[
https://issues.apache.org/jira/browse/THRIFT-4066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15864387#comment-15864387
]
James E. King, III commented on THRIFT-4066:
--------------------------------------------
Root cause on this was that the perl SSLSocket was not getting all the options
like certificate, ca, etc... because the base socket class did not handle when
options are passed in as a hash, and the TestClient never passed in the option
hash.
> Perl client, C++ Server in cross test with SSL fails, tlsv1 alert unknown ca
> ----------------------------------------------------------------------------
>
> Key: THRIFT-4066
> URL: https://issues.apache.org/jira/browse/THRIFT-4066
> Project: Thrift
> Issue Type: Bug
> Components: C++ - Library, Perl - Library, Test Suite
> Affects Versions: 0.10.0
> Environment: Ubuntu 14.04 (gcc 4.6.4) Perl 5.18
> Reporter: James E. King, III
> Assignee: James E. King, III
>
> I re-enabled the two cpp-perl SSL based tests in make cross and they failed:
> cpp-perl binary framed-ip-ssl failure(255)
> cpp-perl binary buffered-ip-ssl failure(255)
> The cpp server complained that "tlsv1 alert unknown ca".
> {noformat}
> Thu Feb 02 14:07:33 2017
> Executing: /home/jking/thrift/github/thrift/test/cpp/TestServer
> --protocol=binary --transport=buffered --ssl --port=41785
> Directory: /home/jking/thrift/github/thrift/test/cpp
> config:delay: 5
> config:timeout: 5
> ==========================================================================
> Starting "simple" server (buffered/binary) listen on: 41785
> Thrift: Thu Feb 2 14:07:33 2017 TConnectedClient died: SSL_accept: error
> code: 0
> Thrift: Thu Feb 2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Thrift: Thu Feb 2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1
> alert unknown ca
> Server process is successfully killed.
> ==========================================================================
> Process is killed.
> Test execution took 2.2 seconds.
> Thu Feb 02 14:07:35 2017
> {noformat}
> The perl client simply said it could not connect:
> {noformat}
> Thu Feb 02 14:07:35 2017
> Executing: perl -Igen-perl/ -I../../lib/perl/lib/ TestClient.pl
> --cert=../keys/client.pem --protocol=binary --transport=buffered --ssl
> --port=41785
> Directory: /home/jking/thrift/github/thrift/test/perl
> config:delay: 5
> config:timeout: 5
> ==========================================================================
> $VAR1 = bless( {
> 'message' => 'Thrift::SSLSocket: Could not connect to
> localhost:41785 ()',
> 'code' => 0
> }, 'Thrift::TException' );
> ==========================================================================
> Return code: 255
> Test execution took 0.1 seconds.
> Thu Feb 02 14:07:35 2017
> {noformat}
> Given both tests should be using the same certificate files, this is quite
> odd.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
