http://git-wip-us.apache.org/repos/asf/mesos-site/blob/ac68e329/content/api/latest/c++/libprocess_2include_2process_2ssl_2gtest_8hpp_source.html ---------------------------------------------------------------------- diff --git a/content/api/latest/c++/libprocess_2include_2process_2ssl_2gtest_8hpp_source.html b/content/api/latest/c++/libprocess_2include_2process_2ssl_2gtest_8hpp_source.html index 5e88d1e..f35e7ba 100644 --- a/content/api/latest/c++/libprocess_2include_2process_2ssl_2gtest_8hpp_source.html +++ b/content/api/latest/c++/libprocess_2include_2process_2ssl_2gtest_8hpp_source.html @@ -52,9 +52,8 @@ <div class="title">gtest.hpp</div> </div> </div><!--header--> <div class="contents"> -<a href="libprocess_2include_2process_2ssl_2gtest_8hpp.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">// Licensed to the Apache Software Foundation (ASF) under one</span></div><div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment">// or more contributor license agreements. See the NOTICE file</span></div><div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment">// distributed with this work for additional information</span></div><div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment">// regarding copyright ownership. The ASF licenses this file</span></div><div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment">// to you under the Apache License, Version 2.0 (the</span></div><div class="lin e"><a name="l00006"></a><span class="lineno"> 6</span> <span class="comment">// "License"); you may not use this file except in compliance</span></div><div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="comment">// with the License. You may obtain a copy of the License at</span></div><div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="comment">//</span></div><div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="comment">// http://www.apache.org/licenses/LICENSE-2.0</span></div><div class="line"><a name="l00010"></a><span class="lineno"> 10</span> <span class="comment">//</span></div><div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="comment">// Unless required by applicable law or agreed to in writing, software</span></div><div class="line"><a name="l00012"></a><span class="lineno"> 12</span> < span class="comment">// distributed under the License is distributed on an "AS IS" BASIS,</span></div><div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="comment">// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></div><div class="line"><a name="l00014"></a><span class="lineno"> 14</span> <span class="comment">// See the License for the specific language governing permissions and</span></div><div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="comment">// limitations under the License.</span></div><div class="line"><a name="l00016"></a><span class="lineno"> 16</span> </div><div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="preprocessor">#ifndef __PROCESS_SSL_TEST_HPP__</span></div><div class="line"><a name="l00018"></a><span class="lineno"> 18</span> <span class="preprocessor">#define __PROCESS_SSL_TEST_HP P__</span></div><div class="line"><a name="l00019"></a><span class="lineno"> 19</span> </div><div class="line"><a name="l00020"></a><span class="lineno"> 20</span> <span class="preprocessor">#ifdef USE_SSL_SOCKET</span></div><div class="line"><a name="l00021"></a><span class="lineno"> 21</span> <span class="preprocessor">#include <string></span></div><div class="line"><a name="l00022"></a><span class="lineno"> 22</span> </div><div class="line"><a name="l00023"></a><span class="lineno"> 23</span> <span class="preprocessor">#include <openssl/rsa.h></span></div><div class="line"><a name="l00024"></a><span class="lineno"> 24</span> <span class="preprocessor">#include <openssl/bio.h></span></div><div class="line"><a name="l00025"></a><span class="lineno"> 25</span> <span class="preprocessor">#include <openssl/x509.h></span></div><div class="line"><a name="l00026"></a><span class="lineno"> 26</span> <span clas s="preprocessor">#include <openssl/x509v3.h></span></div><div class="line"><a name="l00027"></a><span class="lineno"> 27</span> </div><div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="preprocessor">#include <<a class="code" href="3rdparty_2libprocess_2include_2process_2io_8hpp.html">process/io.hpp</a>></span></div><div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="preprocessor">#include <<a class="code" href="libprocess_2include_2process_2process_8hpp.html">process/process.hpp</a>></span></div><div class="line"><a name="l00030"></a><span class="lineno"> 30</span> <span class="preprocessor">#include <<a class="code" href="libprocess_2include_2process_2socket_8hpp.html">process/socket.hpp</a>></span></div><div class="line"><a name="l00031"></a><span class="lineno"> 31</span> <span class="preprocessor">#include <<a class="code" href="subprocess_8hpp.html">pro cess/subprocess.hpp</a>></span></div><div class="line"><a name="l00032"></a><span class="lineno"> 32</span> </div><div class="line"><a name="l00033"></a><span class="lineno"> 33</span> <span class="preprocessor">#include <<a class="code" href="utilities_8hpp.html">process/ssl/utilities.hpp</a>></span></div><div class="line"><a name="l00034"></a><span class="lineno"> 34</span> </div><div class="line"><a name="l00035"></a><span class="lineno"> 35</span> <span class="preprocessor">#include <<a class="code" href="none_8hpp.html">stout/none.hpp</a>></span></div><div class="line"><a name="l00036"></a><span class="lineno"> 36</span> <span class="preprocessor">#include <<a class="code" href="option_8hpp.html">stout/option.hpp</a>></span></div><div class="line"><a name="l00037"></a><span class="lineno"> 37</span> <span class="preprocessor">#include <<a class="code" href="try_8hpp.html">stout/try.hpp</a>></span></div><div cl ass="line"><a name="l00038"></a><span class="lineno"> 38</span> <span class="preprocessor">#include <<a class="code" href="result_8hpp.html">stout/result.hpp</a>></span></div><div class="line"><a name="l00039"></a><span class="lineno"> 39</span> </div><div class="line"><a name="l00040"></a><span class="lineno"> 40</span> <span class="preprocessor">#include <<a class="code" href="realpath_8hpp.html">stout/os/realpath.hpp</a>></span></div><div class="line"><a name="l00041"></a><span class="lineno"> 41</span> <span class="preprocessor">#endif // USE_SSL_SOCKET</span></div><div class="line"><a name="l00042"></a><span class="lineno"> 42</span> </div><div class="line"><a name="l00043"></a><span class="lineno"> 43</span> <span class="preprocessor">#include <<a class="code" href="3rdparty_2stout_2include_2stout_2tests_2utils_8hpp.html">stout/tests/utils.hpp</a>></span></div><div class="line"><a name="l00044"></a><span class="lineno "> 44</span> </div><div class="line"><a name="l00045"></a><span class="lineno"> 45</span> <span class="preprocessor">#ifdef USE_SSL_SOCKET</span></div><div class="line"><a name="l00046"></a><span class="lineno"> 46</span> <span class="keyword">namespace </span><a class="code" href="namespaceprocess.html">process</a> {</div><div class="line"><a name="l00047"></a><span class="lineno"> 47</span> <span class="keyword">namespace </span>network {</div><div class="line"><a name="l00048"></a><span class="lineno"> 48</span> <span class="keyword">namespace </span>openssl {</div><div class="line"><a name="l00049"></a><span class="lineno"> 49</span> </div><div class="line"><a name="l00050"></a><span class="lineno"> 50</span> <span class="comment">// Forward declare the `reinitialize()` function since we want to</span></div><div class="line"><a name="l00051"></a><span class="lineno"> 51</span> <span class="comment">// programatically change SSL flags during tests.</span></div><div class="line"><a name="l00052"></a><span class="lineno"> 52</span> <span class="keywordtype">void</span> reinitialize();</div><div class="line"><a name="l00053"></a><span class="lineno"> 53</span> </div><div class="line"><a name="l00054"></a><span class="lineno"> 54</span> } <span class="comment">// namespace openssl {</span></div><div class="line"><a name="l00055"></a><span class="lineno"> 55</span> } <span class="comment">// namespace network {</span></div><div class="line"><a name="l00056"></a><span class="lineno"> 56</span> } <span class="comment">// namespace process {</span></div><div class="line"><a name="l00057"></a><span class="lineno"> 57</span> <span class="preprocessor">#endif // USE_SSL_SOCKET</span></div><div class="line"><a name="l00058"></a><span class="lineno"> 58</span> </div><div class="line"><a name="l00059"></a><span class="lineno"> 59</span> <span class="comment">// When SSL is not compiled in, we want the `SSLTemporaryDirectoryTest` class</span></div><div class="line"><a name="l00060"></a><span class="lineno"> 60</span> <span class="comment">// to exist, so that other tests can inherit it; this class is equivalent</span></div><div class="line"><a name="l00061"></a><span class="lineno"> 61</span> <span class="comment">// to the `TemporaryDirectoryTest` under that condition.