This is an automated email from the ASF dual-hosted git repository.
aldrin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nifi-minifi-cpp.git
The following commit(s) were added to refs/heads/master by this push:
new 6789201 MINIFICPP-793: Allow SSL Context to be defined from
properties by default without specifying manually. This will ease C2 usage of
SSL RESTFul services. Note that Civetweb needed some changes to support SSL
contexts in testing.
6789201 is described below
commit 678920114a18890879c8069f7da4a18dedc2460d
Author: Marc Parisi <phroc...@apache.org>
AuthorDate: Wed Mar 27 13:26:11 2019 -0400
MINIFICPP-793: Allow SSL Context to be defined from properties
by default without specifying manually. This will ease C2 usage
of SSL RESTFul services. Note that Civetweb needed some changes
to support SSL contexts in testing.
Change appveyor to use provided libressl
MINIFICPP-793: Fix appveyor by bringing fixes from windows test enablement
This closes #528.
Signed-off-by: Aldrin Piri <ald...@apache.org>
---
CMakeLists.txt | 21 ++++---
appveyor.yml | 8 +--
cmake/LibreSSL.cmake | 6 +-
darwin.sh | 2 +-
extensions/http-curl/protocols/RESTSender.cpp | 15 ++++-
extensions/http-curl/protocols/RESTSender.h | 8 +++
.../http-curl/tests/C2VerifyHeartbeatAndStop.cpp | 7 ++-
.../http-curl/tests/C2VerifyServeResults.cpp | 9 ++-
extensions/http-curl/tests/CMakeLists.txt | 5 +-
extensions/http-curl/tests/HTTPIntegrationBase.h | 11 ++--
.../http-curl/tests/HttpGetIntegrationTest.cpp | 7 ++-
extensions/http-curl/tests/TestServer.h | 20 ++++--
.../resources/C2VerifyHeartbeatAndStopSecure.yml | 73 ++++++++++++++++++++++
.../test/resources/C2VerifyServeResultsSecure.yml | 73 ++++++++++++++++++++++
14 files changed, 226 insertions(+), 39 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 006107a..d37ebf4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -170,7 +170,7 @@ if (WIN32)
endif()
# Provide custom modules for the project
-list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake")
if (NOT OPENSSL_OFF)
if(USE_SYSTEM_OPENSSL)
@@ -185,7 +185,7 @@ if (NOT OPENSSL_OFF)
else()
include(LibreSSL)
use_libre_ssl(${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_BINARY_DIR})
- list(APPEND CMAKE_MODULE_PATH
"${CMAKE_CURRENT_SOURCE_DIR}/cmake/ssl")
+ list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/ssl")
endif()
find_package (OpenSSL REQUIRED)
@@ -200,7 +200,7 @@ if (NOT OPENSSL_OFF)
endif (OPENSSL_FOUND)
else()
- list(APPEND CMAKE_MODULE_PATH
"${CMAKE_CURRENT_SOURCE_DIR}/cmake/winssl")
+ list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/winssl")
endif()
if (OPENSSL_ROOT_DIR )
@@ -244,7 +244,7 @@ SET(TEST_DIR ${CMAKE_SOURCE_DIR}/libminifi/test)
include(Extensions)
-list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/uuid/dummy")
+list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/uuid/dummy")
if (WIN32)
include_directories("thirdparty/uuid/include/win32/")
else()
