Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove nonApplicationWrite from SSLDriver #41829

Merged
merged 2 commits into from
May 6, 2019
Merged

Remove nonApplicationWrite from SSLDriver #41829

merged 2 commits into from
May 6, 2019

Conversation

Tim-Brooks
Copy link
Contributor

Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

jaymode
jaymode approved these changes May 6, 2019
View reviewed changes
Copy link
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Tim-Brooks Tim-Brooks merged commit a189a8e into elastic:master May 6, 2019
jasontedor added a commit to jasontedor/elasticsearch that referenced this pull request May 7, 2019
@jasontedor
Merge remote-tracking branch 'elastic/master' into jdk-13-ci
918f028 
* elastic/master: (414 commits)
  Add tasks to build Docker build context artifacts (elastic#41819)
  Replace more uses of immutable map builder (elastic#41823)
  Force selection of calendar or fixed intervals in date histo agg (elastic#33727)
  Switch run task to use real distro (elastic#41590)
  Clarify that path_match also considers object fields. (elastic#41658)
  [DOCS] remove 'es.scripting.update.ctx_in_params' system property for 7.0 (elastic#41643)
  Clarify _doc is a permanent part of certain document APIs. (elastic#41727)
  Remove the jdk directory to save space on bwc tests (elastic#41743)
  Fix full text queries test that start with now (elastic#41854)
  Remove `nonApplicationWrite` from `SSLDriver` (elastic#41829)
  SQL: [Docs] Add example for custom bucketing with CASE (elastic#41787)
  Cleanup Bulk Delete Exception Logging (elastic#41693)
  [DOCS] Rewrite `term` query docs for new format (elastic#41498)
  Mute PermissionsIT#testWhen[...]ByILMPolicy (elastic#41858)
  ReadOnlyEngine assertion fix (elastic#41842)
  [ML] addresses preview bug, and adds check to PUT (elastic#41803)
  Fix javadoc in WrapperQueryBuilder
  Testsclusters use seprate configurations per version (elastic#41504)
  Skip explain fetch sub phase when request holds only suggestions (elastic#41739)
  remove unused import
  ...
gurkankaymak pushed a commit to gurkankaymak/elasticsearch that referenced this pull request May 27, 2019
@Tim-Brooks
Remove nonApplicationWrite from SSLDriver (elastic#41829)
09409c4 
Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.
Tim-Brooks added a commit to Tim-Brooks/elasticsearch that referenced this pull request Jun 6, 2019
@Tim-Brooks
Remove nonApplicationWrite from SSLDriver (elastic#41829)
391da84 
Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.
@Tim-Brooks Tim-Brooks deleted the remove_non_app_writes branch December 18, 2019 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaymode jaymode jaymode approved these changes

@s1monw s1monw Awaiting requested review from s1monw

@original-brownbear original-brownbear Awaiting requested review from original-brownbear

Assignees
No one assigned
Labels
>non-issue :Security/TLS SSL/TLS, Certificates v7.3.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Tim-Brooks @elasticmachine @jaymode @jakelandis