THRIFT-4525: add ruby cross test ssl support
Client: rb
This closes #1514
diff --git a/test/rb/integration/TestClient.rb b/test/rb/integration/TestClient.rb
index 5259680..639aca9 100755
--- a/test/rb/integration/TestClient.rb
+++ b/test/rb/integration/TestClient.rb
@@ -27,19 +27,21 @@
require 'thrift_test'
$domain_socket = nil
-$protocolType = "binary"
$host = "localhost"
$port = 9090
+$protocolType = "binary"
+$ssl = false
$transport = "buffered"
ARGV.each do|a|
if a == "--help"
puts "Allowed options:"
puts "\t -h [ --help ] \t produce help message"
- puts "\t--domain-socket arg (=) \t Unix domain socket path - if not empty, host and port are ignored"
- puts "\t--host arg (=localhost) \t Host to connect"
- puts "\t--port arg (=9090) \t Port number to listen"
+ puts "\t--domain-socket arg (=) \t Unix domain socket path"
+ puts "\t--host arg (=localhost) \t Host to connect \t not valid with domain-socket"
+ puts "\t--port arg (=9090) \t Port number to listen \t not valid with domain-socket"
puts "\t--protocol arg (=binary) \t protocol: accel, binary, compact, json"
+ puts "\t--ssl \t use ssl \t not valid with domain-socket"
puts "\t--transport arg (=buffered) transport: buffered, framed, http"
exit
elsif a.start_with?("--domain-socket")
@@ -48,21 +50,37 @@
$host = a.split("=")[1]
elsif a.start_with?("--protocol")
$protocolType = a.split("=")[1]
+ elsif a == "--ssl"
+ $ssl = true
elsif a.start_with?("--transport")
$transport = a.split("=")[1]
elsif a.start_with?("--port")
$port = a.split("=")[1].to_i
end
end
-ARGV=[]
class SimpleClientTest < Test::Unit::TestCase
def setup
unless @socket
if $domain_socket.to_s.strip.empty?
- @socket = Thrift::Socket.new($host, $port)
+ if $ssl
+ # the working directory for ruby crosstest is test/rb/gen-rb
+ keysDir = File.join(File.dirname(File.dirname(Dir.pwd)), "keys")
+ ctx = OpenSSL::SSL::SSLContext.new
+ ctx.ca_file = File.join(keysDir, "CA.pem")
+ ctx.cert = OpenSSL::X509::Certificate.new(File.open(File.join(keysDir, "client.crt")))
+ ctx.cert_store = OpenSSL::X509::Store.new
+ ctx.cert_store.add_file(File.join(keysDir, 'server.pem'))
+ ctx.key = OpenSSL::PKey::RSA.new(File.open(File.join(keysDir, "client.key")))
+ ctx.options = OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
+ ctx.ssl_version = :SSLv23
+ ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
+ @socket = Thrift::SSLSocket.new($host, $port, nil, ctx)
+ else
+ @socket = Thrift::Socket.new($host, $port)
+ end
else
- @socket = Thrift::UNIXSocket.new($domain_socket)
+ @socket = Thrift::UNIXSocket.new($domain_socket)
end
if $transport == "buffered"
@@ -84,7 +102,7 @@
else
raise 'Unknown protocol type'
end
- @client = Thrift::Test::ThriftTest::Client.new(@protocol)
+ @client = Thrift::Test::ThriftTest::Client.new(@protocol)
@socket.open
end
end