</span></div><div class="line"><a name="l00062"></a><span class="lineno"> 62</span> <span class="preprocessor">#ifndef USE_SSL_SOCKET</span></div><div class="line"><a name="l00063"></a><span class="lineno"><a class="line" href="classSSLTemporaryDirectoryTest.html"> 63</a></span> <span class="keyword">class </span><a class="code" href="classSSLTemporaryDirectoryTest.html">SSLTemporaryDirectoryTest</a> : <span class="keyword">public</span> <a class="code" href="classTemporaryDirectoryTest.html">TemporaryDirectoryTest</a> {};</div><div class="line">< a name="l00064"></a><span class="lineno"> 64</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00065"></a><span class="lineno"> 65</span> </div><div class="line"><a name="l00069"></a><span class="lineno"> 69</span> <span class="keyword">class </span><a class="code" href="classSSLTemporaryDirectoryTest.html">SSLTemporaryDirectoryTest</a> : <span class="keyword">public</span> <a class="code" href="classTemporaryDirectoryTest.html">TemporaryDirectoryTest</a></div><div class="line"><a name="l00070"></a><span class="lineno"> 70</span> {</div><div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="keyword">public</span>:</div><div class="line"><a name="l00072"></a><span class="lineno"> 72</span>  <span class="keyword">static</span> <span class="keywordtype">void</span> TearDownTestCase()</div><div class="line"><a name="l00073"></a><span class="lineno"> 73</span>  {</div><div class= "line"><a name="l00074"></a><span class="lineno"> 74</span>  <span class="comment">// Clear and reset any environment variables.</span></div><div class="line"><a name="l00075"></a><span class="lineno"> 75</span>  set_environment_variables({});</div><div class="line"><a name="l00076"></a><span class="lineno"> 76</span>  }</div><div class="line"><a name="l00077"></a><span class="lineno"> 77</span> </div><div class="line"><a name="l00078"></a><span class="lineno"> 78</span> <span class="keyword">protected</span>:</div><div class="line"><a name="l00082"></a><span class="lineno"> 82</span>  <a class="code" href="classPath.html">Path</a> key_path()</div><div class="line"><a name="l00083"></a><span class="lineno"> 83</span>  {</div><div class="line"><a name="l00084"></a><span class="lineno"> 84</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath .html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"key.pem"</span>));</div><div class="line"><a name="l00085"></a><span class="lineno"> 85</span>  }</div><div class="line"><a name="l00086"></a><span class="lineno"> 86</span> </div><div class="line"><a name="l00090"></a><span class="lineno"> 90</span>  <a class="code" href="classPath.html">Path</a> certificate_path()</div><div class="line"><a name="l00091"></a><span class="lineno"> 91</span>  {</div><div class="line"><a name="l00092"></a><span class="lineno"> 92</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringlitera l">"cert.pem"</span>));</div><div class="line"><a name="l00093"></a><span class="lineno"> 93</span>  }</div><div class="line"><a name="l00094"></a><span class="lineno"> 94</span> </div><div class="line"><a name="l00098"></a><span class="lineno"> 98</span>  <a class="code" href="classPath.html">Path</a> scrap_key_path()</div><div class="line"><a name="l00099"></a><span class="lineno"> 99</span>  {</div><div class="line"><a name="l00100"></a><span class="lineno"> 100</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"scrap_key.pem"</span>));</div><div class="line"><a name="l00101"></a><span class="lineno"> 101</span>  }</div><div class="line"><a name="l00102"></a><spa n class="lineno"> 102</span> </div><div class="line"><a name="l00106"></a><span class="lineno"> 106</span>  <a class="code" href="classPath.html">Path</a> scrap_certificate_path()</div><div class="line"><a name="l00107"></a><span class="lineno"> 107</span>  {</div><div class="line"><a name="l00108"></a><span class="lineno"> 108</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"scrap_cert.pem"</span>));</div><div class="line"><a name="l00109"></a><span class="lineno"> 109</span>  }</div><div class="line"><a name="l00110"></a><span class="lineno"> 110</span> </div><div class="line"><a name="l00115"></a><span class="lineno"> 115</span>  <span class="keyword">static</span> <sp an class="keywordtype">void</span> set_environment_variables(</div><div class="line"><a name="l00116"></a><span class="lineno"> 116</span>  <span class="keyword">const</span> std::map<std::string, std::string>& <a class="code" href="namespacemesos_1_1internal_1_1tests.html#a1396c5e3b0a179220de2792d74770ec2">environment</a>)</div><div class="line"><a name="l00117"></a><span class="lineno"> 117</span>  {</div><div class="line"><a name="l00118"></a><span class="lineno"> 118</span>  <span class="comment">// This unsets all the SSL environment variables. Necessary for</span></div><div class="line"><a name="l00119"></a><span class="lineno"> 119</span>  <span class="comment">// ensuring a clean starting slate between tests.</span></div><div class="line"><a name="l00120"></a><span class="lineno"> 120</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPR OCESS_SSL_ENABLED"</span>);</div><div class="line"><a name="l00121"></a><span class="lineno"> 121</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_SUPPORT_DOWNGRADE"</span>);</div><div class="line"><a name="l00122"></a><span class="lineno"> 122</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CERT_FILE"</span>);</div><div class="line"><a name="l00123"></a><span class="lineno"> 123</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_KEY_FILE"</span>);</div><div class="line"><a name="l00124"></a><span class="lineno"> 124</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringlite ral">"LIBPROCESS_SSL_VERIFY_CERT"</span>);</div><div class="line"><a name="l00125"></a><span class="lineno"> 125</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_REQUIRE_CERT"</span>);</div><div class="line"><a name="l00126"></a><span class="lineno"> 126</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_VERIFY_DEPTH"</span>);</div><div class="line"><a name="l00127"></a><span class="lineno"> 127</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CA_DIR"</span>);</div><div class="line"><a name="l00128"></a><span class="lineno"> 128</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span c lass="stringliteral">"LIBPROCESS_SSL_CA_FILE"</span>);</div><div class="line"><a name="l00129"></a><span class="lineno"> 129</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CIPHERS"</span>);</div><div class="line"><a name="l00130"></a><span class="lineno"> 130</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_SSL_V3"</span>);</div><div class="line"><a name="l00131"></a><span class="lineno"> 131</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_0"</span>);</div><div class="line"><a name="l00132"></a><span class="lineno"> 132</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::uns etenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_1"</span>);</div><div class="line"><a name="l00133"></a><span class="lineno"> 133</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_2"</span>);</div><div class="line"><a name="l00134"></a><span class="lineno"> 134</span> </div><div class="line"><a name="l00135"></a><span class="lineno"> 135</span>  <span class="comment">// Copy the given map into the clean slate.</span></div><div class="line"><a name="l00136"></a><span class="lineno"> 136</span>  <a class="code" href="foreach_8hpp.html#a66900b166526abe66464d6597536b111">foreachpair</a> (</div><div class="line"><a name="l00137"></a><span class="lineno"> 137</span>  <span class="keyword">const</span> std::string& <a class="code" href="namespaceos_1_1Shell.html#acfe16ef2b1146ad49a8651c0a457ce46" >name</a>, <span class="keyword">const</span> std::string& value, >environment) {</div><div class="line"><a name="l00138"></a><span >class="lineno"> 138</span>  <a class="code" >href="namespaceos.html#ac0f608e2a32764327e38c53d0d51527d">os::setenv</a>(name, > value);</div><div class="line"><a name="l00139"></a><span class="lineno"> >139</span>  }</div><div class="line"><a name="l00140"></a><span >class="lineno"> 140</span> </div><div class="line"><a >name="l00141"></a><span class="lineno"> 141</span>  <span >class="comment">// Make sure the library internally reflects the new >environment variables.</span></div><div class="line"><a >name="l00142"></a><span class="lineno"> 142</span>  >process::network::openssl::reinitialize();</div><div class="line"><a >name="l00143"></a><span class="lineno"> 143</span>  }</div><div >class="line"><a name="l00144"></a><span class="lineno"> >144</span> </div><div class="line"><a name="l00152"></a><span clas s="lineno"> 152</span>  <span class="keywordtype">void</span> generate_keys_and_certs() {</div><div class="line"><a name="l00153"></a><span class="lineno"> 153</span>  <span class="comment">// We store the allocated objects in these results so that we can</span></div><div class="line"><a name="l00154"></a><span class="lineno"> 154</span>  <span class="comment">// have a consolidated 'cleanup()' function. This makes all the</span></div><div class="line"><a name="l00155"></a><span class="lineno"> 155</span>  <span class="comment">// 'EXIT()' calls more readable and less error prone.</span></div><div class="line"><a name="l00156"></a><span class="lineno"> 156</span>  <a class="code" href="classResult.html">Result<EVP_PKEY*></a> private_key = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <a class="code" href="classResult.html">Resul t<X509*></a> certificate = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00158"></a><span class="lineno"> 158</span>  <a class="code" href="classResult.html">Result<EVP_PKEY*></a> scrap_key = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00159"></a><span class="lineno"> 159</span>  <a class="code" href="classResult.html">Result<X509*></a> scrap_certificate = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00160"></a><span class="lineno"> 160</span> </div><div class="line"><a name="l00161"></a><span class="lineno"> 161</span>  <span class="keyword">auto</span> <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a> = [&private_key, &certificate, &scrap_key, &scrap_certificate](</div><div class="line"><a name="l00162"></a><span class="lineno"> 162</span>  <span class="keyword">const</span> <a class="code" href="classOption.html">Option<std::string></a> abort_message = <a class="code" href="structNone.html">None</a>()) {</div><div class="line"><a name="l00163"></a><span class="lineno"> 163</span>  <span class="keywordflow">if</span> (private_key.