THRIFT-2109 Secure connections should be supported in Go
Patch: Justin Judd
diff --git a/tutorial/go/src/client.go b/tutorial/go/src/client.go
index 7f8d28f..543d7fb 100644
--- a/tutorial/go/src/client.go
+++ b/tutorial/go/src/client.go
@@ -23,6 +23,7 @@
"fmt"
"git.apache.org/thrift.git/lib/go/thrift"
"tutorial"
+ "crypto/tls"
)
func handleClient(client *tutorial.CalculatorClient) (err error) {
@@ -69,9 +70,16 @@
return err
}
-func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
+func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
var transport thrift.TTransport
- transport, err := thrift.NewTSocket(addr)
+ var err error
+ if secure {
+ cfg := new(tls.Config)
+ cfg.InsecureSkipVerify = true
+ transport, err = thrift.NewTSSLSocket(addr, cfg)
+ } else {
+ transport, err = thrift.NewTSocket(addr)
+ }
if err != nil {
fmt.Println("Error opening socket:", err)
return err
diff --git a/tutorial/go/src/main.go b/tutorial/go/src/main.go
index d371394..96e5ec9 100644
--- a/tutorial/go/src/main.go
+++ b/tutorial/go/src/main.go
@@ -39,6 +39,7 @@
framed := flag.Bool("framed", false, "Use framed transport")
buffered := flag.Bool("buffered", false, "Use buffered transport")
addr := flag.String("addr", "localhost:9090", "Address to listen to")
+ secure := flag.Bool("secure", false, "Use tls secure transport")
flag.Parse()
@@ -70,11 +71,11 @@
}
if *server {
- if err := runServer(transportFactory, protocolFactory, *addr); err != nil {
+ if err := runServer(transportFactory, protocolFactory, *addr, *secure); err != nil {
fmt.Println("error running server:", err)
}
} else {
- if err := runClient(transportFactory, protocolFactory, *addr); err != nil {
+ if err := runClient(transportFactory, protocolFactory, *addr, *secure); err != nil {
fmt.Println("error running client:", err)
}
}
diff --git a/tutorial/go/src/server.go b/tutorial/go/src/server.go
index aea749e..0374cde 100644
--- a/tutorial/go/src/server.go
+++ b/tutorial/go/src/server.go
@@ -23,17 +23,34 @@
"fmt"
"git.apache.org/thrift.git/lib/go/thrift"
"tutorial"
+ "crypto/tls"
)
-func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
- transport, err := thrift.NewTServerSocket(addr)
+func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
+ var transport thrift.TServerTransport
+ var err error
+ if secure {
+ cfg := new(tls.Config)
+ if cert, err := tls.LoadX509KeyPair("server.crt", "server.key"); err == nil {
+ cfg.Certificates = append(cfg.Certificates, cert)
+ }
+ if err != nil {
+ fmt.Println("Unable to load server certificate and key")
+ return err
+ }
+ transport, err = thrift.NewTSSLServerSocket(addr, cfg)
+ } else {
+ transport, err = thrift.NewTServerSocket(addr)
+ }
+
if err != nil {
return err
}
+ fmt.Printf("%T\n", transport)
handler := NewCalculatorHandler()
processor := tutorial.NewCalculatorProcessor(handler)
server := thrift.NewTSimpleServer4(processor, transport, transportFactory, protocolFactory)
- fmt.Println("Starting the simple server... on ", transport.Addr())
+ fmt.Println("Starting the simple server... on ", addr)
return server.Serve()
}