Hello On Tue, Feb 11, 2020 at 9:21 AM Yuxuan Wang <yuxuan.w...@reddit.com> wrote:
> I believe you can't get that in your handler function now. You'll need to > make some changes to the library code to inject the info to the context > object passed to the handlers. > > The easiest way to do so is probably similar to how we inject THeader > headers here: > https://github.com/apache/thrift/blob/ded326101af3c6c9daad9814ce6404d385f36a1f/lib/go/thrift/simple_server.go#L281-L293, > basically check if outputTransport is wrapping TSSLSocket, and get the > ConnectionState struct there. But "wrapping" is the tricky word here, as we > rarely use TSSLSocket directly, and it's usually wrapped layers of > transport wrappers, and there's no common interface to unwrap them. > Thank you for the information. I wonder if in this case it would be better to "wrap" the Connection object that might be useful for other operations. While modifying the library itself is one option I wonder if there other possibilities. For example avoid using thrift.NewTSimpleServer4 and handle incoming connections in the application code itself. Something like simple_server.go does but explicitly in the code. Is it something doable and if yes are there any good examples that achieve it? > If you do want to go that route, please create a JIRA ticket first: > https://issues.apache.org/jira/browse/THRIFT > > On Mon, Feb 10, 2020 at 11:26 PM Anatol Pomozov <anatol.pomo...@gmail.com> > wrote: > >> Hello folks >> >> I have a simple Thrift server that utilizes TLS. I was using sample code >> and it works fine >> >> protocolFactory := thrift.NewTBinaryProtocolFactoryDefault() >> transportFactory := thrift.NewTBufferedTransportFactory(8192) >> transport, err := thrift.NewTSSLServerSocket(ADDRESS, tlsConf) >> handler := &MyHandler{} >> processor := my.NewMyProcessor(handler) >> server := thrift.NewTSimpleServer4(processor, transport, >> transportFactory, protocolFactory) >> >> I see a client (also written in Go) can connect the server and call >> following function: >> >> func (p *MyHandler) GetKey(ctx context.Context, req *KeyRequest) (resp >> *KeyResponse, err error) { >> return nil, &KeyNotFound{} >> } >> >> In my handler function I want to get information about client's >> certificate to get its id. And I need to get >> https://golang.org/pkg/crypto/tls/#Conn.ConnectionState struct from >> Connection object. >> >> So my question - how do I get access to TLS connection info from my >> handler. I was trying to google but did not find any good examples on this >> topic. >> >
