THRIFT-2109 Secure connections should be supported in Go
Patch: Justin Judd
diff --git a/tutorial/go/Makefile.am b/tutorial/go/Makefile.am
index 5b1f710..5df065a 100644
--- a/tutorial/go/Makefile.am
+++ b/tutorial/go/Makefile.am
@@ -40,7 +40,13 @@
GOPATH=`pwd` $(GO) run src/*.go -server=true
tutorialclient: all
- GOPATH=`pwd` $(GO) run src/*.go -client=true
+ GOPATH=`pwd` $(GO) run src/*.go
+
+tutorialsecureserver: all
+ GOPATH=`pwd` $(GO) run src/*.go -server=true -secure=true
+
+tutorialsecureclient: all
+ GOPATH=`pwd` $(GO) run src/*.go -secure=true
clean-local:
$(RM) -r gen-*
diff --git a/tutorial/go/server.crt b/tutorial/go/server.crt
new file mode 100644
index 0000000..b345bf0
--- /dev/null
+++ b/tutorial/go/server.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRjCCAi4CCQC7ZHL2gkCrNDANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJV
+UzEPMA0GA1UECAwGVGhyaWZ0MQ8wDQYDVQQHDAZUaHJpZnQxDzANBgNVBAoMBkFw
+YWNoZTEPMA0GA1UECwwGVGhyaWZ0MRIwEAYDVQQDDAlUaHJpZnQtR28wHhcNMTMw
+ODAyMTM0MzM0WhcNMTQwODAyMTM0MzM0WjBlMQswCQYDVQQGEwJVUzEPMA0GA1UE
+CAwGVGhyaWZ0MQ8wDQYDVQQHDAZUaHJpZnQxDzANBgNVBAoMBkFwYWNoZTEPMA0G
+A1UECwwGVGhyaWZ0MRIwEAYDVQQDDAlUaHJpZnQtR28wggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDBIkwFBgvHNS4yR8VYqYgd6bZtE1bJSdUHAOmASYwF
+Q5dDGltiwwWJiyLQ6njgcugqJ+5Icn2i7zd3kWXuTi6uNHlDzAy253uRj0skhXIA
+CYcMpNB5KI/bZd94VYg8ZG5x/or9mhpQNaZBKMpQ6bb1MvAlHfJO08y6YH2mZjfW
+SlpjEem51R8OK/3AM6mWZfWHeuSX+nzbChgRDZH4m9leWutgKyUgQtU7b5tEndsP
+qzGNeedaWGcyLT2dtD5PmsFbJ/RQXE3NEWACelJh7B1JjwB42HvZtl7m83GuY7ew
+eKlJP2HQAmmUkNTLdSa0yTzLuNitIKoh7RW5q4bl4zyNAgMBAAEwDQYJKoZIhvcN
+AQEFBQADggEBAB7r7lXn2M3SdyuXH+U6wbiNKPq8SX3sgncpaOluC36Phfdu38XJ
+NLovB05BIlkkExkv/IvjUZxGByd9WvNZBgajqll/FaK3Vv8cTo53yjxbQexFVK/m
+J4G9q/dGIV+B+8soVedoMTZOSmKhowM//9Oshs70foJLBJoHA5UdTdBxMvYcZBXV
+S9vUaVNEFd2cN0tyvguY8JNIPU8yEOUspR/uBeRRk3pRTbgcACC8+zYGUSuBiEf3
+SEKO2BHYBCkoodHWBWeMiiksYd3I5xOE9yS+Wn4eZlJBMTIjgxSddR1HH2cDSwET
+FzuW8WjtE1A28JL/hR6YcxaEDTulaFhaKs8=
+-----END CERTIFICATE-----
diff --git a/tutorial/go/server.key b/tutorial/go/server.key
new file mode 100644
index 0000000..27d52f4
--- /dev/null
+++ b/tutorial/go/server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAwSJMBQYLxzUuMkfFWKmIHem2bRNWyUnVBwDpgEmMBUOXQxpb
+YsMFiYsi0Op44HLoKifuSHJ9ou83d5Fl7k4urjR5Q8wMtud7kY9LJIVyAAmHDKTQ
+eSiP22XfeFWIPGRucf6K/ZoaUDWmQSjKUOm29TLwJR3yTtPMumB9pmY31kpaYxHp
+udUfDiv9wDOplmX1h3rkl/p82woYEQ2R+JvZXlrrYCslIELVO2+bRJ3bD6sxjXnn
+WlhnMi09nbQ+T5rBWyf0UFxNzRFgAnpSYewdSY8AeNh72bZe5vNxrmO3sHipST9h
+0AJplJDUy3UmtMk8y7jYrSCqIe0VuauG5eM8jQIDAQABAoIBAEU9zpNef4qD/nP4
+V0BaR3qx971TWaIA3mcMZKqhs5mPigN8x5a45JtTTsAnz/5oM+QpPLysj26C5Rfx
+AOJXFVVPasprtYM9qoedIAuP7DcnM0vNKxDFAg5ej6fMwnMkbpRf9eTGAvkOwvRJ
+c39ey0FNadtkySKJvLR1M5ccvpgMnybCMDYsjDH0tAqWJcWsCX+/htk4rpg4V7yG
+JDg23yx4An+WWmPuR1zSQNx5mZBSg4RXYykr1MEKsHo+TDQ6IK6Wq2rtLUM0/0M6
+CJ80EswX6uY0Uh6eJH1o1BLJeAfNGk/a9MUUqPaWj7ospa5XJ0adG3Qq5MmF21Ft
+VbhRhQECgYEA/+2CcKlRlxoBzCRg8DdFf5OHE45EiUFAEX8/J9RWdLQSI/EwA6K2
+Q9CGy6WWKEFMHBHsxyV8Hx6dS+M+2UpM4h28Atiu/HLs3UZXrRv7FLJuXP7j+iBv
+oNo5+8sxcxL1GgJ3zcmSSHhMcZmbBowsYmx+lMDSSxGgXo2jEY3mZmkCgYEAwTBA
+KkO22D9263MYA/Exjcto+t5O7Q26gs/j2UscyBUn7fbcKofTvrWBBjMYMZvFokO8
+HM0PNTIpr0F9FPoUB2oky7VLmuoGf9smyZtl5fwIl6R/4MmStyAEUWnkI3qt/EOr
+5ZwrdzFdru6Z4zLYaW6bms+8A1G7GWnTNen+yIUCgYB57Lb14VRjfhpZHQOprUtI
+ygnSATcZhKJ3M33tBbXih18VDHRpZv0aNZ/iKRLuPp15yfhZr7wAP1+EpdBtSH50
+QuItIPnMfxvlFvvyFqB5bcAyQaRup0FHCnARSu5V+jQWnhJhUaSFLfqNLDa02dbT