@@ -312,7 +312,7 @@ endif()
-DHAVE_POLL_FINE_EXITCODE=0
-DHAVE_FSETXATTR_5=0
-DHAVE_FSETXATTR_5__TRYRUN_OUTPUT=""
- "-DCMAKE_MODULE_PATH=${CMAKE_CURRENT_SOURCE_DIR}/cmake/ssl"
+ "-DCMAKE_MODULE_PATH=${CMAKE_SOURCE_DIR}/cmake/ssl"
"-DCMAKE_C_FLAGS=${CURL_C_FLAGS}"
"-DCMAKE_CXX_FLAGS=${CURL_CXX_FLAGS}"
${PC}
@@ -328,7 +328,7 @@ endif()
set(CURL_BYPRODUCT_DIR "${BYPRODUCT}" CACHE STRING "" FORCE)
- list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/curl/dummy")
+ list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/curl/dummy")
add_library(curl STATIC IMPORTED)
set_target_properties(curl PROPERTIES IMPORTED_LOCATION
"${CURL_BIN_DIR}${BYPRODUCT}")
@@ -357,7 +357,10 @@ include(ExternalProject)
set(CIVETWEB_ENABLE_SSL_DYNAMIC_LOADING OFF CACHE BOOL "Disable dynamic SSL
library loading")
set(CIVETWEB_ENABLE_CXX ON CACHE BOOL "Enable civet C++ library")
-set(CIVETWEB_ENABLE_SSL OFF CACHE BOOL "DISABLE SSL")
+set(CIVETWEB_SSL_SSL_LIB "${OPENSSL_SSL_LIBRARY}" CACHE STRING "Enable civet
C++ library")
+set(CIVETWEB_SSL_CRYPTO_LIB "${OPENSSL_CRYPTO_LIBRARY}" CACHE STRING "Enable
civet C++ library")
+set(CIVETWEB_ENABLE_CXX ON CACHE BOOL "Enable civet C++ library")
+set(CIVETWEB_ENABLE_SSL ON CACHE BOOL "DISABLE SSL")
SET(WITH_TOOLS OFF CACHE BOOL "Do not build RocksDB tools")
if ( NOT APPLE)
@@ -542,9 +545,9 @@ if ((ENABLE_ALL OR ENABLE_SFTP) AND NOT DISABLE_CURL)
if(WIN32 OR NOT USE_SYSTEM_LIBSSH2)
include(LibSSH2)
use_bundled_libssh2(${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_BINARY_DIR})
- list(APPEND CMAKE_MODULE_PATH
"${CMAKE_CURRENT_SOURCE_DIR}/cmake/libssh2/dummy")
+ list(APPEND CMAKE_MODULE_PATH
"${CMAKE_SOURCE_DIR}/cmake/libssh2/dummy")
else()
- list(APPEND CMAKE_MODULE_PATH
"${CMAKE_CURRENT_SOURCE_DIR}/cmake/libssh2/sys")
+ list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/libssh2/sys")
find_package (LibSSH2 REQUIRED)
endif()
diff --git a/appveyor.yml b/appveyor.yml
index 03b59e1..4d7a65f 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,10 +1,8 @@
-image: Visual Studio 2015
+image: Visual Studio 2017
environment:
MSVC_DEFAULT_OPTIONS: ON
APPVEYOR_SAVE_CACHE_ON_ERROR: true
- GENERATOR: Ninja
- MAKE_PROGRAM: ninja
cache:
- build\curl-install\ -> appveyor.yml
@@ -22,6 +20,6 @@ build_script:
- cd C:\projects\nifi-minifi-cpp
- mkdir build & exit 0
- cd build
- - cmake -g"Ninja" -DWIN32=WIN32 -DOPENSSL_OFF=ON -DUSE_SYSTEM_ZLIB=OFF
-DFORCE_WINDOWS=ON -DUSE_SYSTEM_UUID=OFF -DDISABLE_ROCKSDB=ON -DDISABLE_CURL=ON
-DDISABLE_LIBARCHIVE=ON -DDISABLE_SCRIPTING=ON -DEXCLUDE_BOOST=ON
-DENABLE_WEL=TRUE -DSKIP_TESTS=ON ..
+ - cmake -G "Visual Studio 15 2017" -DCMAKE_BUILD_TYPE_INIT=Release
-DCMAKE_BUILD_TYPE=Release -DWIN32=WIN32 -DOPENSSL_OFF=OFF
-DUSE_SHARED_LIBS=OFF -DDISABLE_CONTROLLER=ON -DBUILD_ROCKSDB=ON
-DFORCE_WINDOWS=ON -DUSE_SYSTEM_UUID=OFF -DDISABLE_LIBARCHIVE=ON
-DDISABLE_SCRIPTING=ON -DEXCLUDE_BOOST=ON -DENABLE_WEL=TRUE -DSKIP_TESTS=ON
-DFAIL_ON_WARNINGS=OFF ..