<a class="code" href="classResult.html#a85eaa52037223d71092e65701c166562">isSome</a>()) { EVP_PKEY_free(private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>()); }</div><div class="line"><a name="l00164"></a><span class="lineno"> 164</span>  <span class="keywordflow">if</span> (certificate.isSome()) { X509_free(certificate.get()); }</div><div class="line"><a name="l00165"></a><span class="lineno"> 165</span>  <span class="keywordflow">if</span> (scrap_key.isSome()) { EVP_PKEY_free(scrap_key.get()); }</div><div class="line"><a name="l00166"></a><span class="lineno"> 166</span>  <span class="keywordflow">if</span > (scrap_certificate.<a class="code" > href="classResult.html#a85eaa52037223d71092e65701c166562">isSome</a>()) { > X509_free(scrap_certificate.<a class="code" > href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>()); > }</div><div class="line"><a name="l00167"></a><span class="lineno"> > 167</span> </div><div class="line"><a name="l00168"></a><span > class="lineno"> 168</span>  <span class="comment">// We abort > here because failure during setup indicates that something</span></div><div > class="line"><a name="l00169"></a><span class="lineno"> 169</span>  > <span class="comment">// is horribly and irrecoverably > wrong.</span></div><div class="line"><a name="l00170"></a><span > class="lineno"> 170</span>  <span class="keywordflow">if</span> > (abort_message.isSome()) {</div><div class="line"><a name="l00171"></a><span > class="lineno"> 171</span>  <a class="code" > href="abort_8hpp.html#a4d84a74fe6e4f84bc3d2f901b9e89f93">ABORT</a>(abort_message .get());</div><div class="line"><a name="l00172"></a><span class="lineno"> 172</span>  }</div><div class="line"><a name="l00173"></a><span class="lineno"> 173</span>  };</div><div class="line"><a name="l00174"></a><span class="lineno"> 174</span> </div><div class="line"><a name="l00175"></a><span class="lineno"> 175</span>  <span class="comment">// Generate the authority key.</span></div><div class="line"><a name="l00176"></a><span class="lineno"> 176</span>  private_key = process::network::openssl::generate_private_rsa_key();</div><div class="line"><a name="l00177"></a><span class="lineno"> 177</span>  <span class="keywordflow">if</span> (private_key.<a class="code" href="classResult.html#aeca16ad17d299ad885c9b46c83b12a3d">isError</a>()) {</div><div class="line"><a name="l00178"></a><span class="lineno"> 178</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class=" stringliteral">"Could not generate private key: "</span> + private_key.<a class="code" href="classResult.html#a521adf96f5c27d26d6b1d580aae8aaee">error</a>());</div><div class="line"><a name="l00179"></a><span class="lineno"> 179</span>  }</div><div class="line"><a name="l00180"></a><span class="lineno"> 180</span> </div><div class="line"><a name="l00181"></a><span class="lineno"> 181</span>  <span class="comment">// Figure out the hostname that libprocess is advertising.</span></div><div class="line"><a name="l00182"></a><span class="lineno"> 182</span>  <span class="comment">// Set the hostname of the certificate to this hostname so that</span></div><div class="line"><a name="l00183"></a><span class="lineno"> 183</span>  <span class="comment">// hostname verification of the certificate will pass.</span></div><div class="line"><a name="l00184"></a><span class="lineno"> 184</span>  <a class="code" href="classTry.html">Try&l t;std::string></a> <a class="code" href="namespacenet.html#a28018530986e91a179ea6239fdf0a447">hostname</a> = <a class="code" href="namespacenet.html#a9228d72b9850d1b39d54b5784068fa1f">net::getHostname</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip);</div><div class="line"><a name="l00185"></a><span class="lineno"> 185</span>  <span class="keywordflow">if</span> (hostname.isError()) {</div><div class="line"><a name="l00186"></a><span class="lineno"> 186</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not determine hostname of libprocess: "</span> +</div><div class="line"><a name="l00187"></a><span class="lineno"> 187</span>  hostname.error());</div><div class="line"><a name="l00188"></a><span class="lineno"> 188</span>  }</div><div class="line"><a name="l00189"></a><span class=" lineno"> 189</span> </div><div class="line"><a name="l00190"></a><span class="lineno"> 190</span>  <span class="comment">// Generate an authorized certificate.</span></div><div class="line"><a name="l00191"></a><span class="lineno"> 191</span>  certificate = process::network::openssl::generate_x509(</div><div class="line"><a name="l00192"></a><span class="lineno"> 192</span>  private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(),</div><div class="line"><a name="l00193"></a><span class="lineno"> 193</span>  private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(),</div><div class="line"><a name="l00194"></a><span class="lineno"> 194</span>  <a class="code" href="structNone.html">None</a>(),</div><div class="line"><a name="l00195"></a><span class="lineno"> 195</span>  1,</div><div class="line"><a name="l00196"></a><span class="lin eno"> 196</span>  365,</div><div class="line"><a name="l00197"></a><span class="lineno"> 197</span>  hostname.get(),</div><div class="line"><a name="l00198"></a><span class="lineno"> 198</span>  <a class="code" href="classnet_1_1IP.html">net::IP</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip));</div><div class="line"><a name="l00199"></a><span class="lineno"> 199</span> </div><div class="line"><a name="l00200"></a><span class="lineno"> 200</span>  <span class="keywordflow">if</span> (certificate.isError()) {</div><div class="line"><a name="l00201"></a><span class="lineno"> 201</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not generate certificate: "</span> + certificate.error());</div><div class="line"><a name="l00202"></a><span class="lineno"> 202</span>  }</div><div class="line"><a name="l00203"></a><span class="lineno"> 203</span> </div><div class="line"><a name="l00204"></a><span class="lineno"> 204</span>  <span class="comment">// Write the authority key to disk.</span></div><div class="line"><a name="l00205"></a><span class="lineno"> 205</span>  <a class="code" href="classTry.html">Try<Nothing></a> key_write =</div><div class="line"><a name="l00206"></a><span class="lineno"> 206</span>  process::network::openssl::write_key_file(private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(), key_path());</div><div class="line"><a name="l00207"></a><span class="lineno"> 207</span> </div><div class="line"><a name="l00208"></a><span class="lineno"> 208</span>  <span class="keywordflow">if</span> (key_write.isError()) {</div><div class="line"><a name="l00209"></a><span class="lineno"> 209</span>  <a class="code" href="namespacecgro ups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write private key to disk: "</span> + key_write.error());</div><div class="line"><a name="l00210"></a><span class="lineno"> 210</span>  }</div><div class="line"><a name="l00211"></a><span class="lineno"> 211</span> </div><div class="line"><a name="l00212"></a><span class="lineno"> 212</span>  <span class="comment">// Write the authorized certificate to disk.</span></div><div class="line"><a name="l00213"></a><span class="lineno"> 213</span>  <a class="code" href="classTry.html">Try<Nothing></a> certificate_write =</div><div class="line"><a name="l00214"></a><span class="lineno"> 214</span>  process::network::openssl::write_certificate_file(</div><div class="line"><a name="l00215"></a><span class="lineno"> 215</span>  certificate.get(),</div><div class="line"><a name="l00216"></a><span class="lineno"> 216</span> 0; certificate_path());</div><div class="line"><a name="l00217"></a><span class="lineno"> 217</span> </div><div class="line"><a name="l00218"></a><span class="lineno"> 218</span>  <span class="keywordflow">if</span> (certificate_write.isError()) {</div><div class="line"><a name="l00219"></a><span class="lineno"> 219</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write certificate to disk: "</span> +</div><div class="line"><a name="l00220"></a><span class="lineno"> 220</span>  certificate_write.error());</div><div class="line"><a name="l00221"></a><span class="lineno"> 221</span>  }</div><div class="line"><a name="l00222"></a><span class="lineno"> 222</span> </div><div class="line"><a name="l00223"></a><span class="lineno"> 223</span>  <span class="comment">// Generate a scrap key.</span></div><div class="li ne"><a name="l00224"></a><span class="lineno"> 224</span>  scrap_key = process::network::openssl::generate_private_rsa_key();</div><div class="line"><a name="l00225"></a><span class="lineno"> 225</span>  <span class="keywordflow">if</span> (scrap_key.isError()) {</div><div class="line"><a name="l00226"></a><span class="lineno"> 226</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not generate a scrap private key: "</span> + scrap_key.error());</div><div class="line"><a name="l00227"></a><span class="lineno"> 227</span>  }</div><div class="line"><a name="l00228"></a><span class="lineno"> 228</span> </div><div class="line"><a name="l00229"></a><span class="lineno"> 229</span>  <span class="comment">// Write the scrap key to disk.