wu >Priority: Major > Labels: foundations > > {code} > class WindowsSSLSocketImpl : public SocketImpl > { > public: > // This will be the entry point for Socket::create(SSL). > static Try> create(int_fd s); > WindowsSSLSocketImpl(int_fd _s); > ~WindowsSSLSocketImpl() override; > // Overrides for the 'SocketImpl' interface below. > // Unreachable. > Future connect(const Address& address) override; > // This will initialize SSL objects then call windows::connect() > // and chain that onto the appropriate call to SSL_do_handshake. > Future connect( > const Address& address, > const openssl::TLSClientConfig& config) override; > // These will call SSL_read or SSL_write as appropriate. > // As long as the SSL context is set up correctly, these will be > // thin wrappers. (More details after the code block.) > Future recv(char* data, size_t size) override; > Future send(const char* data, size_t size) override; > Future sendfile(int_fd fd, off_t offset, size_t size) override; > // Nothing SSL here, just a plain old listener. > Try listen(int backlog) override; > // This will initialize SSL objects then call windows::accept() > // and then perform handshaking. Any downgrading will > // happen here. Since we control the event loop, we can > // easily peek at the first few bytes to check SSL-ness. > Future> accept() override; > SocketImpl::Kind kind() const override { return SocketImpl::Kind::SSL; } > } > {code} -- This message was sent by Atlassian Jira (v8.3.4#803005)