- set msbuild_platform=x64
- - msbuild nifi-minifi-cpp.sln
+ - msbuild /m nifi-minifi-cpp.sln /property:Configuration=Release
diff --git a/cmake/LibreSSL.cmake b/cmake/LibreSSL.cmake
index efcccad..a37e0dc 100644
--- a/cmake/LibreSSL.cmake
+++ b/cmake/LibreSSL.cmake
@@ -29,7 +29,9 @@ function(use_libre_ssl SOURCE_DIR BINARY_DIR)
endif(WIN32)
ExternalProject_Add(
libressl-portable
- URL "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.3.tar.gz";
+ ### default is openbsd.org -- cloudflare is a reliable mirror
+ #URL
"https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.3.tar.gz";
+ URL
"https://cloudflare.cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.3.tar.gz";
SOURCE_DIR "${BINARY_DIR}/thirdparty/libressl-src"
CMAKE_ARGS ${PASSTHROUGH_CMAKE_ARGS}
"-DCMAKE_INSTALL_PREFIX=${BINARY_DIR}/thirdparty/libressl-install"
@@ -59,4 +61,4 @@ function(use_libre_ssl SOURCE_DIR BINARY_DIR)
set(OPENSSL_INCLUDE_DIR "${SOURCE_DIR}/thirdparty/libressl/include"
CACHE STRING "" FORCE)
set(OPENSSL_LIBRARIES
"${BINARY_DIR}/thirdparty/libressl-install/lib/${BYPRODUCT_PREFIX}tls${BYPRODUCT_SUFFIX}"
"${BINARY_DIR}/thirdparty/libressl-install/lib/${BYPRODUCT_PREFIX}ssl${BYPRODUCT_SUFFIX}"
"${BINARY_DIR}/thirdparty/libressl-install/lib/${BYPRODUCT_PREFIX}crypto${BYPRODUCT_SUFFIX}"
CACHE STRING "" FORCE)
-endfunction(use_libre_ssl)
\ No newline at end of file
+endfunction(use_libre_ssl)
diff --git a/darwin.sh b/darwin.sh
index 7019768..1f50956 100644
--- a/darwin.sh
+++ b/darwin.sh
@@ -80,7 +80,7 @@ build_deps(){
if [ "$KEY" = "$option" ]; then
FOUND_VALUE="$VALUE"
if [ "$FOUND_VALUE" = "libcurl" ]; then
- brew install curl
+ brew install curl-openssl
elif [ "$FOUND_VALUE" = "libpcap" ]; then
INSTALLED+=("libpcap")
elif [ "$FOUND_VALUE" = "openssl" ]; then
diff --git a/extensions/http-curl/protocols/RESTSender.cpp
b/extensions/http-curl/protocols/RESTSender.cpp
index bef5aa0..0cf915e 100644
--- a/extensions/http-curl/protocols/RESTSender.cpp
+++ b/extensions/http-curl/protocols/RESTSender.cpp
@@ -82,6 +82,13 @@ void RESTSender::update(const std::shared_ptr<Configure>
&configure) {
configure->get("nifi.c2.rest.url.ack", "c2.rest.url.ack", url);
}
+void RESTSender::setSecurityContext(utils::HTTPClient &client, const
std::string &type, const std::string &url) {
+ // only use the SSL Context if we have a secure URL.
