[
https://issues.apache.org/jira/browse/THRIFT-151?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vlad Galu updated THRIFT-151:
-----------------------------
Attachment: TSSLSocket.h.diff
TSSLSocket.cpp.diff
OK, I've attached the diffs between the old and the new TSSLSocket.h and
TSSLSocket.cpp files.
Looking at the diffs brings back some memories:
- I split the SSLContext in two subclasses (client/server), to use
SSLv3_client_method()/SSLv3_server_method())
- I moved the SSL ctx cleanup in ~TSSLSocket()
- moved checkHandshake() after TSocket::Open(), in TSSLSocket::open()
- I'm not sure why I commented out the verification code in
TSSLSocket::authorize(), though. Might be a leftover from when I was debugging
- other API changes, which are quite irrelevant for the general use case, but
helped keep our own code cleaner
HTH,
Vlad
> TSSLServerSocket and TSSLSocket implementation
> ----------------------------------------------
>
> Key: THRIFT-151
> URL: https://issues.apache.org/jira/browse/THRIFT-151
> Project: Thrift
> Issue Type: Improvement
> Components: Library (C++)
> Reporter: Ian Pye
> Attachments: ssl-pingli.patch, ssl-redesigned.patch,
> ssl-test-pingli.patch, ssl.patch, Thrift.zip, TSSLSocket.cpp.diff,
> TSSLSocket.h.diff
>
> Original Estimate: 6h
> Remaining Estimate: 6h
>
> SSL Connections w/ autogenerated self signed x509 certs seem to be the state
> of the art for rpc layers.
> It would be good if there was a C++ implementation of TSocket and
> TServerSocket classes.
> This is similar to the Java issue Thrift 106.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
