IGNITE-27939 C++ 3.0: Pass MSG_NOSIGNAL to the SSL layer#7674
Open
arcolight wants to merge 4 commits intoapache:mainfrom
Open
IGNITE-27939 C++ 3.0: Pass MSG_NOSIGNAL to the SSL layer#7674arcolight wants to merge 4 commits intoapache:mainfrom
arcolight wants to merge 4 commits intoapache:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request refactors the SSL/TLS connection handling in the C++ client to properly pass the MSG_NOSIGNAL flag to the SSL layer on Linux systems. The main goal is to prevent SIGPIPE signals from terminating the application when writing to broken SSL connections. The refactoring introduces a new ssl_connection class that encapsulates the SSL state machine using memory BIOs, and adds platform-specific socket wrapper functions to consistently apply MSG_NOSIGNAL.
Changes:
- Introduced
ssl_connectionclass to encapsulate SSL/TLS state machine with memory BIOs, separating SSL logic from network I/O - Added
send()andrecv()wrapper functions indetailnamespace that apply MSG_NOSIGNAL on Linux (non-macOS) platforms - Refactored
secure_socket_clientandsecure_data_filterto use the newssl_connectionabstraction
Reviewed changes
Copilot reviewed 15 out of 15 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| modules/platforms/cpp/ignite/network/ssl/ssl_connection.h | New header defining the ssl_connection class for SSL state machine management |
| modules/platforms/cpp/ignite/network/ssl/ssl_connection.cpp | Implementation of ssl_connection with memory BIO handling |
| modules/platforms/cpp/ignite/network/ssl/secure_socket_client.h | Refactored to use ssl_connection and tcp_socket_client composition |
| modules/platforms/cpp/ignite/network/ssl/secure_socket_client.cpp | Simplified SSL connection logic using ssl_connection abstraction |
| modules/platforms/cpp/ignite/network/ssl/secure_data_filter.h | Updated to use ssl_connection instead of raw SSL/BIO pointers |
| modules/platforms/cpp/ignite/network/ssl/secure_data_filter.cpp | Simplified implementation using ssl_connection methods |
| modules/platforms/cpp/ignite/network/detail/linux/sockets.h | Added send, recv, and close wrapper function declarations |
| modules/platforms/cpp/ignite/network/detail/linux/sockets.cpp | Implemented wrappers with MSG_NOSIGNAL support for Linux |
| modules/platforms/cpp/ignite/network/detail/linux/tcp_socket_client.h | Updated to use detail::send and detail::recv wrappers |
| modules/platforms/cpp/ignite/network/detail/linux/linux_async_client.cpp | Updated to use detail::send and detail::recv wrappers |
| modules/platforms/cpp/ignite/network/detail/win/sockets.h | Added send, recv, and close wrapper function declarations for Windows |
| modules/platforms/cpp/ignite/network/detail/win/sockets.cpp | Implemented wrappers and fixed WSA initialization to use std::call_once |
| modules/platforms/cpp/ignite/network/detail/win/tcp_socket_client.h | Updated to use detail::send and detail::recv wrappers |
| modules/platforms/cpp/tests/fake_server/socket_adapter/posix/client_socket_adapter.h | Updated to use detail::send wrapper |
| modules/platforms/cpp/ignite/network/CMakeLists.txt | Added ssl_connection.cpp to build sources |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
modules/platforms/cpp/tests/fake_server/socket_adapter/posix/client_socket_adapter.h
Show resolved
Hide resolved
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
https://issues.apache.org/jira/browse/IGNITE-27939
Thank you for submitting the pull request.
To streamline the review process of the patch and ensure better code quality
we ask both an author and a reviewer to verify the following:
The Review Checklist
- There is a single JIRA ticket related to the pull request.
- The web-link to the pull request is attached to the JIRA ticket.
- The JIRA ticket has the Patch Available state.
- The description of the JIRA ticket explains WHAT was made, WHY and HOW.
- The pull request title is treated as the final commit message. The following pattern must be used: IGNITE-XXXX Change summary where XXXX - number of JIRA issue.
Notes