[
https://issues.apache.org/jira/browse/MESOS-10010?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953113#comment-16953113
]
Joseph Wu edited comment on MESOS-10010 at 10/16/19 7:02 PM:
-------------------------------------------------------------
Once the BIO (MESOS-10009) is complete, this part will boil down to
implementing the SSL handshake (i.e. putting {{SSL_do_handshake}} in the right
places). I can probably only split out the SSL downgrade feature into a
separate ticket.
was (Author: kaysoky):
Once the BIO (MESOS-10009) is complete, this part will boil down to
implementing the SSL handshake. I can probably only split out the SSL
downgrade feature into a separate ticket.
> Implement an SSL socket for Windows, using OpenSSL directly
> -----------------------------------------------------------
>
> Key: MESOS-10010
> URL: https://issues.apache.org/jira/browse/MESOS-10010
> Project: Mesos
> Issue Type: Task
> Components: libprocess
> Reporter: Joseph Wu
> Assignee: Joseph Wu
> Priority: Major
> Labels: foundations
>
> {code}
> class WindowsSSLSocketImpl : public SocketImpl
> {
> public:
> // This will be the entry point for Socket::create(SSL).
> static Try<std::shared_ptr<SocketImpl>> create(int_fd s);
> WindowsSSLSocketImpl(int_fd _s);
> ~WindowsSSLSocketImpl() override;
> // Overrides for the 'SocketImpl' interface below.
> // Unreachable.
> Future<Nothing> connect(const Address& address) override;
> // This will initialize SSL objects then call windows::connect()
> // and chain that onto the appropriate call to SSL_do_handshake.
> Future<Nothing> connect(
> const Address& address,
> const openssl::TLSClientConfig& config) override;
> // These will call SSL_read or SSL_write as appropriate.
> // As long as the SSL context is set up correctly, these will be
> // thin wrappers. (More details after the code block.)
> Future<size_t> recv(char* data, size_t size) override;
> Future<size_t> send(const char* data, size_t size) override;
> Future<size_t> sendfile(int_fd fd, off_t offset, size_t size) override;
> // Nothing SSL here, just a plain old listener.
> Try<Nothing> listen(int backlog) override;
> // This will initialize SSL objects then call windows::accept()
> // and then perform handshaking. Any downgrading will
> // happen here. Since we control the event loop, we can
> // easily peek at the first few bytes to check SSL-ness.
> Future<std::shared_ptr<SocketImpl>> accept() override;
> SocketImpl::Kind kind() const override { return SocketImpl::Kind::SSL; }
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
