You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@mesos.apache.org by Kevin Klues <kl...@gmail.com> on 2016/12/10 18:29:56 UTC

Review Request 54627: Forced variant of 'http::connect()' to use POLL even when SSL enabled.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------

Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.


Bugs: MESOS-6775
    https://issues.apache.org/jira/browse/MESOS-6775


Repository: mesos


Description
-------

The 'http::connect(address)' variant of 'http::connect()' doesn't
currently support SSL. However, when SSL is enabled, the default for
all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
which is set to SSL. This causes problems with 'connect()' because it
will create a socket of 'kind' SSL without a way to override it.

This commit forces all calls to this variant of 'connect()' to
explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.


Diffs
-----

  3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 

Diff: https://reviews.apache.org/r/54627/diff/


Testing
-------

../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests


Thanks,

Kevin Klues

Re: Review Request 54627: Forced variant of 'http::connect()' to use POLL even when SSL enabled.

Posted by Kevin Klues <kl...@gmail.com>.


> On Dec. 11, 2016, 12:06 a.m., Jie Yu wrote:
> > 3rdparty/libprocess/src/http.cpp, lines 1323-1326
> > <https://reviews.apache.org/r/54627/diff/1/?file=1581361#file1581361line1323>
> >
> >     Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.

I was hoping to avoid this for now and just actually implement the semantics mentioned in the comment for this call:

```
// TODO(benh): Currently we don't support SSL for this version of             
// connect. We should support this, perhaps with an enum or a bool and        
// then update the `connect(URL)` variant to just call this function          
// instead.
```

The reason being that it's not as simple as just reusing `kind`. We should introduce a new `enum` type called `scheme` with values of `HTTP` and `HTTPS` and pass that into `connect()` instead.

I can make this change if you want, but I thought just fixing things up to work with the documented semantics should be OK for now.


- Kevin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------


On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
> 
> (Updated Dec. 10, 2016, 6:29 p.m.)
> 
> 
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
> 
> 
> Bugs: MESOS-6775
>     https://issues.apache.org/jira/browse/MESOS-6775
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
> 
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 
> 
> Diff: https://reviews.apache.org/r/54627/diff/
> 
> 
> Testing
> -------
> 
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
> 
> 
> Thanks,
> 
> Kevin Klues
> 
>

Re: Review Request 54627: Forced variant of 'http::connect()' to use POLL even when SSL enabled.

Posted by Jie Yu <yu...@gmail.com>.


> On Dec. 11, 2016, 12:06 a.m., Jie Yu wrote:
> > 3rdparty/libprocess/src/http.cpp, lines 1323-1326
> > <https://reviews.apache.org/r/54627/diff/1/?file=1581361#file1581361line1323>
> >
> >     Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.
> 
> Kevin Klues wrote:
>     I was hoping to avoid this for now and just actually implement the semantics mentioned in the comment for this call:
>     
>     ```
>     // TODO(benh): Currently we don't support SSL for this version of             
>     // connect. We should support this, perhaps with an enum or a bool and        
>     // then update the `connect(URL)` variant to just call this function          
>     // instead.
>     ```
>     
>     The reason being that it's not as simple as just reusing `kind`. We should introduce a new `enum` type called `scheme` with values of `HTTP` and `HTTPS` and pass that into `connect()` instead.
>     
>     I can make this change if you want, but I thought just fixing things up to work with the documented semantics should be OK for now.

OK, I don't realize that TODO was in the header? Can you add a TODO here as well?


- Jie


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------


On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
> 
> (Updated Dec. 10, 2016, 6:29 p.m.)
> 
> 
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
> 
> 
> Bugs: MESOS-6775
>     https://issues.apache.org/jira/browse/MESOS-6775
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
> 
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 
> 
> Diff: https://reviews.apache.org/r/54627/diff/
> 
> 
> Testing
> -------
> 
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
> 
> 
> Thanks,
> 
> Kevin Klues
> 
>

Re: Review Request 54627: Forced variant of 'http::connect()' to use POLL even when SSL enabled.

Posted by Jie Yu <yu...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------




3rdparty/libprocess/src/http.cpp (lines 1323 - 1326)
<https://reviews.apache.org/r/54627/#comment229579>

    Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.


- Jie Yu


On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
> 
> (Updated Dec. 10, 2016, 6:29 p.m.)
> 
> 
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
> 
> 
> Bugs: MESOS-6775
>     https://issues.apache.org/jira/browse/MESOS-6775
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
> 
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 
> 
> Diff: https://reviews.apache.org/r/54627/diff/
> 
> 
> Testing
> -------
> 
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
> 
> 
> Thanks,
> 
> Kevin Klues
> 
>

Re: Review Request 54627: Updated address of 'http::connect()' with http scheme for SSL support.

Posted by Jie Yu <yu...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158822
-----------------------------------------------------------


Fix it, then Ship it!





3rdparty/libprocess/src/http.cpp (lines 1323 - 1325)
<https://reviews.apache.org/r/54627/#comment229640>

    I would try to avoid this. That means if we configure mesos with `--enable-ssl`, when Mesos connect to a remote address, it'll use ssl socket.
    
    I would simply remove this 'connect' overload to force caller to think about which HTTP scheme to use.


- Jie Yu


On Dec. 11, 2016, 4:35 a.m., Kevin Klues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
> 
> (Updated Dec. 11, 2016, 4:35 a.m.)
> 
> 
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
> 
> 
> Bugs: MESOS-6775
>     https://issues.apache.org/jira/browse/MESOS-6775
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated address of 'http::connect()' with http scheme for SSL support.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22 
>   3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 
> 
> Diff: https://reviews.apache.org/r/54627/diff/
> 
> 
> Testing
> -------
> 
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
> sudo src/mesos-tests
> 
> ../configure
> GTEST_FILTER="" make -j check
> src/mesos-tests
> sudo src/mesos-tests
> 
> 
> Thanks,
> 
> Kevin Klues
> 
>

Re: Review Request 54627: Updated address of 'http::connect()' with http scheme for SSL support.

Posted by Kevin Klues <kl...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------

(Updated Dec. 12, 2016, 6:34 p.m.)


Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.


Changes
-------

Updated based on Jie's comments.


Bugs: MESOS-6775
    https://issues.apache.org/jira/browse/MESOS-6775


Repository: mesos


Description
-------

Updated address of 'http::connect()' with http scheme for SSL support.


Diffs (updated)
-----

  3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22 
  3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 
  3rdparty/libprocess/src/tests/http_tests.cpp 822cdb3931d3e30713aa78995427f364e41bfb30 

Diff: https://reviews.apache.org/r/54627/diff/


Testing
-------

../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests

../configure
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests


Thanks,

Kevin Klues

Re: Review Request 54627: Updated address of 'http::connect()' with http scheme for SSL support.

Posted by Kevin Klues <kl...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------

(Updated Dec. 11, 2016, 4:35 a.m.)


Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.


Changes
-------

Updated to pass the HTTP scheme to `connect()` instead of hard coding it to `POLL`.


Summary (updated)
-----------------

Updated address of 'http::connect()' with http scheme for SSL support.


Bugs: MESOS-6775
    https://issues.apache.org/jira/browse/MESOS-6775


Repository: mesos


Description (updated)
-------

Updated address of 'http::connect()' with http scheme for SSL support.


Diffs (updated)
-----

  3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22 
  3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67 

Diff: https://reviews.apache.org/r/54627/diff/


Testing (updated)
-------

../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests

../configure
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests


Thanks,

Kevin Klues