+ auto generatedService =
std::make_shared<minifi::controllers::SSLContextService>("Service",
configuration_);
+ generatedService->onEnable();
+ client.initialize(type, url, generatedService);
+}
+
const C2Payload RESTSender::sendPayload(const std::string url, const Direction
direction, const C2Payload &payload, const std::string outputConfig) {
if (url.empty()) {
return C2Payload(payload.getOperation(), state::UpdateState::READ_ERROR,
true);
@@ -99,11 +106,17 @@ const C2Payload RESTSender::sendPayload(const std::string
url, const Direction d
callback->ptr = input.get();
callback->pos = 0;
client.set_request_method("POST");
+ if (!ssl_context_service_ && url.find("https://";) == 0) {
+ setSecurityContext(client, "POST", url);
+ }
client.setUploadCallback(callback.get());
client.setPostSize(outputConfig.size());
} else {
- // we do not need to set the uplaod callback
+ // we do not need to set the upload callback
// since we are not uploading anything on a get
+ if (!ssl_context_service_ && url.find("https://";) == 0) {
+ setSecurityContext(client, "GET", url);
+ }
client.set_request_method("GET");
}
diff --git a/extensions/http-curl/protocols/RESTSender.h
b/extensions/http-curl/protocols/RESTSender.h
index ccb7b03..40a81f2 100644
--- a/extensions/http-curl/protocols/RESTSender.h
+++ b/extensions/http-curl/protocols/RESTSender.h
@@ -62,6 +62,14 @@ class RESTSender : public RESTProtocol, public C2Protocol {
virtual const C2Payload sendPayload(const std::string url, const Direction
direction, const C2Payload &payload, const std::string outputConfig);
+ /**
+ * Initializes the SSLContextService onto the HTTP client if one is needed
+ * @param client HTTP client
+ * @param type type of HTTP request
+ * @param url HTTP url
+ */
+ void setSecurityContext(utils::HTTPClient &client,const std::string &type,
const std::string &url);
+
std::shared_ptr<minifi::controllers::SSLContextService> ssl_context_service_;
std::string rest_uri_;
diff --git a/extensions/http-curl/tests/C2VerifyHeartbeatAndStop.cpp
b/extensions/http-curl/tests/C2VerifyHeartbeatAndStop.cpp
index 4c526b4..9323a16 100644
--- a/extensions/http-curl/tests/C2VerifyHeartbeatAndStop.cpp
+++ b/extensions/http-curl/tests/C2VerifyHeartbeatAndStop.cpp
@@ -162,7 +162,7 @@ class VerifyC2Heartbeat : public CoapIntegrationBase {
std::string url = "";
inv->getProperty(minifi::processors::InvokeHTTP::URL.getName(), url);
- std::string c2_url = std::string("http") + (isSecure ? "s" : "") +
"://localhost:" + getWebPort() + "/api/heartbeat" ;
+ std::string c2_url = std::string("http") + (isSecure ? "s" : "") +
"://localhost:" + getWebPort() + "/api/heartbeat";
configuration->set("nifi.c2.agent.protocol.class", "RESTSender");
configuration->set("nifi.c2.enable", "true");
@@ -185,7 +185,10 @@ int main(int argc, char **argv) {
url = "http://localhost:0/api/heartbeat";;
if (argc > 1) {
test_file_location = argv[1];
- key_dir = argv[2];
+ if (argc > 2) {
+ url = "https://localhost:0/api/heartbeat";;
+ key_dir = argv[2];
+ }
}
bool isSecure = false;
diff --git a/extensions/http-curl/tests/C2VerifyServeResults.cpp
b/extensions/http-curl/tests/C2VerifyServeResults.cpp
index ac4ee54..5335238 100644
--- a/extensions/http-curl/tests/C2VerifyServeResults.cpp
+++ b/extensions/http-curl/tests/C2VerifyServeResults.cpp
@@ -135,13 +135,12 @@ int main(int argc, char **argv) {
std::string key_dir, test_file_location, url;
if (argc > 1) {
test_file_location = argv[1];
- key_dir = argv[2];
+ if (argc > 2) {
+ key_dir = argv[2];
+ }
}
- bool isSecure = false;
- if (url.find("https") != std::string::npos) {
