THRIFT-3369 Provide SSL/TLS client for c_glib
Client: c_glib
Patch: Gonzalo Aguilar Delgado <gaguilar@level2crm.com>
This closes #1185
diff --git a/test/c_glib/src/test_client.c b/test/c_glib/src/test_client.c
index 3ae9325..9713e8c 100644
--- a/test/c_glib/src/test_client.c
+++ b/test/c_glib/src/test_client.c
@@ -30,6 +30,7 @@
#include <thrift/c_glib/protocol/thrift_compact_protocol.h>
#include <thrift/c_glib/transport/thrift_buffered_transport.h>
#include <thrift/c_glib/transport/thrift_framed_transport.h>
+#include <thrift/c_glib/transport/thrift_ssl_socket.h>
#include <thrift/c_glib/transport/thrift_socket.h>
#include <thrift/c_glib/transport/thrift_transport.h>
@@ -75,29 +76,34 @@
int
main (int argc, char **argv)
{
- static gchar *host = NULL;
- static gint port = 9090;
- static gchar *transport_option = NULL;
- static gchar *protocol_option = NULL;
- static gint num_tests = 1;
+ static gchar * host = NULL;
+ static gint port = 9090;
+ static gboolean ssl = FALSE;
+ static gchar * transport_option = NULL;
+ static gchar * protocol_option = NULL;
+ static gint num_tests = 1;
static
GOptionEntry option_entries[] ={
- { "host", 0, 0, G_OPTION_ARG_STRING, &host,
+ { "host", 'h', 0, G_OPTION_ARG_STRING, &host,
"Host to connect (=localhost)", NULL },
- { "port", 0, 0, G_OPTION_ARG_INT, &port,
+ { "port", 'p', 0, G_OPTION_ARG_INT, &port,
"Port number to connect (=9090)", NULL },
- { "transport", 0, 0, G_OPTION_ARG_STRING, &transport_option,
+ { "ssl", 's', 0, G_OPTION_ARG_NONE, &ssl,
+ "Enable SSL", NULL },
+ { "transport", 't', 0, G_OPTION_ARG_STRING, &transport_option,
"Transport: buffered, framed (=buffered)", NULL },
- { "protocol", 0, 0, G_OPTION_ARG_STRING, &protocol_option,
+ { "protocol", 'r', 0, G_OPTION_ARG_STRING, &protocol_option,
"Protocol: binary, compact (=binary)", NULL },
- { "testloops", 'n', 0, G_OPTION_ARG_INT, &num_tests,
+ { "testloops", 'n', 0, G_OPTION_ARG_INT, &num_tests,
"Number of tests (=1)", NULL },
{ NULL }
};
struct sigaction sigpipe_action;
+ GType socket_type = THRIFT_TYPE_SOCKET;
+ gchar *socket_name = "ip";
GType transport_type = THRIFT_TYPE_BUFFERED_TRANSPORT;
gchar *transport_name = "buffered";
GType protocol_type = THRIFT_TYPE_BINARY_PROTOCOL;
@@ -164,12 +170,19 @@
}
}
+ if (ssl) {
+ socket_type = THRIFT_TYPE_SSL_SOCKET;
+ socket_name = "ip-ssl";
+ printf("Type name %s\n", g_type_name (socket_type));
+ }
+
if (!options_valid)
return 254;
- printf ("Connecting (%s/%s) to: %s:%d\n",
+ printf ("Connecting (%s/%s) to: %s/%s:%d\n",
transport_name,
protocol_name,
+ socket_name,
host,
port);
@@ -181,11 +194,22 @@
sigpipe_action.sa_flags = SA_RESETHAND;
sigaction (SIGPIPE, &sigpipe_action, NULL);
+ if (ssl) {
+ thrift_ssl_socket_initialize_openssl();
+ }
+
/* Establish all our connection objects */
- socket = g_object_new (THRIFT_TYPE_SOCKET,
+ socket = g_object_new (socket_type,
"hostname", host,
"port", port,
NULL);
+
+ if (ssl && !thrift_ssl_load_cert_from_file(THRIFT_SSL_SOCKET(socket), "../keys/CA.pem")) {
+ fprintf(stderr, "Unable to load validation certificate ../keys/CA.pem - did you run in the test/c_glib directory?\n");
+ g_object_unref (socket);
+ return 253;
+ }
+
transport = g_object_new (transport_type,
"transport", socket,
NULL);
@@ -277,10 +301,11 @@
printf (" = void\n");
}
else {
+ if(error!=NULL){
printf ("%s\n", error->message);
- g_error_free (error);
- error = NULL;
-
+ g_error_free (error);
+ error = NULL;
+ }
fail_count++;
}
@@ -439,8 +464,8 @@
fail_count++;
}
- // TODO: add testBinary()
-
+ // TODO: add testBinary()
+
/**
* STRUCT TEST
*/
@@ -1575,6 +1600,7 @@
}
else {
printf ("Connect failed: %s\n", error->message);
+ g_object_unref (socket);
g_error_free (error);
error = NULL;
@@ -1596,5 +1622,9 @@
g_object_unref (transport);
g_free (host);
+ if (ssl) {
+ thrift_ssl_socket_finalize_openssl();
+ }
+
return fail_count;
}
diff --git a/test/known_failures_Linux.json b/test/known_failures_Linux.json
index edf0fbb..4ca2050 100644
--- a/test/known_failures_Linux.json
+++ b/test/known_failures_Linux.json
@@ -11,6 +11,7 @@
"cpp-cpp_compact_http-ip-ssl",
"cpp-cpp_header_buffered-ip-ssl",
"cpp-cpp_header_framed-ip-ssl",
+ "cpp-cpp_header_http-domain",
"cpp-cpp_header_http-ip-ssl",
"cpp-cpp_json_buffered-ip-ssl",
"cpp-cpp_json_framed-ip",
@@ -35,7 +36,10 @@
"cpp-java_json_http-ip-ssl",
"cpp-perl_binary_buffered-ip-ssl",
"cpp-perl_binary_framed-ip-ssl",
- "cpp-py_binary-accel_framed-ip-ssl",
+ "csharp-c_glib_binary_buffered-ip-ssl",
+ "csharp-c_glib_binary_framed-ip-ssl",
+ "csharp-c_glib_compact_buffered-ip-ssl",
+ "csharp-c_glib_compact_framed-ip-ssl",
"csharp-cpp_binary_buffered-ip-ssl",
"csharp-cpp_binary_framed-ip-ssl",
"csharp-cpp_compact_buffered-ip-ssl",
@@ -101,6 +105,8 @@
"d-cpp_json_framed-ip-ssl",
"d-cpp_json_http-ip",
"d-cpp_json_http-ip-ssl",
+ "d-d_binary_http-ip",
+ "d-d_compact_http-ip",
"d-dart_binary_framed-ip",
"d-dart_binary_http-ip",
"d-dart_compact_framed-ip",
@@ -220,8 +226,6 @@
"hs-dart_json_framed-ip",
"hs-py3_json_buffered-ip",
"hs-py3_json_framed-ip",
- "hs-py_json_buffered-ip",
- "hs-py_json_framed-ip",
"java-d_compact_buffered-ip",
"java-d_compact_buffered-ip-ssl",
"java-d_compact_framed-ip",
diff --git a/test/tests.json b/test/tests.json
index 09d4c89..5de36f5 100644
--- a/test/tests.json
+++ b/test/tests.json
@@ -12,6 +12,9 @@
"client": {
"command": [
"test_client"
+ ],
+ "sockets": [
+ "ip-ssl"
]
},
"transports": [