You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Kevin Klues <kl...@gmail.com> on 2016/12/10 18:29:56 UTC
Review Request 54627: Forced variant of 'http::connect()' to use POLL
even when SSL enabled.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------
Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
Bugs: MESOS-6775
https://issues.apache.org/jira/browse/MESOS-6775
Repository: mesos
Description
-------
The 'http::connect(address)' variant of 'http::connect()' doesn't
currently support SSL. However, when SSL is enabled, the default for
all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
which is set to SSL. This causes problems with 'connect()' because it
will create a socket of 'kind' SSL without a way to override it.
This commit forces all calls to this variant of 'connect()' to
explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
Diffs
-----
3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
Diff: https://reviews.apache.org/r/54627/diff/
Testing
-------
../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests
Thanks,
Kevin Klues
Re: Review Request 54627: Forced variant of 'http::connect()' to use
POLL even when SSL enabled.
Posted by Kevin Klues <kl...@gmail.com>.
> On Dec. 11, 2016, 12:06 a.m., Jie Yu wrote:
> > 3rdparty/libprocess/src/http.cpp, lines 1323-1326
> > <https://reviews.apache.org/r/54627/diff/1/?file=1581361#file1581361line1323>
> >
> > Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.
I was hoping to avoid this for now and just actually implement the semantics mentioned in the comment for this call:
```
// TODO(benh): Currently we don't support SSL for this version of
// connect. We should support this, perhaps with an enum or a bool and
// then update the `connect(URL)` variant to just call this function
// instead.
```
The reason being that it's not as simple as just reusing `kind`. We should introduce a new `enum` type called `scheme` with values of `HTTP` and `HTTPS` and pass that into `connect()` instead.
I can make this change if you want, but I thought just fixing things up to work with the documented semantics should be OK for now.
- Kevin
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------
On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
>
> (Updated Dec. 10, 2016, 6:29 p.m.)
>
>
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
>
>
> Bugs: MESOS-6775
> https://issues.apache.org/jira/browse/MESOS-6775
>
>
> Repository: mesos
>
>
> Description
> -------
>
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
>
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
>
> Diff: https://reviews.apache.org/r/54627/diff/
>
>
> Testing
> -------
>
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
>
>
> Thanks,
>
> Kevin Klues
>
>
Re: Review Request 54627: Forced variant of 'http::connect()' to use
POLL even when SSL enabled.
Posted by Jie Yu <yu...@gmail.com>.
> On Dec. 11, 2016, 12:06 a.m., Jie Yu wrote:
> > 3rdparty/libprocess/src/http.cpp, lines 1323-1326
> > <https://reviews.apache.org/r/54627/diff/1/?file=1581361#file1581361line1323>
> >
> > Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.
>
> Kevin Klues wrote:
> I was hoping to avoid this for now and just actually implement the semantics mentioned in the comment for this call:
>
> ```
> // TODO(benh): Currently we don't support SSL for this version of
> // connect. We should support this, perhaps with an enum or a bool and
> // then update the `connect(URL)` variant to just call this function
> // instead.
> ```
>
> The reason being that it's not as simple as just reusing `kind`. We should introduce a new `enum` type called `scheme` with values of `HTTP` and `HTTPS` and pass that into `connect()` instead.
>
> I can make this change if you want, but I thought just fixing things up to work with the documented semantics should be OK for now.
OK, I don't realize that TODO was in the header? Can you add a TODO here as well?
- Jie
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------
On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
>
> (Updated Dec. 10, 2016, 6:29 p.m.)
>
>
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
>
>
> Bugs: MESOS-6775
> https://issues.apache.org/jira/browse/MESOS-6775
>
>
> Repository: mesos
>
>
> Description
> -------
>
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
>
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
>
> Diff: https://reviews.apache.org/r/54627/diff/
>
>
> Testing
> -------
>
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
>
>
> Thanks,
>
> Kevin Klues
>
>
Re: Review Request 54627: Forced variant of 'http::connect()' to use
POLL even when SSL enabled.
Posted by Jie Yu <yu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158778
-----------------------------------------------------------
3rdparty/libprocess/src/http.cpp (lines 1323 - 1326)
<https://reviews.apache.org/r/54627/#comment229579>
Instead of hard coding it, we can add a second parameter 'kind' and let the caller decide what to use.
- Jie Yu
On Dec. 10, 2016, 6:29 p.m., Kevin Klues wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
>
> (Updated Dec. 10, 2016, 6:29 p.m.)
