[
https://issues.apache.org/jira/browse/THRIFT-151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12650102#action_12650102
]
ipye edited comment on THRIFT-151 at 11/23/08 8:26 PM:
----------------------------------------------------------
New patch submitted reflecting Ping's comments.
I created TSSLContext and TSSLTransport classes.
TSSLContext is a wrapper around a SSL Context class.
Most of the ssl resources are handled by this class. It can be passed as a
boost::shared_ptr to the TSSLSocket and TSSLServerSocket classes.
The TSSLTransport handles X509 cert verification, and is inherited from both
TSSLSocket and TSSLServerSocket classes.
Multithreading is left out, as I feel that it is already handled at the TServer
level.
By default, only SSLv3 is supported now, and both servers and clients supply
certificates. Also, supplied certs are checked to make sure the subject name
matches the host they are connecting to.
was (Author: ipye):
New patch reflecting Ping's comments
> TSSLServerSocket and TSSLSocket implementation
> ----------------------------------------------
>
> Key: THRIFT-151
> URL: https://issues.apache.org/jira/browse/THRIFT-151
> Project: Thrift
> Issue Type: Improvement
> Components: Library (C++)
> Reporter: Ian Pye
> Attachments: ssl.patch
>
> Original Estimate: 6h
> Remaining Estimate: 6h
>
> SSL Connections w/ autogenerated self signed x509 certs seem to be the state
> of the art for rpc layers.
> It would be good if there was a C++ implementation of TSocket and
> TServerSocket classes.
> This is similar to the Java issue Thrift 106.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