+VQjA6VPGO7GBGk0TsdyP8QKBgE0OzvlMyzkUj325CeJAqdByS2yNkhPSPwwAmlTJ
+NjDE54lux0EbrqVKRq3PYZ4gEUP5GqauUJuaZ7AlQhxE6ApRF1498WtYX8FOC/ms
+x4dl8ZNzJSLnpGLxHWfQAhT40T9nSsCqe1fu0/x75dwPIu1jFiQ5Kjh0uFmZsYq2
+zE71AoGAIgX3hfqFTcQ0vQJ2bSk4Q2IBMRjW9maZDK/O009cWoVA1pq7qUFXX/Rl
+ADA5FD/HOZZ1QYEfRaIEItPZP6cbnza4mPVql6YwSqE5IV1DIefUkPzQVTWxSyPi
+FlH3RwTKS7V/qQ+7tPL7lGAsI6W/mtPM0TneDRcrpr6C9fghSDs=
+-----END RSA PRIVATE KEY-----
diff --git a/tutorial/go/src/client.go b/tutorial/go/src/client.go
index 7f8d28f..543d7fb 100644
--- a/tutorial/go/src/client.go
+++ b/tutorial/go/src/client.go
@@ -23,6 +23,7 @@
"fmt"
"git.apache.org/thrift.git/lib/go/thrift"
"tutorial"
+ "crypto/tls"
)
func handleClient(client *tutorial.CalculatorClient) (err error) {
@@ -69,9 +70,16 @@
return err
}
-func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
+func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
var transport thrift.TTransport
- transport, err := thrift.NewTSocket(addr)
+ var err error
+ if secure {
+ cfg := new(tls.Config)
+ cfg.InsecureSkipVerify = true
+ transport, err = thrift.NewTSSLSocket(addr, cfg)
+ } else {
+ transport, err = thrift.NewTSocket(addr)
+ }
if err != nil {
fmt.Println("Error opening socket:", err)
return err
diff --git a/tutorial/go/src/main.go b/tutorial/go/src/main.go
index d371394..96e5ec9 100644
--- a/tutorial/go/src/main.go
+++ b/tutorial/go/src/main.go
@@ -39,6 +39,7 @@
framed := flag.Bool("framed", false, "Use framed transport")
buffered := flag.Bool("buffered", false, "Use buffered transport")
addr := flag.String("addr", "localhost:9090", "Address to listen to")
+ secure := flag.Bool("secure", false, "Use tls secure transport")
flag.Parse()
@@ -70,11 +71,11 @@
}
if *server {
- if err := runServer(transportFactory, protocolFactory, *addr); err != nil {
+ if err := runServer(transportFactory, protocolFactory, *addr, *secure); err != nil {
fmt.Println("error running server:", err)
}
} else {
- if err := runClient(transportFactory, protocolFactory, *addr); err != nil {
+ if err := runClient(transportFactory, protocolFactory, *addr, *secure); err != nil {
fmt.Println("error running client:", err)
}
}
diff --git a/tutorial/go/src/server.go b/tutorial/go/src/server.go
index aea749e..0374cde 100644
--- a/tutorial/go/src/server.go
+++ b/tutorial/go/src/server.go
@@ -23,17 +23,34 @@
"fmt"
"git.apache.org/thrift.git/lib/go/thrift"
"tutorial"
+ "crypto/tls"
)
-func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
- transport, err := thrift.NewTServerSocket(addr)
+func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
+ var transport thrift.TServerTransport
+ var err error
+ if secure {
+ cfg := new(tls.Config)
+ if cert, err := tls.LoadX509KeyPair("server.crt", "server.key"); err == nil {
+ cfg.Certificates = append(cfg.Certificates, cert)
+ }
+ if err != nil {
+ fmt.Println("Unable to load server certificate and key")
+ return err
+ }
+ transport, err = thrift.NewTSSLServerSocket(addr, cfg)
+ } else {
+ transport, err = thrift.NewTServerSocket(addr)
+ }
+
if err != nil {
return err
}
+ fmt.Printf("%T\n", transport)
handler := NewCalculatorHandler()
processor := tutorial.NewCalculatorProcessor(handler)
server := thrift.NewTSimpleServer4(processor, transport, transportFactory, protocolFactory)
- fmt.Println("Starting the simple server... on ", transport.Addr())
+ fmt.Println("Starting the simple server... on ", addr)
return server.Serve()
}