>
>
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
>
>
> Bugs: MESOS-6775
> https://issues.apache.org/jira/browse/MESOS-6775
>
>
> Repository: mesos
>
>
> Description
> -------
>
> The 'http::connect(address)' variant of 'http::connect()' doesn't
> currently support SSL. However, when SSL is enabled, the default for
> all 'Socket::create()' calls is to use the 'DEFAULT_KIND()' of socket
> which is set to SSL. This causes problems with 'connect()' because it
> will create a socket of 'kind' SSL without a way to override it.
>
> This commit forces all calls to this variant of 'connect()' to
> explicitly set 'kind' to 'POLL' in the 'Socket::create()' call.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
>
> Diff: https://reviews.apache.org/r/54627/diff/
>
>
> Testing
> -------
>
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
>
>
> Thanks,
>
> Kevin Klues
>
>
Re: Review Request 54627: Updated address of 'http::connect()' with
http scheme for SSL support.
Posted by Jie Yu <yu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/#review158822
-----------------------------------------------------------
Fix it, then Ship it!
3rdparty/libprocess/src/http.cpp (lines 1323 - 1325)
<https://reviews.apache.org/r/54627/#comment229640>
I would try to avoid this. That means if we configure mesos with `--enable-ssl`, when Mesos connect to a remote address, it'll use ssl socket.
I would simply remove this 'connect' overload to force caller to think about which HTTP scheme to use.
- Jie Yu
On Dec. 11, 2016, 4:35 a.m., Kevin Klues wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/54627/
> -----------------------------------------------------------
>
> (Updated Dec. 11, 2016, 4:35 a.m.)
>
>
> Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
>
>
> Bugs: MESOS-6775
> https://issues.apache.org/jira/browse/MESOS-6775
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated address of 'http::connect()' with http scheme for SSL support.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22
> 3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
>
> Diff: https://reviews.apache.org/r/54627/diff/
>
>
> Testing
> -------
>
> ../configure --enable-ssl --enable-libevent
> GTEST_FILTER="" make -j check
> src/mesos-tests
> sudo src/mesos-tests
>
> ../configure
> GTEST_FILTER="" make -j check
> src/mesos-tests
> sudo src/mesos-tests
>
>
> Thanks,
>
> Kevin Klues
>
>
Re: Review Request 54627: Updated address of 'http::connect()' with
http scheme for SSL support.
Posted by Kevin Klues <kl...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------
(Updated Dec. 12, 2016, 6:34 p.m.)
Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
Changes
-------
Updated based on Jie's comments.
Bugs: MESOS-6775
https://issues.apache.org/jira/browse/MESOS-6775
Repository: mesos
Description
-------
Updated address of 'http::connect()' with http scheme for SSL support.
Diffs (updated)
-----
3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22
3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
3rdparty/libprocess/src/tests/http_tests.cpp 822cdb3931d3e30713aa78995427f364e41bfb30
Diff: https://reviews.apache.org/r/54627/diff/
Testing
-------
../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests
../configure
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests
Thanks,
Kevin Klues
Re: Review Request 54627: Updated address of 'http::connect()' with
http scheme for SSL support.
Posted by Kevin Klues <kl...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54627/
-----------------------------------------------------------
(Updated Dec. 11, 2016, 4:35 a.m.)
Review request for mesos, Anand Mazumdar, Benjamin Hindman, Jie Yu, and Joseph Wu.
Changes
-------
Updated to pass the HTTP scheme to `connect()` instead of hard coding it to `POLL`.
Summary (updated)
-----------------
Updated address of 'http::connect()' with http scheme for SSL support.
Bugs: MESOS-6775
https://issues.apache.org/jira/browse/MESOS-6775
Repository: mesos
Description (updated)
-------
Updated address of 'http::connect()' with http scheme for SSL support.
Diffs (updated)
-----
3rdparty/libprocess/include/process/http.hpp 22fa31de0c632758f5e16b36df55bf397402af22
3rdparty/libprocess/src/http.cpp c0eaeff28ea5005d4dfae32118cb8e0f5e650a67
Diff: https://reviews.apache.org/r/54627/diff/
Testing (updated)
-------
../configure --enable-ssl --enable-libevent
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests
../configure
GTEST_FILTER="" make -j check
src/mesos-tests
sudo src/mesos-tests
Thanks,
Kevin Klues