diff options
author | James E. King, III <jking@apache.org> | 2017-02-20 08:52:11 -0500 |
---|---|---|
committer | James E. King, III <jking@apache.org> | 2017-02-20 08:52:11 -0500 |
commit | 06190874c8ba8f3a0c7ae83a59965d56c205e080 (patch) | |
tree | fa2bedf10194cb1ec79b2d9546b4917bc4107e59 /test/cpp | |
parent | 239233afb6fd5bd2fb81743e88303c9ac17d7edb (diff) | |
download | thrift-06190874c8ba8f3a0c7ae83a59965d56c205e080.tar.gz |
THRIFT-4084: Add a SSL/TLS negotiation check to crossfeature to verify SSLv3 is not active and that at least one of TLSv1.0 through 1.2 are accepted.
Client: csharp, d, go, nodejs, perl
This closes #1197
Diffstat (limited to 'test/cpp')
-rw-r--r-- | test/cpp/src/TestClient.cpp | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/test/cpp/src/TestClient.cpp b/test/cpp/src/TestClient.cpp index da20b892e..a918bfba4 100644 --- a/test/cpp/src/TestClient.cpp +++ b/test/cpp/src/TestClient.cpp @@ -136,8 +136,11 @@ int main(int argc, char** argv) { int ERR_EXCEPTIONS = 8; int ERR_UNKNOWN = 64; - string testDir = boost::filesystem::system_complete(argv[0]).parent_path().parent_path().parent_path().string(); - string pemPath = testDir + "/keys/CA.pem"; + string testDir = boost::filesystem::system_complete(argv[0]).parent_path().parent_path().parent_path().string(); + string caPath = testDir + "/keys/CA.pem"; + string certPath = testDir + "/keys/client.crt"; + string keyPath = testDir + "/keys/client.key"; + #if _WIN32 transport::TWinsockSingleton::create(); #endif @@ -232,9 +235,15 @@ int main(int argc, char** argv) { boost::shared_ptr<TSSLSocketFactory> factory; if (ssl) { + cout << "Client Certificate File: " << certPath << endl; + cout << "Client Key File: " << keyPath << endl; + cout << "CA File: " << caPath << endl; + factory = boost::shared_ptr<TSSLSocketFactory>(new TSSLSocketFactory()); factory->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); - factory->loadTrustedCertificates(pemPath.c_str()); + factory->loadTrustedCertificates(caPath.c_str()); + factory->loadCertificate(certPath.c_str()); + factory->loadPrivateKey(keyPath.c_str()); factory->authenticate(true); socket = factory->createSocket(host, port); } else { |