- isSecure = true;
- }
+ bool isSecure = !key_dir.empty();
VerifyC2Server harness(isSecure);
diff --git a/extensions/http-curl/tests/CMakeLists.txt
b/extensions/http-curl/tests/CMakeLists.txt
index 620b8e8..2290927 100644
--- a/extensions/http-curl/tests/CMakeLists.txt
+++ b/extensions/http-curl/tests/CMakeLists.txt
@@ -77,11 +77,12 @@ add_test(NAME C2JstackTest COMMAND C2JstackTest
"${TEST_RESOURCES}/TestHTTPGet.y
add_test(NAME C2UpdateAgentTest COMMAND C2UpdateAgentTest
"${TEST_RESOURCES}/TestHTTPGet.yml" "${TEST_RESOURCES}/")
add_test(NAME C2FailedUpdateTest COMMAND C2FailedUpdateTest
"${TEST_RESOURCES}/TestHTTPGet.yml" "${TEST_RESOURCES}/TestBad.yml"
"${TEST_RESOURCES}/")
add_test(NAME C2NullConfiguration COMMAND C2NullConfiguration
"${TEST_RESOURCES}/TestNull.yml" "${TEST_RESOURCES}/")
-#add_test(NAME HttpGetIntegrationTestSecure COMMAND HttpGetIntegrationTest
"${TEST_RESOURCES}/TestHTTPGetSecure.yml" "${TEST_RESOURCES}/")
+add_test(NAME HttpGetIntegrationTestSecure COMMAND HttpGetIntegrationTest
"${TEST_RESOURCES}/TestHTTPGetSecure.yml" "${TEST_RESOURCES}/")
add_test(NAME HttpPostIntegrationTest COMMAND HttpPostIntegrationTest
"${TEST_RESOURCES}/TestHTTPPost.yml" "${TEST_RESOURCES}/")
add_test(NAME HttpPostIntegrationTestChunked COMMAND HttpPostIntegrationTest
"${TEST_RESOURCES}/TestHTTPPostChunkedEncoding.yml" "${TEST_RESOURCES}/")
add_test(NAME C2VerifyServeResults COMMAND C2VerifyServeResults
"${TEST_RESOURCES}/C2VerifyServeResults.yml" "${TEST_RESOURCES}/")
-add_test(NAME C2VerifyHeartbeatAndStop COMMAND C2VerifyHeartbeatAndStop
"${TEST_RESOURCES}/C2VerifyHeartbeatAndStop.yml" "${TEST_RESOURCES}/")
+add_test(NAME C2VerifyHeartbeatAndStopSecure COMMAND C2VerifyHeartbeatAndStop
"${TEST_RESOURCES}/C2VerifyHeartbeatAndStopSecure.yml" "${TEST_RESOURCES}/")
+add_test(NAME C2VerifyHeartbeatAndStop COMMAND C2VerifyHeartbeatAndStop
"${TEST_RESOURCES}/C2VerifyHeartbeatAndStop.yml" )
add_test(NAME HTTPSiteToSiteTests COMMAND HTTPSiteToSiteTests
"${TEST_RESOURCES}/TestHTTPSiteToSite.yml" "${TEST_RESOURCES}/"
"http://localhost:8099/nifi-api";)
add_test(NAME SiteToSiteRestTest COMMAND SiteToSiteRestTest
"${TEST_RESOURCES}/TestSite2SiteRest.yml" "${TEST_RESOURCES}/"
"http://localhost:8077/nifi-api/site-to-site";)
add_test(NAME ControllerServiceIntegrationTests COMMAND
ControllerServiceIntegrationTests
"${TEST_RESOURCES}/TestControllerServices.yml" "${TEST_RESOURCES}/")
diff --git a/extensions/http-curl/tests/HTTPIntegrationBase.h
b/extensions/http-curl/tests/HTTPIntegrationBase.h
index 01f1712..628c822 100644
--- a/extensions/http-curl/tests/HTTPIntegrationBase.h
+++ b/extensions/http-curl/tests/HTTPIntegrationBase.h
@@ -49,8 +49,8 @@ class CoapIntegrationBase : public IntegrationBase {
std::string getWebPort() {
std::string ret_val = port;
- if(ret_val.back() == 's') {
- ret_val = ret_val.substr(0, ret_val.size()-1);
+ if (ret_val.back() == 's') {
+ ret_val = ret_val.substr(0, ret_val.size() - 1);
}
return ret_val;
}
@@ -67,7 +67,7 @@ void CoapIntegrationBase::setUrl(std::string url,
CivetHandler *handler) {
parse_http_components(url, port, scheme, path);
struct mg_callbacks callback;
- if (url.find("localhost") != std::string::npos) {
+ if (url.find("localhost") != std::string::npos ||
url.find(minifi::io::Socket::getMyHostName()) != std::string::npos) {
if (server != nullptr) {
server->addHandler(path, handler);
return;
@@ -84,14 +84,13 @@ void CoapIntegrationBase::setUrl(std::string url,
CivetHandler *handler) {
server = start_webserver(port, path, handler);
}
}
- if(port == "0" || port == "0s") {
