THRIFT-2109 Secure connections should be supported in Go

Patch: Justin Judd

6 files changed, 87 insertions, 8 deletions

diff --git a/tutorial/go/Makefile.am b/tutorial/go/Makefile.am
index 5b1f71001..5df065a46 100644
--- a/tutorial/go/Makefile.am
+++ b/tutorial/go/Makefile.am
@@ -40,7 +40,13 @@ tutorialserver: all
 	GOPATH=`pwd` $(GO) run src/*.go -server=true
 
 tutorialclient: all
-	GOPATH=`pwd` $(GO) run src/*.go -client=true
+	GOPATH=`pwd` $(GO) run src/*.go 
+
+tutorialsecureserver: all
+	GOPATH=`pwd` $(GO) run src/*.go -server=true -secure=true
+
+tutorialsecureclient: all
+	GOPATH=`pwd` $(GO) run src/*.go -secure=true
 
 clean-local:
 	$(RM) -r gen-*
diff --git a/tutorial/go/server.crt b/tutorial/go/server.crt
new file mode 100644
index 000000000..b345bf035
--- /dev/null
+++ b/tutorial/go/server.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRjCCAi4CCQC7ZHL2gkCrNDANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJV
+UzEPMA0GA1UECAwGVGhyaWZ0MQ8wDQYDVQQHDAZUaHJpZnQxDzANBgNVBAoMBkFw
+YWNoZTEPMA0GA1UECwwGVGhyaWZ0MRIwEAYDVQQDDAlUaHJpZnQtR28wHhcNMTMw
+ODAyMTM0MzM0WhcNMTQwODAyMTM0MzM0WjBlMQswCQYDVQQGEwJVUzEPMA0GA1UE
+CAwGVGhyaWZ0MQ8wDQYDVQQHDAZUaHJpZnQxDzANBgNVBAoMBkFwYWNoZTEPMA0G
+A1UECwwGVGhyaWZ0MRIwEAYDVQQDDAlUaHJpZnQtR28wggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDBIkwFBgvHNS4yR8VYqYgd6bZtE1bJSdUHAOmASYwF
+Q5dDGltiwwWJiyLQ6njgcugqJ+5Icn2i7zd3kWXuTi6uNHlDzAy253uRj0skhXIA
+CYcMpNB5KI/bZd94VYg8ZG5x/or9mhpQNaZBKMpQ6bb1MvAlHfJO08y6YH2mZjfW
+SlpjEem51R8OK/3AM6mWZfWHeuSX+nzbChgRDZH4m9leWutgKyUgQtU7b5tEndsP
+qzGNeedaWGcyLT2dtD5PmsFbJ/RQXE3NEWACelJh7B1JjwB42HvZtl7m83GuY7ew
+eKlJP2HQAmmUkNTLdSa0yTzLuNitIKoh7RW5q4bl4zyNAgMBAAEwDQYJKoZIhvcN
+AQEFBQADggEBAB7r7lXn2M3SdyuXH+U6wbiNKPq8SX3sgncpaOluC36Phfdu38XJ
+NLovB05BIlkkExkv/IvjUZxGByd9WvNZBgajqll/FaK3Vv8cTo53yjxbQexFVK/m
+J4G9q/dGIV+B+8soVedoMTZOSmKhowM//9Oshs70foJLBJoHA5UdTdBxMvYcZBXV
+S9vUaVNEFd2cN0tyvguY8JNIPU8yEOUspR/uBeRRk3pRTbgcACC8+zYGUSuBiEf3
+SEKO2BHYBCkoodHWBWeMiiksYd3I5xOE9yS+Wn4eZlJBMTIjgxSddR1HH2cDSwET
+FzuW8WjtE1A28JL/hR6YcxaEDTulaFhaKs8=
+-----END CERTIFICATE-----
