THRIFT-151. cpp: TSSLServerSocket and TSSLSocket implementation
This patch adds an implementation of the above ssl sockets.
Patch: Ping Li, Kevin Worth, Rowan Kerr
git-svn-id: https://svn.apache.org/repos/asf/thrift/trunk@1073441 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/test/cpp/src/TestClient.cpp b/test/cpp/src/TestClient.cpp
index 897153a..7e37e85 100644
--- a/test/cpp/src/TestClient.cpp
+++ b/test/cpp/src/TestClient.cpp
@@ -23,6 +23,7 @@
#include <protocol/TBinaryProtocol.h>
#include <transport/TTransportUtils.h>
#include <transport/TSocket.h>
+#include <transport/TSSLSocket.h>
#include <boost/shared_ptr.hpp>
#include "ThriftTest.h"
@@ -56,6 +57,7 @@
int port = 9090;
int numTests = 1;
bool framed = false;
+ bool ssl = false;
for (int i = 0; i < argc; ++i) {
if (strcmp(argv[i], "-h") == 0) {
@@ -71,9 +73,22 @@
numTests = atoi(argv[++i]);
} else if (strcmp(argv[i], "-f") == 0) {
framed = true;
+ } else if (strcmp(argv[i], "--ssl") == 0) {
+ ssl = true;
}
}
+ shared_ptr<TSocket> socket;
+ shared_ptr<TSSLSocketFactory> factory;
+ if (ssl) {
+ factory = shared_ptr<TSSLSocketFactory>(new TSSLSocketFactory());
+ factory->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
+ factory->loadTrustedCertificates("./trusted-ca-certificate.pem");
+ factory->authenticate(true);
+ socket = factory->createSocket(host, port);
+ } else {
+ socket = shared_ptr<TSocket>(new TSocket(host, port));
+ }
shared_ptr<TBufferBase> transport;
diff --git a/test/cpp/src/TestServer.cpp b/test/cpp/src/TestServer.cpp
index d30475b..047dd33 100644
--- a/test/cpp/src/TestServer.cpp
+++ b/test/cpp/src/TestServer.cpp
@@ -34,6 +34,7 @@
#define __STDC_FORMAT_MACROS
#include <inttypes.h>
+#include <signal.h>
using namespace std;
using namespace boost;
@@ -326,6 +327,7 @@
string serverType = "simple";
string protocolType = "binary";
size_t workerCount = 4;
+ bool ssl = false;
ostringstream usage;
@@ -391,6 +393,11 @@
cerr << usage;
}
+ if (args["ssl"] == "true") {
+ ssl = true;
+ signal(SIGPIPE, SIG_IGN);
+ }
+
// Dispatcher
shared_ptr<TProtocolFactory> protocolFactory(
new TBinaryProtocolFactoryT<TBufferBase>());
@@ -407,8 +414,18 @@
}
// Transport
- shared_ptr<TServerSocket> serverSocket(new TServerSocket(port));
+ shared_ptr<TSSLSocketFactory> sslSocketFactory;
+ shared_ptr<TServerSocket> serverSocket;
+ if (ssl) {
+ sslSocketFactory = shared_ptr<TSSLSocketFactory>(new TSSLSocketFactory());
+ sslSocketFactory->loadCertificate("./server-certificate.pem");
+ sslSocketFactory->loadPrivateKey("./server-private-key.pem");
+ sslSocketFactory->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
+ serverSocket = shared_ptr<TServerSocket>(new TSSLServerSocket(port, sslSocketFactory));
+ } else {
+ serverSocket = shared_ptr<TServerSocket>(new TServerSocket(port));
+ }
// Factory
shared_ptr<TTransportFactory> transportFactory(new TBufferedTransportFactory());