[ https://issues.apache.org/jira/browse/MESOS-10003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16948020#comment-16948020 ]
Joseph Wu edited comment on MESOS-10003 at 10/9/19 9:33 PM: ------------------------------------------------------------ This is less of a design doc, and more of a design blurb, because the task here is to use the OpenSSL library directly. Before proceeding, we will use OpenSSL's Basic I/O (BIO) abstraction a lot in this blurb, so reading this overview will help: https://www.openssl.org/docs/man1.1.1/man7/bio.html Our reference implementation is from libevent: https://github.com/libevent/libevent/blob/master/bufferevent_openssl.c We do not use all aspects of Libevent's SSL implementation. We use the {{bufferevent_openssl_socket_new}} method, which is a thin wrapper around OpenSSL's {{BIO_new_socket}} and {{SSL_set_bio}} methods. https://github.com/libevent/libevent/blob/master/bufferevent_openssl.c#L1441 {{BIO_new_socket}} takes a socket and transforms it into a source/sink BIO, while {{SSL_set_bio}} takes an SSL context and assigns the BIO to it, which allows use of methods like {{SSL_read}} and {{SSL_write}}. Libevent also wraps a call to {{SSL_do_handshake}} when initializing a socket. The role of libevent is to space out calls to read/write based on the bufferevents we give libevent. was (Author: kaysoky): This is less of a design doc, and more of a design blurb, because the task here is to use the OpenSSL library directly. Before proceeding, we will use OpenSSL's Basic I/O (BIO) abstraction a lot in this blurb, so reading this overview will help: https://www.openssl.org/docs/man1.1.1/man7/bio.html Our reference implementation is from libevent: https://github.com/libevent/libevent/blob/master/bufferevent_openssl.c We do not use all aspects of Libevent's SSL implementation. We use the {{bufferevent_openssl_socket_new}} method, which is a thin wrapper around OpenSSL's {{BIO_new_socket}} and {{SSL_set_bio}} methods. https://github.com/libevent/libevent/blob/master/bufferevent_openssl.c#L1441 {{BIO_new_socket}} takes a socket and transforms it into a source/sink BIO, while {{SSL_set_bio}} takes an SSL context and assigns the BIO to it, which allows use of methods like {{SSL_read}} and {{SSL_write}}. The role of libevent is to space out calls to read/write based on the bufferevents we give libevent. > Design doc for SSL on Windows > ----------------------------- > > Key: MESOS-10003 > URL: https://issues.apache.org/jira/browse/MESOS-10003 > Project: Mesos > Issue Type: Task > Components: libprocess > Reporter: Greg Mann > Assignee: Joseph Wu > Priority: Major > Labels: foundations > -- This message was sent by Atlassian Jira (v8.3.4#803005)