You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mesos.apache.org by bm...@apache.org on 2019/10/22 23:33:48 UTC

[mesos] branch 1.9.x updated (7b9230d -> bb40f1a)

This is an automated email from the ASF dual-hosted git repository.

bmahler pushed a change to branch 1.9.x
in repository https://gitbox.apache.org/repos/asf/mesos.git.


    from 7b9230d  Added MESOS-9964 to the 1.9.1 CHANGELOG.
     new 1f9bdf9  Logged failed TLS reverse DNS lookups as warnings for 'legacy' scheme.
     new bb40f1a  Added MESOS-10017 to the 1.9.1 CHANGELOG.

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 3rdparty/libprocess/src/openssl.cpp | 4 ++--
 CHANGELOG                           | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

[mesos] 02/02: Added MESOS-10017 to the 1.9.1 CHANGELOG.

Posted by bm...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

bmahler pushed a commit to branch 1.9.x
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit bb40f1a41e250d39c4a5ab65d9f1958b443173b6
Author: Benjamin Mahler <bm...@apache.org>
AuthorDate: Tue Oct 22 18:24:29 2019 -0400

    Added MESOS-10017 to the 1.9.1 CHANGELOG.
---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG b/CHANGELOG
index cb3e71d..3d2c8ca 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -12,6 +12,7 @@ Release Notes - Mesos - Version 1.9.1 (WIP)
 ** Improvement
   * [MESOS-9889] - Master CPU high due to unexpected foreachkey behaviour in Master::__reregisterSlave.
   * [MESOS-9948] - master::Slave::hasExecutor occupies 37% of a 150 second perf sample.
+  * [MESOS-10017] - Log all reverse DNS lookup failures in 'legacy' TLS (SSL) hostname validation scheme.
 
 
 Release Notes - Mesos - Version 1.9.0

[mesos] 01/02: Logged failed TLS reverse DNS lookups as warnings for 'legacy' scheme.

Posted by bm...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

bmahler pushed a commit to branch 1.9.x
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit 1f9bdf93d508841f83e78e8573d5808e8db3f7ff
Author: Benjamin Mahler <bm...@apache.org>
AuthorDate: Mon Oct 21 19:57:54 2019 -0400

    Logged failed TLS reverse DNS lookups as warnings for 'legacy' scheme.
    
    These were getting logged at VLOG(2), whereas we want all networking
    related errors to be logged as warnings (or errors if appropriate).
    
    Review: https://reviews.apache.org/r/71643
---
 3rdparty/libprocess/src/openssl.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/3rdparty/libprocess/src/openssl.cpp b/3rdparty/libprocess/src/openssl.cpp
index 40053f4..a81d13f 100644
--- a/3rdparty/libprocess/src/openssl.cpp
+++ b/3rdparty/libprocess/src/openssl.cpp
@@ -887,8 +887,8 @@ Try<Nothing> verify(
     }
 
     if (lookup.isError()) {
-      VLOG(2) << "Could not determine hostname of peer: "
-              << lookup.error();
+      LOG(WARNING) << "Reverse DNS lookup for '" << ip.get() << "'"
+                   << " failed: " << lookup.error();
     } else {
       VLOG(2) << "Accepting from " << lookup.get();
       peer_hostname = lookup.get();