diff --git a/tutorial/go/server.key b/tutorial/go/server.key
new file mode 100644
index 000000000..27d52f474
--- /dev/null
+++ b/tutorial/go/server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAwSJMBQYLxzUuMkfFWKmIHem2bRNWyUnVBwDpgEmMBUOXQxpb
+YsMFiYsi0Op44HLoKifuSHJ9ou83d5Fl7k4urjR5Q8wMtud7kY9LJIVyAAmHDKTQ
+eSiP22XfeFWIPGRucf6K/ZoaUDWmQSjKUOm29TLwJR3yTtPMumB9pmY31kpaYxHp
+udUfDiv9wDOplmX1h3rkl/p82woYEQ2R+JvZXlrrYCslIELVO2+bRJ3bD6sxjXnn
+WlhnMi09nbQ+T5rBWyf0UFxNzRFgAnpSYewdSY8AeNh72bZe5vNxrmO3sHipST9h
+0AJplJDUy3UmtMk8y7jYrSCqIe0VuauG5eM8jQIDAQABAoIBAEU9zpNef4qD/nP4
+V0BaR3qx971TWaIA3mcMZKqhs5mPigN8x5a45JtTTsAnz/5oM+QpPLysj26C5Rfx
+AOJXFVVPasprtYM9qoedIAuP7DcnM0vNKxDFAg5ej6fMwnMkbpRf9eTGAvkOwvRJ
+c39ey0FNadtkySKJvLR1M5ccvpgMnybCMDYsjDH0tAqWJcWsCX+/htk4rpg4V7yG
+JDg23yx4An+WWmPuR1zSQNx5mZBSg4RXYykr1MEKsHo+TDQ6IK6Wq2rtLUM0/0M6
+CJ80EswX6uY0Uh6eJH1o1BLJeAfNGk/a9MUUqPaWj7ospa5XJ0adG3Qq5MmF21Ft
+VbhRhQECgYEA/+2CcKlRlxoBzCRg8DdFf5OHE45EiUFAEX8/J9RWdLQSI/EwA6K2
+Q9CGy6WWKEFMHBHsxyV8Hx6dS+M+2UpM4h28Atiu/HLs3UZXrRv7FLJuXP7j+iBv
+oNo5+8sxcxL1GgJ3zcmSSHhMcZmbBowsYmx+lMDSSxGgXo2jEY3mZmkCgYEAwTBA
+KkO22D9263MYA/Exjcto+t5O7Q26gs/j2UscyBUn7fbcKofTvrWBBjMYMZvFokO8
+HM0PNTIpr0F9FPoUB2oky7VLmuoGf9smyZtl5fwIl6R/4MmStyAEUWnkI3qt/EOr
+5ZwrdzFdru6Z4zLYaW6bms+8A1G7GWnTNen+yIUCgYB57Lb14VRjfhpZHQOprUtI
+ygnSATcZhKJ3M33tBbXih18VDHRpZv0aNZ/iKRLuPp15yfhZr7wAP1+EpdBtSH50
+QuItIPnMfxvlFvvyFqB5bcAyQaRup0FHCnARSu5V+jQWnhJhUaSFLfqNLDa02dbT
+VQjA6VPGO7GBGk0TsdyP8QKBgE0OzvlMyzkUj325CeJAqdByS2yNkhPSPwwAmlTJ
+NjDE54lux0EbrqVKRq3PYZ4gEUP5GqauUJuaZ7AlQhxE6ApRF1498WtYX8FOC/ms
+x4dl8ZNzJSLnpGLxHWfQAhT40T9nSsCqe1fu0/x75dwPIu1jFiQ5Kjh0uFmZsYq2
+zE71AoGAIgX3hfqFTcQ0vQJ2bSk4Q2IBMRjW9maZDK/O009cWoVA1pq7qUFXX/Rl
+ADA5FD/HOZZ1QYEfRaIEItPZP6cbnza4mPVql6YwSqE5IV1DIefUkPzQVTWxSyPi
+FlH3RwTKS7V/qQ+7tPL7lGAsI6W/mtPM0TneDRcrpr6C9fghSDs=
+-----END RSA PRIVATE KEY-----
diff --git a/tutorial/go/src/client.go b/tutorial/go/src/client.go
index 7f8d28fa8..543d7fb4e 100644
--- a/tutorial/go/src/client.go
+++ b/tutorial/go/src/client.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"git.apache.org/thrift.git/lib/go/thrift"
 	"tutorial"
+	"crypto/tls"
 )
 