</span></div><div class="line"><a name="l00230"></a><span class="lineno"> 230</span>  key_write = proce ss::network::openssl::write_key_file(</div><div class="line"><a name="l00231"></a><span class="lineno"> 231</span>  scrap_key.get(),</div><div class="line"><a name="l00232"></a><span class="lineno"> 232</span>  scrap_key_path());</div><div class="line"><a name="l00233"></a><span class="lineno"> 233</span> </div><div class="line"><a name="l00234"></a><span class="lineno"> 234</span>  <span class="keywordflow">if</span> (key_write.isError()) {</div><div class="line"><a name="l00235"></a><span class="lineno"> 235</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write scrap key to disk: "</span> + key_write.error());</div><div class="line"><a name="l00236"></a><span class="lineno"> 236</span>  }</div><div class="line"><a name="l00237"></a><span class="lineno"> 237</span> </div><div class="line"><a name="l00238"></a><span cl ass="lineno"> 238</span>  <span class="comment">// Generate a scrap certificate.</span></div><div class="line"><a name="l00239"></a><span class="lineno"> 239</span>  scrap_certificate = process::network::openssl::generate_x509(</div><div class="line"><a name="l00240"></a><span class="lineno"> 240</span>  scrap_key.get(),</div><div class="line"><a name="l00241"></a><span class="lineno"> 241</span>  scrap_key.get());</div><div class="line"><a name="l00242"></a><span class="lineno"> 242</span> </div><div class="line"><a name="l00243"></a><span class="lineno"> 243</span>  <span class="keywordflow">if</span> (scrap_certificate.isError()) {</div><div class="line"><a name="l00244"></a><span class="lineno"> 244</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not generate a scrap certificate: "</span> +</div><div class="line"><a name="l00245"></a><span class="lineno"> 245</span>  scrap_certificate.error());</div><div class="line"><a name="l00246"></a><span class="lineno"> 246</span>  }</div><div class="line"><a name="l00247"></a><span class="lineno"> 247</span> </div><div class="line"><a name="l00248"></a><span class="lineno"> 248</span>  <span class="comment">// Write the scrap certificate to disk.</span></div><div class="line"><a name="l00249"></a><span class="lineno"> 249</span>  certificate_write = process::network::openssl::write_certificate_file(</div><div class="line"><a name="l00250"></a><span class="lineno"> 250</span>  scrap_certificate.get(),</div><div class="line"><a name="l00251"></a><span class="lineno"> 251</span>  scrap_certificate_path());</div><div class="line"><a name="l00252"></a><span class="lineno"> 252</span> </div><div class="line"><a name="l00253"></a><span class="lineno"> 253</span>  <span class="keywordflow">if</span> (certificate_write.isError()) {</div><div class="line"><a name="l00254"></a><span class="lineno"> 254</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write scrap certificate to disk: "</span> +</div><div class="line"><a name="l00255"></a><span class="lineno"> 255</span>  certificate_write.error());</div><div class="line"><a name="l00256"></a><span class="lineno"> 256</span>  }</div><div class="line"><a name="l00257"></a><span class="lineno"> 257</span> </div><div class="line"><a name="l00258"></a><span class="lineno"> 258</span>  <span class="comment">// Since we successfully set up all our state, we call cleanup</span></div><div class="line"><a name="l00259"></a><span class="lineno"> 259</span>  <span class="comment">// without an abort message (so as not to abort).</span></div><div class="l ine"><a name="l00260"></a><span class="lineno"> 260</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>();</div><div class="line"><a name="l00261"></a><span class="lineno"> 261</span>  }</div><div class="line"><a name="l00262"></a><span class="lineno"> 262</span> };</div><div class="line"><a name="l00263"></a><span class="lineno"> 263</span> </div><div class="line"><a name="l00264"></a><span class="lineno"> 264</span> </div><div class="line"><a name="l00272"></a><span class="lineno"> 272</span> <span class="keyword">class </span>SSLTest : <span class="keyword">public</span> <a class="code" href="classSSLTemporaryDirectoryTest.html">SSLTemporaryDirectoryTest</a>,</div><div class="line"><a name="l00273"></a><span class="lineno"> 273</span>  <span class="keyword">public</span> ::testing::WithParamInterface<const char*></div><div class="line"><a name="l00274"></a><span class ="lineno"> 274</span> {</div><div class="line"><a name="l00275"></a><span class="lineno"> 275</span> <span class="keyword">protected</span>:</div><div class="line"><a name="l00276"></a><span class="lineno"> 276</span>  SSLTest() : data(<span class="stringliteral">"Hello World!"</span>) {}</div><div class="line"><a name="l00277"></a><span class="lineno"> 277</span> </div><div class="line"><a name="l00278"></a><span class="lineno"> 278</span>  <span class="keyword">virtual</span> <span class="keywordtype">void</span> SetUp()</div><div class="line"><a name="l00279"></a><span class="lineno"> 279</span>  {</div><div class="line"><a name="l00280"></a><span class="lineno"> 280</span>  <a class="code" href="classTemporaryDirectoryTest.html#a8c276b7f4a8ac1d5ca5d575d56fbea12">SSLTemporaryDirectoryTest::SetUp</a>();</div><div class="line"><a name="l00281"></a><span class="lineno"> 281</span>  generate_keys_and_certs();</div><di v class="line"><a name="l00282"></a><span class="lineno"> 282</span>  }</div><div class="line"><a name="l00283"></a><span class="lineno"> 283</span> </div><div class="line"><a name="l00292"></a><span class="lineno"> 292</span>  <a class="code" href="classTry.html">Try<process::network::inet::Socket></a> setup_server(</div><div class="line"><a name="l00293"></a><span class="lineno"> 293</span>  <span class="keyword">const</span> std::map<std::string, std::string>& <a class="code" href="namespacemesos_1_1internal_1_1tests.html#a1396c5e3b0a179220de2792d74770ec2">environment</a>)</div><div class="line"><a name="l00294"></a><span class="lineno"> 294</span>  {</div><div class="line"><a name="l00295"></a><span class="lineno"> 295</span>  set_environment_variables(environment);</div><div class="line"><a name="l00296"></a><span class="lineno"> 296</span> </div><div class="line"><a name="l00297"></a><span class="lineno"> 29 7</span>  <span class="keyword">const</span> <a class="code" href="classTry.html">Try<process::network::inet::Socket></a> <a class="code" href="namespacecgroups.html#a2ecc89636706df947027a4c3c2100fbe">create</a> =</div><div class="line"><a name="l00298"></a><span class="lineno"> 298</span>  <a class="code" href="classprocess_1_1network_1_1internal_1_1Socket.html#a63ec4379f16d4f8dbf39f91b1be74a31">process::network::inet::Socket::create</a>(</div><div class="line"><a name="l00299"></a><span class="lineno"> 299</span>  process::network::internal::SocketImpl::Kind::SSL);</div><div class="line"><a name="l00300"></a><span class="lineno"> 300</span> </div><div class="line"><a name="l00301"></a><span class="lineno"> 301</span>  <span class="keywordflow">if</span> (create.<a class="code" href="classTry.html#a0b98f95163b8a38daafd1651b043a276">isError</a>()) {</div><div class="line"><a name="l00302"></a><span class="lineno"> 302</span> 60; <span class="keywordflow">return</span> <a class="code" href="classError.html">Error</a>(create.<a class="code" href="classTry.html#aec4a11ddd3c036e889d90b7eb6258ba7">error</a>());</div><div class="line"><a name="l00303"></a><span class="lineno"> 303</span>  }</div><div class="line"><a name="l00304"></a><span class="lineno"> 304</span> </div><div class="line"><a name="l00305"></a><span class="lineno"> 305</span>  <a class="code" href="classprocess_1_1network_1_1internal_1_1Socket.html">process::network::inet::Socket</a> server = create.<a class="code" href="classTry.html#a8bc7f43e75a47111ea18e9c83b007be5">get</a>();</div><div class="line"><a name="l00306"></a><span class="lineno"> 306</span> </div><div class="line"><a name="l00307"></a><span class="lineno"> 307</span>  <span class="comment">// We need to explicitly bind to the address advertised by libprocess so the</span></div><div class="line"><a name="l00308"></a><span class="lineno "> 308</span>  <span class="comment">// certificate we create in this test fixture can be verified.</span></div><div class="line"><a name="l00309"></a><span class="lineno"> 309</span>  <a class="code" href="classTry.html">Try<process::network::inet::Address></a> <a class="code" href="namespaceprocess_1_1network.html#ad067110a4b38cc83785a43f49bf6c8e2">bind</a> =</div><div class="line"><a name="l00310"></a><span class="lineno"> 310</span>  server.bind(</div><div class="line"><a name="l00311"></a><span class="lineno"> 311</span>  <a class="code" href="classprocess_1_1network_1_1inet_1_1Address.html">process::network::inet::Address</a>(<a class="code" href="classnet_1_1IP.html">net::IP</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip), 0));</div><div class="line"><a name="l00312"></a><span class="lineno"> 312</span> </div><div class="line"><a name="l00313"></a><span class= "lineno"> 313</span>  <span class="keywordflow">if</span> (bind.<a class="code" href="classTry.html#a0b98f95163b8a38daafd1651b043a276">isError</a>()) {</div><div class="line"><a name="l00314"></a><span class="lineno"> 314</span>  <span class="keywordflow">return</span> <a class="code" href="classError.html">Error</a>(bind.