+ if (port == "0" || port == "0s") {
bool secure = (port == "0s");
port = std::to_string(server->getListeningPorts()[0]);
- if(secure) {
+ if (secure) {
port += "s";
}
}
-
}
#endif /* LIBMINIFI_TEST_INTEGRATION_HTTPINTEGRATIONBASE_H_ */
diff --git a/extensions/http-curl/tests/HttpGetIntegrationTest.cpp
b/extensions/http-curl/tests/HttpGetIntegrationTest.cpp
index 8e6042f..3fc207a 100644
--- a/extensions/http-curl/tests/HttpGetIntegrationTest.cpp
+++ b/extensions/http-curl/tests/HttpGetIntegrationTest.cpp
@@ -55,13 +55,16 @@ int log_message(const struct mg_connection *conn, const
char *message) {
}
int ssl_enable(void *ssl_context, void *user_data) {
+ puts("Enable ssl");
struct ssl_ctx_st *ctx = (struct ssl_ctx_st *) ssl_context;
return 0;
}
class HttpResponder : public CivetHandler {
+ private:
public:
bool handleGet(CivetServer *server, struct mg_connection *conn) {
+ puts("handle get");
static const std::string site2site_rest_resp = "hi this is a get test";
mg_printf(conn, "HTTP/1.1 200 OK\r\nContent-Type: "
"text/plain\r\nContent-Length: %lu\r\nConnection: close\r\n\r\n",
@@ -133,9 +136,9 @@ int main(int argc, char **argv) {
cert = key_dir + "nifi-cert.pem";
memset(&callback, 0, sizeof(callback));
callback.init_ssl = ssl_enable;
- port +="s";
+ std::string https_port = port + "s";
callback.log_message = log_message;
- server = start_webserver(port, path, &h_ex, &callback, cert, cert);
+ server = start_webserver(https_port, path, &h_ex, &callback, cert, cert);
} else {
server = start_webserver(port, path, &h_ex);
}
diff --git a/extensions/http-curl/tests/TestServer.h
b/extensions/http-curl/tests/TestServer.h
index 0847270..601da4e 100644
--- a/extensions/http-curl/tests/TestServer.h
+++ b/extensions/http-curl/tests/TestServer.h
@@ -22,6 +22,7 @@
#include <iostream>
#include "civetweb.h"
#include "CivetServer.h"
+#include "civetweb.h"
/* Server context handle */
@@ -33,15 +34,26 @@ void init_webserver() {
CivetServer * start_webserver(std::string &port, std::string &rooturi,
CivetHandler *handler, struct mg_callbacks *callbacks, std::string &cert,
std::string &ca_cert) {
- const char *options[] = { "listening_ports", port.c_str(), "error_log_file",
+ const char *options[] = { "document_root", ".", "listening_ports",
port.c_str(), "error_log_file",
"error.log", "ssl_certificate", ca_cert.c_str(), "ssl_protocol_version",
"0", "ssl_cipher_list",
- "ALL", "ssl_verify_peer", "no", 0 };
-
+ "ALL", "request_timeout_ms", "10000", "enable_auth_domain_check", "no",
"ssl_verify_peer", "no", 0 };
+// ECDH+AESGCM+AES256:!aNULL:!MD5:!DSS
std::vector<std::string> cpp_options;
for (size_t i = 0; i < (sizeof(options) / sizeof(options[0]) - 1); i++) {
cpp_options.push_back(options[i]);
}
- CivetServer *server = new CivetServer(cpp_options);
+
+ if (!mg_check_feature(2)) {
+ fprintf(stderr,
+ "Error: Embedded example built with SSL support, "
+ "but civetweb library build without.\n");
+ return 0;
+ }
+
+
+ //mg_init_library(MG_FEATURES_SSL);
+
+ CivetServer *server = new CivetServer(cpp_options,
(CivetCallbacks*)callbacks);
server->addHandler(rooturi, handler);
diff --git a/libminifi/test/resources/C2VerifyHeartbeatAndStopSecure.yml
b/libminifi/test/resources/C2VerifyHeartbeatAndStopSecure.yml
new file mode 100644
index 0000000..b965c6a
--- /dev/null
+++ b/libminifi/test/resources/C2VerifyHeartbeatAndStopSecure.yml
@@ -0,0 +1,73 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+Flow Controller:
+ name: MiNiFi Flow
+ id: 2438e3c8-015a-1000-79ca-83af40ec1990
+Processors:
+ - name: invoke
