You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by bm...@apache.org on 2020/04/24 22:09:51 UTC

[mesos] 06/06: Added a regression test for MESOS-10114.

This is an automated email from the ASF dual-hosted git repository.

bmahler pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit 77fa4508d0dd198040c5b673c5aa5e667ac7888b
Author: Benjamin Mahler <bm...@apache.org>
AuthorDate: Fri Apr 10 17:17:01 2020 -0400

    Added a regression test for MESOS-10114.
    
    It turns out we already had a test for this case, but in MESOS-10114
    we need downgrade support enabled to exercise the bug.
    
    Review: https://reviews.apache.org/r/72353
---
 3rdparty/libprocess/src/tests/ssl_tests.cpp | 61 +++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/3rdparty/libprocess/src/tests/ssl_tests.cpp b/3rdparty/libprocess/src/tests/ssl_tests.cpp
index 3f1d103..c90d1da 100644
--- a/3rdparty/libprocess/src/tests/ssl_tests.cpp
+++ b/3rdparty/libprocess/src/tests/ssl_tests.cpp
@@ -809,6 +809,67 @@ TEST_F(SSLTest, SilentSocket)
 }
 
 
+// A copy of the SilentSocket test to ensure that the issue
+// also is not present with downgrade support enabled. This
+// was added due to MESOS-10114.
+TEST_F(SSLTest, SilentSocketWithDowngrade)
+{
+  Try<Socket> server = setup_server({
+      {"LIBPROCESS_SSL_ENABLED", "true"},
+      {"LIBPROCESS_SSL_SUPPORT_DOWNGRADE", "true"},
+      {"LIBPROCESS_SSL_KEY_FILE", key_path().string()},
+      {"LIBPROCESS_SSL_CERT_FILE", certificate_path().string()}});
+
+  ASSERT_SOME(server);
+  ASSERT_SOME(server->address());
+
+  Try<std::string> serverHostname = server->address()->lookup_hostname();
+  ASSERT_SOME(serverHostname);
+
+  Future<Socket> socket = server->accept();
+
+  // We initiate a connection on which we will not send
+  // any data. This means the socket on the server will
+  // not complete the SSL handshake, nor be downgraded.
+  // As a result, we expect that the server will not see
+  // an accepted socket for this connection.
+  Try<Socket> connection = Socket::create(SocketImpl::Kind::POLL);
+  ASSERT_SOME(connection);
+  connection->connect(server->address().get());
+
+  // Note that settling libprocess is not sufficient
+  // for ensuring socket events are processed.
+  Clock::pause();
+  Clock::settle();
+  Clock::resume();
+
+  ASSERT_TRUE(socket.isPending());
+
+  // Now send an HTTP GET request, it should complete
+  // without getting blocked by the socket above
+  // undergoing the SSL handshake.
+  const http::URL url(
+      "https",
+      serverHostname.get(),
+      server->address()->port);
+
+  Future<http::Response> response = http::get(url);
+
+  AWAIT_READY(socket);
+
+  // Send the response from the server.
+  const string buffer = string() +
+    "HTTP/1.1 200 OK\r\n" +
+    "Content-Length: " + stringify(data.length()) + "\r\n" +
+    "\r\n" +
+    data;
+  AWAIT_READY(Socket(socket.get()).send(buffer));
+
+  AWAIT_EXPECT_RESPONSE_STATUS_EQ(http::OK().status, response);
+  EXPECT_EQ(data, response->body);
+}
+
+
 // This test was added due to an OOM issue: MESOS-7934.
 TEST_F(SSLTest, ShutdownThenSend)
 {