<a class="code" href="classTry.html#aec4a11ddd3c036e889d90b7eb6258ba7">error</a>());</div><div class="line"><a name="l00315"></a><span class="lineno"> 315</span>  }</div><div class="line"><a name="l00316"></a><span class="lineno"> 316</span> </div><div class="line"><a name="l00317"></a><span class="lineno"> 317</span>  <span class="keyword">const</span> <a class="code" href="classTry.html">Try<Nothing></a> <a class="code" href="namespacecgroups_1_1event.html#a6f0a35d2d8f1381bc000001c94155393">listen</a> = server.listen(<a class="code" href="namespacerouting_1_1queueing_1_1statistics.html#afe8c444f1d99c4ed31c37e7dee3 fecfa">BACKLOG</a>);</div><div class="line"><a name="l00318"></a><span class="lineno"> 318</span>  <span class="keywordflow">if</span> (listen.isError()) {</div><div class="line"><a name="l00319"></a><span class="lineno"> 319</span>  <span class="keywordflow">return</span> <a class="code" href="classError.html">Error</a>(listen.error());</div><div class="line"><a name="l00320"></a><span class="lineno"> 320</span>  }</div><div class="line"><a name="l00321"></a><span class="lineno"> 321</span> </div><div class="line"><a name="l00322"></a><span class="lineno"> 322</span>  <span class="keywordflow">return</span> server;</div><div class="line"><a name="l00323"></a><span class="lineno"> 323</span>  }</div><div class="line"><a name="l00324"></a><span class="lineno"> 324</span> </div><div class="line"><a name="l00339"></a><span class="lineno"> 339</span>  <a class="code" href="classTry.html">Try<process::Subprocess></a> l aunch_client(</div><div class="line"><a name="l00340"></a><span class="lineno"> 340</span>  <span class="keyword">const</span> std::map<std::string, std::string>& environment,</div><div class="line"><a name="l00341"></a><span class="lineno"> 341</span>  <span class="keyword">const</span> <a class="code" href="classprocess_1_1network_1_1internal_1_1Socket.html">process::network::inet::Socket</a>& server,</div><div class="line"><a name="l00342"></a><span class="lineno"> 342</span>  <span class="keywordtype">bool</span> use_ssl_socket)</div><div class="line"><a name="l00343"></a><span class="lineno"> 343</span>  {</div><div class="line"><a name="l00344"></a><span class="lineno"> 344</span>  <span class="keyword">const</span> <a class="code" href="classTry.html">Try<process::network::inet::Address></a> <a class="code" href="namespaceprocess_1_1network.html#a1987d4376ac5e2f04ad72e6c84c7569c">address</a> = server.<a clas s="code" href="classprocess_1_1network_1_1internal_1_1Socket.html#ae0a90b8a9cbc66e8042905a34652f2db">address</a>();</div><div class="line"><a name="l00345"></a><span class="lineno"> 345</span>  <span class="keywordflow">if</span> (address.<a class="code" href="classTry.html#a0b98f95163b8a38daafd1651b043a276">isError</a>()) {</div><div class="line"><a name="l00346"></a><span class="lineno"> 346</span>  <span class="keywordflow">return</span> <a class="code" href="classError.html">Error</a>(address.<a class="code" href="classTry.html#aec4a11ddd3c036e889d90b7eb6258ba7">error</a>());</div><div class="line"><a name="l00347"></a><span class="lineno"> 347</span>  }</div><div class="line"><a name="l00348"></a><span class="lineno"> 348</span> </div><div class="line"><a name="l00349"></a><span class="lineno"> 349</span>  <span class="comment">// Set up arguments to be passed to the 'client-ssl' binary.</span></div><div class="line"><a name=" l00350"></a><span class="lineno"> 350</span>  <span class="keyword">const</span> std::vector<std::string> argv = {</div><div class="line"><a name="l00351"></a><span class="lineno"> 351</span>  <span class="stringliteral">"ssl-client"</span>,</div><div class="line"><a name="l00352"></a><span class="lineno"> 352</span>  <span class="stringliteral">"--use_ssl="</span> + <a class="code" href="namespacens.html#a28116b46e6543597a11733424cd1aa20">stringify</a>(use_ssl_socket),</div><div class="line"><a name="l00353"></a><span class="lineno"> 353</span>  <span class="stringliteral">"--server="</span> + <a class="code" href="namespacens.html#a28116b46e6543597a11733424cd1aa20">stringify</a>(address-><a class="code" href="classprocess_1_1network_1_1inet_1_1Address.html#a3e0a3cf87d1bcdfdeb68a82a8595b0fd">ip</a>),</div><div class="line"><a name="l00354"></a><span class="lineno"> 354</span>  <span class="s tringliteral">"--port="</span> + <a class="code" href="namespacens.html#a28116b46e6543597a11733424cd1aa20">stringify</a>(address-><a class="code" href="classprocess_1_1network_1_1inet_1_1Address.html#ae3e7e66a36596662847c5a36b114af15">port</a>),</div><div class="line"><a name="l00355"></a><span class="lineno"> 355</span>  <span class="stringliteral">"--data="</span> + data};</div><div class="line"><a name="l00356"></a><span class="lineno"> 356</span> </div><div class="line"><a name="l00357"></a><span class="lineno"> 357</span>  <a class="code" href="classResult.html">Result<std::string></a> <a class="code" href="namespacepath.html">path</a> = <a class="code" href="namespaceos.html#aa533c79d98af12b40b567a851e442373">os::realpath</a>(BUILD_DIR);</div><div class="line"><a name="l00358"></a><span class="lineno"> 358</span>  <span class="keywordflow">if</span> (!path.<a class="code" href="classResult.html#a85eaa52037223d7109 2e65701c166562">isSome</a>()) {</div><div class="line"><a name="l00359"></a><span class="lineno"> 359</span>  <span class="keywordflow">return</span> <a class="code" href="classError.html">Error</a>(<span class="stringliteral">"Could not establish build directory path"</span>);</div><div class="line"><a name="l00360"></a><span class="lineno"> 360</span>  }</div><div class="line"><a name="l00361"></a><span class="lineno"> 361</span> </div><div class="line"><a name="l00362"></a><span class="lineno"> 362</span>  <span class="comment">// Explicitly set `LIBPROCESS_IP` in the subprocess to the same IP that was</span></div><div class="line"><a name="l00363"></a><span class="lineno"> 363</span>  <span class="comment">// used to generate the hostname for SSL certificates. This ensures that</span></div><div class="line"><a name="l00364"></a><span class="lineno"> 364</span>  <span class="comment">// certificate verification can su cceed.</span></div><div class="line"><a name="l00365"></a><span class="lineno"> 365</span>  std::map<std::string, std::string> full_environment(environment);</div><div class="line"><a name="l00366"></a><span class="lineno"> 366</span>  full_environment[<span class="stringliteral">"LIBPROCESS_IP"</span>] = <a class="code" href="namespacens.html#a28116b46e6543597a11733424cd1aa20">stringify</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip);</div><div class="line"><a name="l00367"></a><span class="lineno"> 367</span> </div><div class="line"><a name="l00368"></a><span class="lineno"> 368</span>  <span class="keywordflow">return</span> <a class="code" href="namespaceprocess.html#aabc8d31889b5a325275d13d7bcef6a9c">process::subprocess</a>(</div><div class="line"><a name="l00369"></a><span class="lineno"> 369</span>  <a class="code" href="namespacepath.html#aa86b16a2171ce c90bb3337930513ef0f">path::join</a>(path.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(), <span class="stringliteral">"ssl-client"</span>),</div><div class="line"><a name="l00370"></a><span class="lineno"> 370</span>  argv,</div><div class="line"><a name="l00371"></a><span class="lineno"> 371</span>  <a class="code" href="classprocess_1_1Subprocess.html#a6af5024bd1932707893908fceb86ddad">process::Subprocess::PIPE</a>(),</div><div class="line"><a name="l00372"></a><span class="lineno"> 372</span>  <a class="code" href="classprocess_1_1Subprocess.html#a6af5024bd1932707893908fceb86ddad">process::Subprocess::PIPE</a>(),</div><div class="line"><a name="l00373"></a><span class="lineno"> 373</span>  <a class="code" href="classprocess_1_1Subprocess.html#aaa6e1b76ef54ed6db34d595811122ce0">process::Subprocess::FD</a>(<a class="code" href="3rdparty_2stout_2include_2stout_2windows_8hpp.html#ae2fe17 25bb5e9823d089c46b9ed5266e">STDERR_FILENO</a>),</div><div class="line"><a name="l00374"></a><span class="lineno"> 374</span>  <span class="keyword">nullptr</span>,</div><div class="line"><a name="l00375"></a><span class="lineno"> 375</span>  full_environment);</div><div class="line"><a name="l00376"></a><span class="lineno"> 376</span>  }</div><div class="line"><a name="l00377"></a><span class="lineno"> 377</span> </div><div class="line"><a name="l00378"></a><span class="lineno"> 378</span>  <span class="keyword">static</span> constexpr <span class="keywordtype">size_t</span> <a class="code" href="namespacerouting_1_1queueing_1_1statistics.html#afe8c444f1d99c4ed31c37e7dee3fecfa">BACKLOG</a> = 5;</div><div class="line"><a name="l00379"></a><span class="lineno"> 379</span> </div><div class="line"><a name="l00380"></a><span class="lineno"> 380</span>  <span class="keyword">const</span> std::string data;</div><div class="line">< a name="l00381"></a><span class="lineno"> 381</span> };</div><div class="line"><a name="l00382"></a><span class="lineno"> 382</span> </div><div class="line"><a name="l00383"></a><span class="lineno"> 383</span> <span class="preprocessor">#endif // USE_SSL_SOCKET</span></div><div class="line"><a name="l00384"></a><span class="lineno"> 384</span> </div><div class="line"><a name="l00385"></a><span class="lineno"> 385</span> <span class="preprocessor">#endif // __PROCESS_SSL_TEST_HPP__</span></div><div class="ttc" id="namespacepath_html"><div class="ttname"><a href="namespacepath.html">path</a></div><div class="ttdef"><b>Definition:</b> path.hpp:26</div></div> +<a href="libprocess_2include_2process_2ssl_2gtest_8hpp.