+ id: 2438e3c8-015a-1000-79ca-83af40ec1991
+ class: org.apache.nifi.processors.standard.InvokeHTTP
+ max concurrent tasks: 1
+ scheduling strategy: TIMER_DRIVEN
+ scheduling period: 1 sec
+ penalization period: 30 sec
+ yield period: 1 sec
+ run duration nanos: 0
+ auto-terminated relationships list:
+ Properties:
+ HTTP Method: GET
+ Remote URL: https://localhost:11015/geturl
+ - name: LogAttribute
+ id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ class: org.apache.nifi.processors.standard.LogAttribute
+ max concurrent tasks: 1
+ scheduling strategy: TIMER_DRIVEN
+ scheduling period: 1 sec
+ penalization period: 30 sec
+ yield period: 1 sec
+ run duration nanos: 0
+ auto-terminated relationships list: response
+ Properties:
+ Log Level: info
+ Log Payload: true
+
+Connections:
+ - name: TransferFilesToRPG
+ id: 2438e3c8-015a-1000-79ca-83af40ec1997
+ source name: invoke
+ source id: 2438e3c8-015a-1000-79ca-83af40ec1991
+ source relationship name: success
+ destination name: LogAttribute
+ destination id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ max work queue size: 0
+ max work queue data size: 1 MB
+ flowfile expiration: 60 sec
+ - name: TransferFilesToRPG2
+ id: 2438e3c8-015a-1000-79ca-83af40ec1917
+ source name: LogAttribute
+ source id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ destination name: LogAttribute
+ destination id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ source relationship name: success
+ max work queue size: 0
+ max work queue data size: 1 MB
+ flowfile expiration: 60 sec
+
+Remote Processing Groups:
+
diff --git a/libminifi/test/resources/C2VerifyServeResultsSecure.yml
b/libminifi/test/resources/C2VerifyServeResultsSecure.yml
new file mode 100644
index 0000000..735e3a2
--- /dev/null
+++ b/libminifi/test/resources/C2VerifyServeResultsSecure.yml
@@ -0,0 +1,73 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+Flow Controller:
+ name: MiNiFi Flow
+ id: 2438e3c8-015a-1000-79ca-83af40ec1990
+Processors:
+ - name: invoke
+ id: 2438e3c8-015a-1000-79ca-83af40ec1991
+ class: org.apache.nifi.processors.standard.InvokeHTTP
+ max concurrent tasks: 1
+ scheduling strategy: TIMER_DRIVEN
+ scheduling period: 1 sec
+ penalization period: 30 sec
+ yield period: 1 sec
+ run duration nanos: 0
+ auto-terminated relationships list:
+ Properties:
+ HTTP Method: GET
+ Remote URL: https://localhost:11013/geturl
+ - name: LogAttribute
+ id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ class: org.apache.nifi.processors.standard.LogAttribute
+ max concurrent tasks: 1
+ scheduling strategy: TIMER_DRIVEN
+ scheduling period: 1 sec
+ penalization period: 30 sec
+ yield period: 1 sec
+ run duration nanos: 0
+ auto-terminated relationships list: response
+ Properties:
+ Log Level: info
+ Log Payload: true
+
+Connections:
+ - name: TransferFilesToRPG
+ id: 2438e3c8-015a-1000-79ca-83af40ec1997
+ source name: invoke
+ source id: 2438e3c8-015a-1000-79ca-83af40ec1991
+ source relationship name: success
+ destination name: LogAttribute
+ destination id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ max work queue size: 0
+ max work queue data size: 1 MB
+ flowfile expiration: 60 sec
+ - name: TransferFilesToRPG2
+ id: 2438e3c8-015a-1000-79ca-83af40ec1917
+ source name: LogAttribute
+ source id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ destination name: LogAttribute
+ destination id: 2438e3c8-015a-1000-79ca-83af40ec1992
+ source relationship name: success
+ max work queue size: 0
+ max work queue data size: 1 MB
+ flowfile expiration: 60 sec
+
+Remote Processing Groups:
+
