Skip to content

Remove nonApplicationWrite from SSLDriver#41829

Merged
Tim-Brooks merged 2 commits intoelastic:masterfrom
Tim-Brooks:remove_non_app_writes
May 6, 2019
Merged

Remove nonApplicationWrite from SSLDriver#41829
Tim-Brooks merged 2 commits intoelastic:masterfrom
Tim-Brooks:remove_non_app_writes

Conversation

@Tim-Brooks
Copy link
Contributor

@Tim-Brooks Tim-Brooks commented May 6, 2019

Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.
@elasticmachine
Copy link
Collaborator

elasticmachine commented May 6, 2019

Pinging @elastic/es-security
jaymode
jaymode approved these changes May 6, 2019
View reviewed changes
Copy link
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
@Tim-Brooks Tim-Brooks merged commit a189a8e into elastic:master May 6, 2019
jasontedor added a commit to jasontedor/elasticsearch that referenced this pull request May 7, 2019
@jasontedor
Merge remote-tracking branch 'elastic/master' into jdk-13-ci
918f028 
* elastic/master: (414 commits)
  Add tasks to build Docker build context artifacts (elastic#41819)
  Replace more uses of immutable map builder (elastic#41823)
  Force selection of calendar or fixed intervals in date histo agg (elastic#33727)
  Switch run task to use real distro (elastic#41590)
  Clarify that path_match also considers object fields. (elastic#41658)
  [DOCS] remove 'es.scripting.update.ctx_in_params' system property for 7.0 (elastic#41643)
  Clarify _doc is a permanent part of certain document APIs. (elastic#41727)
  Remove the jdk directory to save space on bwc tests (elastic#41743)
  Fix full text queries test that start with now (elastic#41854)
  Remove `nonApplicationWrite` from `SSLDriver` (elastic#41829)
  SQL: [Docs] Add example for custom bucketing with CASE (elastic#41787)
  Cleanup Bulk Delete Exception Logging (elastic#41693)
  [DOCS] Rewrite `term` query docs for new format (elastic#41498)
  Mute PermissionsIT#testWhen[...]ByILMPolicy (elastic#41858)
  ReadOnlyEngine assertion fix (elastic#41842)
  [ML] addresses preview bug, and adds check to PUT (elastic#41803)
  Fix javadoc in WrapperQueryBuilder
  Testsclusters use seprate configurations per version (elastic#41504)
  Skip explain fetch sub phase when request holds only suggestions (elastic#41739)
  remove unused import
  ...
gurkankaymak pushed a commit to gurkankaymak/elasticsearch that referenced this pull request May 27, 2019
@Tim-Brooks
Remove nonApplicationWrite from SSLDriver (elastic#41829)
09409c4 
Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.
Tim-Brooks added a commit to Tim-Brooks/elasticsearch that referenced this pull request Jun 6, 2019
@Tim-Brooks
Remove nonApplicationWrite from SSLDriver (elastic#41829)
391da84 
Currently, when the SSLEngine needs to produce handshake or close data,
we must manually call the nonApplicationWrite method. However, this data
is only required when something triggers the need (starting handshake,
reading from the wire, initiating close, etc). As we have a dedicated
outbound buffer, this data can be produced automatically. Additionally,
with this refactoring, we combine handshake and application mode into a
single mode. This is necessary as there are non-application messages that
are sent post handshake in TLS 1.3. Finally, this commit modifies the
SSLDriver tests to test against TLS 1.3.
@Tim-Brooks Tim-Brooks deleted the remove_non_app_writes branch December 18, 2019 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

>non-issue :Security/TLS SSL/TLS, Certificates v7.3.0 v8.0.0-alpha1

4 participants

@Tim-Brooks @elasticmachine @jaymode @jakelandis