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">// Licensed to the Apache Software Foundation (ASF) under one</span></div><div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment">// or more contributor license agreements. See the NOTICE file</span></div><div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment">// distributed with this work for additional information</span></div><div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment">// regarding copyright ownership. The ASF licenses this file</span></div><div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment">// to you under the Apache License, Version 2.0 (the</span></div><div class="lin e"><a name="l00006"></a><span class="lineno"> 6</span> <span class="comment">// "License"); you may not use this file except in compliance</span></div><div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="comment">// with the License. You may obtain a copy of the License at</span></div><div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="comment">//</span></div><div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="comment">// http://www.apache.org/licenses/LICENSE-2.0</span></div><div class="line"><a name="l00010"></a><span class="lineno"> 10</span> <span class="comment">//</span></div><div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="comment">// Unless required by applicable law or agreed to in writing, software</span></div><div class="line"><a name="l00012"></a><span class="lineno"> 12</span> < span class="comment">// distributed under the License is distributed on an "AS IS" BASIS,</span></div><div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="comment">// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></div><div class="line"><a name="l00014"></a><span class="lineno"> 14</span> <span class="comment">// See the License for the specific language governing permissions and</span></div><div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="comment">// limitations under the License.</span></div><div class="line"><a name="l00016"></a><span class="lineno"> 16</span> </div><div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="preprocessor">#ifndef __PROCESS_SSL_TEST_HPP__</span></div><div class="line"><a name="l00018"></a><span class="lineno"> 18</span> <span class="preprocessor">#define __PROCESS_SSL_TEST_HP P__</span></div><div class="line"><a name="l00019"></a><span class="lineno"> 19</span> </div><div class="line"><a name="l00020"></a><span class="lineno"> 20</span> <span class="preprocessor">#ifdef USE_SSL_SOCKET</span></div><div class="line"><a name="l00021"></a><span class="lineno"> 21</span> <span class="preprocessor">#include <string></span></div><div class="line"><a name="l00022"></a><span class="lineno"> 22</span> </div><div class="line"><a name="l00023"></a><span class="lineno"> 23</span> <span class="preprocessor">#include <openssl/rsa.h></span></div><div class="line"><a name="l00024"></a><span class="lineno"> 24</span> <span class="preprocessor">#include <openssl/bio.h></span></div><div class="line"><a name="l00025"></a><span class="lineno"> 25</span> <span class="preprocessor">#include <openssl/x509.h></span></div><div class="line"><a name="l00026"></a><span class="lineno"> 26</span> <span clas s="preprocessor">#include <openssl/x509v3.h></span></div><div class="line"><a name="l00027"></a><span class="lineno"> 27</span> </div><div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="preprocessor">#include <<a class="code" href="3rdparty_2libprocess_2include_2process_2io_8hpp.html">process/io.hpp</a>></span></div><div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="preprocessor">#include <<a class="code" href="libprocess_2include_2process_2process_8hpp.html">process/process.hpp</a>></span></div><div class="line"><a name="l00030"></a><span class="lineno"> 30</span> <span class="preprocessor">#include <<a class="code" href="libprocess_2include_2process_2socket_8hpp.html">process/socket.hpp</a>></span></div><div class="line"><a name="l00031"></a><span class="lineno"> 31</span> <span class="preprocessor">#include <<a class="code" href="subprocess_8hpp.html">pro cess/subprocess.hpp</a>></span></div><div class="line"><a name="l00032"></a><span class="lineno"> 32</span> </div><div class="line"><a name="l00033"></a><span class="lineno"> 33</span> <span class="preprocessor">#include <<a class="code" href="utilities_8hpp.html">process/ssl/utilities.hpp</a>></span></div><div class="line"><a name="l00034"></a><span class="lineno"> 34</span> </div><div class="line"><a name="l00035"></a><span class="lineno"> 35</span> <span class="preprocessor">#include <<a class="code" href="none_8hpp.html">stout/none.hpp</a>></span></div><div class="line"><a name="l00036"></a><span class="lineno"> 36</span> <span class="preprocessor">#include <<a class="code" href="option_8hpp.html">stout/option.hpp</a>></span></div><div class="line"><a name="l00037"></a><span class="lineno"> 37</span> <span class="preprocessor">#include <<a class="code" href="try_8hpp.html">stout/try.hpp</a>></span></div><div cl ass="line"><a name="l00038"></a><span class="lineno"> 38</span> <span class="preprocessor">#include <<a class="code" href="result_8hpp.html">stout/result.hpp</a>></span></div><div class="line"><a name="l00039"></a><span class="lineno"> 39</span> </div><div class="line"><a name="l00040"></a><span class="lineno"> 40</span> <span class="preprocessor">#include <<a class="code" href="realpath_8hpp.html">stout/os/realpath.hpp</a>></span></div><div class="line"><a name="l00041"></a><span class="lineno"> 41</span> <span class="preprocessor">#endif // USE_SSL_SOCKET</span></div><div class="line"><a name="l00042"></a><span class="lineno"> 42</span> </div><div class="line"><a name="l00043"></a><span class="lineno"> 43</span> <span class="preprocessor">#include <<a class="code" href="3rdparty_2stout_2include_2stout_2tests_2utils_8hpp.html">stout/tests/utils.hpp</a>></span></div><div class="line"><a name="l00044"></a><span class="lineno "> 44</span> </div><div class="line"><a name="l00045"></a><span class="lineno"> 45</span> <span class="preprocessor">#ifdef USE_SSL_SOCKET</span></div><div class="line"><a name="l00046"></a><span class="lineno"> 46</span> <span class="keyword">namespace </span><a class="code" href="namespaceprocess.html">process</a> {</div><div class="line"><a name="l00047"></a><span class="lineno"> 47</span> <span class="keyword">namespace </span>network {</div><div class="line"><a name="l00048"></a><span class="lineno"> 48</span> <span class="keyword">namespace </span>openssl {</div><div class="line"><a name="l00049"></a><span class="lineno"> 49</span> </div><div class="line"><a name="l00050"></a><span class="lineno"> 50</span> <span class="comment">// Forward declare the `reinitialize()` function since we want to</span></div><div class="line"><a name="l00051"></a><span class="lineno"> 51</span> <span class="comment">// programatically change SSL flags during tests.</span></div><div class="line"><a name="l00052"></a><span class="lineno"> 52</span> <span class="keywordtype">void</span> reinitialize();</div><div class="line"><a name="l00053"></a><span class="lineno"> 53</span> </div><div class="line"><a name="l00054"></a><span class="lineno"> 54</span> } <span class="comment">// namespace openssl {</span></div><div class="line"><a name="l00055"></a><span class="lineno"> 55</span> } <span class="comment">// namespace network {</span></div><div class="line"><a name="l00056"></a><span class="lineno"> 56</span> } <span class="comment">// namespace process {</span></div><div class="line"><a name="l00057"></a><span class="lineno"> 57</span> <span class="preprocessor">#endif // USE_SSL_SOCKET</span></div><div class="line"><a name="l00058"></a><span class="lineno"> 58</span> </div><div class="line"><a name="l00059"></a><span class="lineno"> 59</span> <span class="comment">// When SSL is not compiled in, we want the `SSLTemporaryDirectoryTest` class</span></div><div class="line"><a name="l00060"></a><span class="lineno"> 60</span> <span class="comment">// to exist, so that other tests can inherit it; this class is equivalent</span></div><div class="line"><a name="l00061"></a><span class="lineno"> 61</span> <span class="comment">// to the `TemporaryDirectoryTest` under that condition.</span></div><div class="line"><a name="l00062"></a><span class="lineno"> 62</span> <span class="preprocessor">#ifndef USE_SSL_SOCKET</span></div><div class="line"><a name="l00063"></a><span class="lineno"><a class="line" href="classSSLTemporaryDirectoryTest.html"> 63</a></span> <span class="keyword">class </span><a class="code" href="classSSLTemporaryDirectoryTest.html">SSLTemporaryDirectoryTest</a> : <span class="keyword">public</span> <a class="code" href="classTemporaryDirectoryTest.html">TemporaryDirectoryTest</a> {};</div><div class="line">< a name="l00064"></a><span class="lineno"> 64</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00065"></a><span class="lineno"> 65</span> </div><div class="line"><a name="l00069"></a><span class="lineno"> 69</span> <span class="keyword">class </span><a class="code" href="classSSLTemporaryDirectoryTest.html">SSLTemporaryDirectoryTest</a> : <span class="keyword">public</span> <a class="code" href="classTemporaryDirectoryTest.html">TemporaryDirectoryTest</a></div><div class="line"><a name="l00070"></a><span class="lineno"> 70</span> {</div><div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="keyword">public</span>:</div><div class="line"><a name="l00072"></a><span class="lineno"> 72</span>  <span class="keyword">static</span> <span class="keywordtype">void</span> TearDownTestCase()</div><div class="line"><a name="l00073"></a><span class="lineno"> 73</span>  {</div><div class= "line"><a name="l00074"></a><span class="lineno"> 74</span>  <span class="comment">// Clear and reset any environment variables.</span></div><div class="line"><a name="l00075"></a><span class="lineno"> 75</span>  set_environment_variables({});</div><div class="line"><a name="l00076"></a><span class="lineno"> 76</span>  }</div><div class="line"><a name="l00077"></a><span class="lineno"> 77</span> </div><div class="line"><a name="l00078"></a><span class="lineno"> 78</span> <span class="keyword">protected</span>:</div><div class="line"><a name="l00082"></a><span class="lineno"> 82</span>  <a class="code" href="classPath.html">Path</a> key_path()</div><div class="line"><a name="l00083"></a><span class="lineno"> 83</span>  {</div><div class="line"><a name="l00084"></a><span class="lineno"> 84</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath .html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"key.pem"</span>));</div><div class="line"><a name="l00085"></a><span class="lineno"> 85</span>  }</div><div class="line"><a name="l00086"></a><span class="lineno"> 86</span> </div><div class="line"><a name="l00090"></a><span class="lineno"> 90</span>  <a class="code" href="classPath.html">Path</a> certificate_path()</div><div class="line"><a name="l00091"></a><span class="lineno"> 91</span>  {</div><div class="line"><a name="l00092"></a><span class="lineno"> 92</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringlitera l">"cert.pem"</span>));</div><div class="line"><a name="l00093"></a><span class="lineno"> 93</span>  }</div><div class="line"><a name="l00094"></a><span class="lineno"> 94</span> </div><div class="line"><a name="l00098"></a><span class="lineno"> 98</span>  <a class="code" href="classPath.html">Path</a> scrap_key_path()</div><div class="line"><a name="l00099"></a><span class="lineno"> 99</span>  {</div><div class="line"><a name="l00100"></a><span class="lineno"> 100</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"scrap_key.pem"</span>));</div><div class="line"><a name="l00101"></a><span class="lineno"> 101</span>  }</div><div class="line"><a name="l00102"></a><spa n class="lineno"> 102</span> </div><div class="line"><a name="l00106"></a><span class="lineno"> 106</span>  <a class="code" href="classPath.html">Path</a> scrap_certificate_path()</div><div class="line"><a name="l00107"></a><span class="lineno"> 107</span>  {</div><div class="line"><a name="l00108"></a><span class="lineno"> 108</span>  <span class="keywordflow">return</span> <a class="code" href="classPath.html">Path</a>(<a class="code" href="namespacepath.html#aa86b16a2171cec90bb3337930513ef0f">path::join</a>(<a class="code" href="namespaceos.html#a84a3290f051cdd50d88e0fd611645d4a">os::getcwd</a>(), <span class="stringliteral">"scrap_cert.pem"</span>));</div><div class="line"><a name="l00109"></a><span class="lineno"> 109</span>  }</div><div class="line"><a name="l00110"></a><span class="lineno"> 110</span> </div><div class="line"><a name="l00115"></a><span class="lineno"> 115</span>  <span class="keyword">static</span> <sp an class="keywordtype">void</span> set_environment_variables(</div><div class="line"><a name="l00116"></a><span class="lineno"> 116</span>  <span class="keyword">const</span> std::map<std::string, std::string>& <a class="code" href="namespacemesos_1_1internal_1_1tests.html#a1396c5e3b0a179220de2792d74770ec2">environment</a>)</div><div class="line"><a name="l00117"></a><span class="lineno"> 117</span>  {</div><div class="line"><a name="l00118"></a><span class="lineno"> 118</span>  <span class="comment">// This unsets all the SSL environment variables. Necessary for</span></div><div class="line"><a name="l00119"></a><span class="lineno"> 119</span>  <span class="comment">// ensuring a clean starting slate between tests.</span></div><div class="line"><a name="l00120"></a><span class="lineno"> 120</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPR OCESS_SSL_ENABLED"</span>);</div><div class="line"><a name="l00121"></a><span class="lineno"> 121</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_SUPPORT_DOWNGRADE"</span>);</div><div class="line"><a name="l00122"></a><span class="lineno"> 122</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CERT_FILE"</span>);</div><div class="line"><a name="l00123"></a><span class="lineno"> 123</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_KEY_FILE"</span>);</div><div class="line"><a name="l00124"></a><span class="lineno"> 124</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringlite ral">"LIBPROCESS_SSL_VERIFY_CERT"</span>);</div><div class="line"><a name="l00125"></a><span class="lineno"> 125</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_REQUIRE_CERT"</span>);</div><div class="line"><a name="l00126"></a><span class="lineno"> 126</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_VERIFY_DEPTH"</span>);</div><div class="line"><a name="l00127"></a><span class="lineno"> 127</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CA_DIR"</span>);</div><div class="line"><a name="l00128"></a><span class="lineno"> 128</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span c lass="stringliteral">"LIBPROCESS_SSL_CA_FILE"</span>);</div><div class="line"><a name="l00129"></a><span class="lineno"> 129</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_CIPHERS"</span>);</div><div class="line"><a name="l00130"></a><span class="lineno"> 130</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_SSL_V3"</span>);</div><div class="line"><a name="l00131"></a><span class="lineno"> 131</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_0"</span>);</div><div class="line"><a name="l00132"></a><span class="lineno"> 132</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::uns etenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_1"</span>);</div><div class="line"><a name="l00133"></a><span class="lineno"> 133</span>  <a class="code" href="namespaceos.html#a7471e14f4cbd7e23b5daa21e556f4eb5">os::unsetenv</a>(<span class="stringliteral">"LIBPROCESS_SSL_ENABLE_TLS_V1_2"</span>);</div><div class="line"><a name="l00134"></a><span class="lineno"> 134</span> </div><div class="line"><a name="l00135"></a><span class="lineno"> 135</span>  <span class="comment">// Copy the given map into the clean slate.</span></div><div class="line"><a name="l00136"></a><span class="lineno"> 136</span>  <a class="code" href="foreach_8hpp.html#a66900b166526abe66464d6597536b111">foreachpair</a> (</div><div class="line"><a name="l00137"></a><span class="lineno"> 137</span>  <span class="keyword">const</span> std::string& <a class="code" href="namespaceos_1_1Shell.html#acfe16ef2b1146ad49a8651c0a457ce46" >name</a>, <span class="keyword">const</span> std::string& value, >environment) {</div><div class="line"><a name="l00138"></a><span >class="lineno"> 138</span>  <a class="code" >href="namespaceos.html#ac0f608e2a32764327e38c53d0d51527d">os::setenv</a>(name, > value);</div><div class="line"><a name="l00139"></a><span class="lineno"> >139</span>  }</div><div class="line"><a name="l00140"></a><span >class="lineno"> 140</span> </div><div class="line"><a >name="l00141"></a><span class="lineno"> 141</span>  <span >class="comment">// Make sure the library internally reflects the new >environment variables.</span></div><div class="line"><a >name="l00142"></a><span class="lineno"> 142</span>  >process::network::openssl::reinitialize();</div><div class="line"><a >name="l00143"></a><span class="lineno"> 143</span>  }</div><div >class="line"><a name="l00144"></a><span class="lineno"> >144</span> </div><div class="line"><a name="l00152"></a><span clas s="lineno"> 152</span>  <span class="keywordtype">void</span> generate_keys_and_certs() {</div><div class="line"><a name="l00153"></a><span class="lineno"> 153</span>  <span class="comment">// We store the allocated objects in these results so that we can</span></div><div class="line"><a name="l00154"></a><span class="lineno"> 154</span>  <span class="comment">// have a consolidated 'cleanup()' function. This makes all the</span></div><div class="line"><a name="l00155"></a><span class="lineno"> 155</span>  <span class="comment">// 'EXIT()' calls more readable and less error prone.</span></div><div class="line"><a name="l00156"></a><span class="lineno"> 156</span>  <a class="code" href="classResult.html">Result<EVP_PKEY*></a> private_key = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <a class="code" href="classResult.html">Resul t<X509*></a> certificate = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00158"></a><span class="lineno"> 158</span>  <a class="code" href="classResult.html">Result<EVP_PKEY*></a> scrap_key = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00159"></a><span class="lineno"> 159</span>  <a class="code" href="classResult.html">Result<X509*></a> scrap_certificate = <a class="code" href="structNone.html">None</a>();</div><div class="line"><a name="l00160"></a><span class="lineno"> 160</span> </div><div class="line"><a name="l00161"></a><span class="lineno"> 161</span>  <span class="keyword">auto</span> <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a> = [&private_key, &certificate, &scrap_key, &scrap_certificate](</div><div class="line"><a name="l00162"></a><span class="lineno"> 162</span>  <span class="keyword">const</span> <a class="code" href="classOption.html">Option<std::string></a> abort_message = <a class="code" href="structNone.html">None</a>()) {</div><div class="line"><a name="l00163"></a><span class="lineno"> 163</span>  <span class="keywordflow">if</span> (private_key.<a class="code" href="classResult.html#a85eaa52037223d71092e65701c166562">isSome</a>()) { EVP_PKEY_free(private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>()); }</div><div class="line"><a name="l00164"></a><span class="lineno"> 164</span>  <span class="keywordflow">if</span> (certificate.isSome()) { X509_free(certificate.get()); }</div><div class="line"><a name="l00165"></a><span class="lineno"> 165</span>  <span class="keywordflow">if</span> (scrap_key.isSome()) { EVP_PKEY_free(scrap_key.get()); }</div><div class="line"><a name="l00166"></a><span class="lineno"> 166</span>  <span class="keywordflow">if</span > (scrap_certificate.<a class="code" > href="classResult.html#a85eaa52037223d71092e65701c166562">isSome</a>()) { > X509_free(scrap_certificate.<a class="code" > href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>()); > }</div><div class="line"><a name="l00167"></a><span class="lineno"> > 167</span> </div><div class="line"><a name="l00168"></a><span > class="lineno"> 168</span>  <span class="comment">// We abort > here because failure during setup indicates that something</span></div><div > class="line"><a name="l00169"></a><span class="lineno"> 169</span>  > <span class="comment">// is horribly and irrecoverably > wrong.</span></div><div class="line"><a name="l00170"></a><span > class="lineno"> 170</span>  <span class="keywordflow">if</span> > (abort_message.isSome()) {</div><div class="line"><a name="l00171"></a><span > class="lineno"> 171</span>  <a class="code" > href="abort_8hpp.html#a4d84a74fe6e4f84bc3d2f901b9e89f93">ABORT</a>(abort_message .get());</div><div class="line"><a name="l00172"></a><span class="lineno"> 172</span>  }</div><div class="line"><a name="l00173"></a><span class="lineno"> 173</span>  };</div><div class="line"><a name="l00174"></a><span class="lineno"> 174</span> </div><div class="line"><a name="l00175"></a><span class="lineno"> 175</span>  <span class="comment">// Generate the authority key.</span></div><div class="line"><a name="l00176"></a><span class="lineno"> 176</span>  private_key = process::network::openssl::generate_private_rsa_key();</div><div class="line"><a name="l00177"></a><span class="lineno"> 177</span>  <span class="keywordflow">if</span> (private_key.<a class="code" href="classResult.html#aeca16ad17d299ad885c9b46c83b12a3d">isError</a>()) {</div><div class="line"><a name="l00178"></a><span class="lineno"> 178</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class=" stringliteral">"Could not generate private key: "</span> + private_key.<a class="code" href="classResult.html#a521adf96f5c27d26d6b1d580aae8aaee">error</a>());</div><div class="line"><a name="l00179"></a><span class="lineno"> 179</span>  }</div><div class="line"><a name="l00180"></a><span class="lineno"> 180</span> </div><div class="line"><a name="l00181"></a><span class="lineno"> 181</span>  <span class="comment">// Figure out the hostname that libprocess is advertising.</span></div><div class="line"><a name="l00182"></a><span class="lineno"> 182</span>  <span class="comment">// Set the hostname of the certificate to this hostname so that</span></div><div class="line"><a name="l00183"></a><span class="lineno"> 183</span>  <span class="comment">// hostname verification of the certificate will pass.</span></div><div class="line"><a name="l00184"></a><span class="lineno"> 184</span>  <a class="code" href="classTry.html">Try&l t;std::string></a> <a class="code" href="namespacenet.html#a28018530986e91a179ea6239fdf0a447">hostname</a> = <a class="code" href="namespacenet.html#a9228d72b9850d1b39d54b5784068fa1f">net::getHostname</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip);</div><div class="line"><a name="l00185"></a><span class="lineno"> 185</span>  <span class="keywordflow">if</span> (hostname.isError()) {</div><div class="line"><a name="l00186"></a><span class="lineno"> 186</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not determine hostname of libprocess: "</span> +</div><div class="line"><a name="l00187"></a><span class="lineno"> 187</span>  hostname.error());</div><div class="line"><a name="l00188"></a><span class="lineno"> 188</span>  }</div><div class="line"><a name="l00189"></a><span class=" lineno"> 189</span> </div><div class="line"><a name="l00190"></a><span class="lineno"> 190</span>  <span class="comment">// Generate an authorized certificate.</span></div><div class="line"><a name="l00191"></a><span class="lineno"> 191</span>  certificate = process::network::openssl::generate_x509(</div><div class="line"><a name="l00192"></a><span class="lineno"> 192</span>  private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(),</div><div class="line"><a name="l00193"></a><span class="lineno"> 193</span>  private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(),</div><div class="line"><a name="l00194"></a><span class="lineno"> 194</span>  <a class="code" href="structNone.html">None</a>(),</div><div class="line"><a name="l00195"></a><span class="lineno"> 195</span>  1,</div><div class="line"><a name="l00196"></a><span class="lin eno"> 196</span>  365,</div><div class="line"><a name="l00197"></a><span class="lineno"> 197</span>  hostname.get(),</div><div class="line"><a name="l00198"></a><span class="lineno"> 198</span>  <a class="code" href="classnet_1_1IP.html">net::IP</a>(<a class="code" href="namespaceprocess.html#afdecc57ab065ab5d354e728d0ef0ff34">process::address</a>().ip));</div><div class="line"><a name="l00199"></a><span class="lineno"> 199</span> </div><div class="line"><a name="l00200"></a><span class="lineno"> 200</span>  <span class="keywordflow">if</span> (certificate.isError()) {</div><div class="line"><a name="l00201"></a><span class="lineno"> 201</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not generate certificate: "</span> + certificate.error());</div><div class="line"><a name="l00202"></a><span class="lineno"> 202</span>  }</div><div class="line"><a name="l00203"></a><span class="lineno"> 203</span> </div><div class="line"><a name="l00204"></a><span class="lineno"> 204</span>  <span class="comment">// Write the authority key to disk.</span></div><div class="line"><a name="l00205"></a><span class="lineno"> 205</span>  <a class="code" href="classTry.html">Try<Nothing></a> key_write =</div><div class="line"><a name="l00206"></a><span class="lineno"> 206</span>  process::network::openssl::write_key_file(private_key.<a class="code" href="classResult.html#aedf79f3b14dcda5791b84a64ada4d412">get</a>(), key_path());</div><div class="line"><a name="l00207"></a><span class="lineno"> 207</span> </div><div class="line"><a name="l00208"></a><span class="lineno"> 208</span>  <span class="keywordflow">if</span> (key_write.isError()) {</div><div class="line"><a name="l00209"></a><span class="lineno"> 209</span>  <a class="code" href="namespacecgro ups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write private key to disk: "</span> + key_write.error());</div><div class="line"><a name="l00210"></a><span class="lineno"> 210</span>  }</div><div class="line"><a name="l00211"></a><span class="lineno"> 211</span> </div><div class="line"><a name="l00212"></a><span class="lineno"> 212</span>  <span class="comment">// Write the authorized certificate to disk.</span></div><div class="line"><a name="l00213"></a><span class="lineno"> 213</span>  <a class="code" href="classTry.html">Try<Nothing></a> certificate_write =</div><div class="line"><a name="l00214"></a><span class="lineno"> 214</span>  process::network::openssl::write_certificate_file(</div><div class="line"><a name="l00215"></a><span class="lineno"> 215</span>  certificate.get(),</div><div class="line"><a name="l00216"></a><span class="lineno"> 216</span> 0; certificate_path());</div><div class="line"><a name="l00217"></a><span class="lineno"> 217</span> </div><div class="line"><a name="l00218"></a><span class="lineno"> 218</span>  <span class="keywordflow">if</span> (certificate_write.isError()) {</div><div class="line"><a name="l00219"></a><span class="lineno"> 219</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not write certificate to disk: "</span> +</div><div class="line"><a name="l00220"></a><span class="lineno"> 220</span>  certificate_write.error());</div><div class="line"><a name="l00221"></a><span class="lineno"> 221</span>  }</div><div class="line"><a name="l00222"></a><span class="lineno"> 222</span> </div><div class="line"><a name="l00223"></a><span class="lineno"> 223</span>  <span class="comment">// Generate a scrap key.</span></div><div class="li ne"><a name="l00224"></a><span class="lineno"> 224</span>  scrap_key = process::network::openssl::generate_private_rsa_key();</div><div class="line"><a name="l00225"></a><span class="lineno"> 225</span>  <span class="keywordflow">if</span> (scrap_key.isError()) {</div><div class="line"><a name="l00226"></a><span class="lineno"> 226</span>  <a class="code" href="namespacecgroups.html#a12d210f286e5fcf7993c0c90b9459606">cleanup</a>(<span class="stringliteral">"Could not generate a scrap private key: "</span> + scrap_key.error());</div><div class="line"><a name="l00227"></a><span class="lineno"> 227</span>  }</div><div class="line"><a name="l00228"></a><span class="lineno"> 228</span> </div><div class="line"><a name="l00229"></a><span class="lineno"> 229</span>  <span class="comment">// Write the scrap key to disk.</span></div><div class="line"><a name="l00230"></a><span class="lineno"> 230</span>  key_write = proce ss::network::openssl::write_key_file(</div><div class="line"><a name="l00231"></a><span class="lineno"> 231</span>  scrap_key.get(),</div><div class="line"><a name="l00232"></a><span class="lineno"> 232</span>  scrap_key_path());</div><div class="line"><a name="l00233"></a><span class="lineno"> 233</span> </div><div c
<TRUNCATED>