 func handleClient(client *tutorial.CalculatorClient) (err error) {
@@ -69,9 +70,16 @@ func handleClient(client *tutorial.CalculatorClient) (err error) {
 	return err
 }
 
-func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
+func runClient(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
 	var transport thrift.TTransport
-	transport, err := thrift.NewTSocket(addr)
+	var err error
+	if secure {
+		cfg := new(tls.Config)
+		cfg.InsecureSkipVerify = true
+		transport, err = thrift.NewTSSLSocket(addr, cfg)
+	} else {
+		transport, err = thrift.NewTSocket(addr)
+	}
 	if err != nil {
 		fmt.Println("Error opening socket:", err)
 		return err
diff --git a/tutorial/go/src/main.go b/tutorial/go/src/main.go
index d37139460..96e5ec911 100644
--- a/tutorial/go/src/main.go
+++ b/tutorial/go/src/main.go
@@ -39,6 +39,7 @@ func main() {
 	framed := flag.Bool("framed", false, "Use framed transport")
 	buffered := flag.Bool("buffered", false, "Use buffered transport")
 	addr := flag.String("addr", "localhost:9090", "Address to listen to")
+	secure := flag.Bool("secure", false, "Use tls secure transport")
 
 	flag.Parse()
 
@@ -70,11 +71,11 @@ func main() {
 	}
 
 	if *server {
-		if err := runServer(transportFactory, protocolFactory, *addr); err != nil {
+		if err := runServer(transportFactory, protocolFactory, *addr, *secure); err != nil {
 			fmt.Println("error running server:", err)
 		}
 	} else {
-		if err := runClient(transportFactory, protocolFactory, *addr); err != nil {
+		if err := runClient(transportFactory, protocolFactory, *addr, *secure); err != nil {
 			fmt.Println("error running client:", err)
 		}
 	}
diff --git a/tutorial/go/src/server.go b/tutorial/go/src/server.go
index aea749e89..0374cde05 100644
--- a/tutorial/go/src/server.go
+++ b/tutorial/go/src/server.go
@@ -23,17 +23,34 @@ import (
 	"fmt"
 	"git.apache.org/thrift.git/lib/go/thrift"
 	"tutorial"
+	"crypto/tls"
 )
 
-func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string) error {
-	transport, err := thrift.NewTServerSocket(addr)
+func runServer(transportFactory thrift.TTransportFactory, protocolFactory thrift.TProtocolFactory, addr string, secure bool) error {
+	var transport thrift.TServerTransport
+	var err error
+	if secure {
+		cfg := new(tls.Config)
+		if cert, err := tls.LoadX509KeyPair("server.crt", "server.key"); err == nil {
+			cfg.Certificates = append(cfg.Certificates, cert)
+		}
+		if err != nil {
+			fmt.Println("Unable to load server certificate and key")
+			return err
+		}
+		transport, err = thrift.NewTSSLServerSocket(addr, cfg)
+	} else {
+		transport, err = thrift.NewTServerSocket(addr)
+	}
+	
 	if err != nil {
 		return err
 	}
+	fmt.Printf("%T\n", transport)
 	handler := NewCalculatorHandler()
 	processor := tutorial.NewCalculatorProcessor(handler)
 	server := thrift.NewTSimpleServer4(processor, transport, transportFactory, protocolFactory)
 
-	fmt.Println("Starting the simple server... on ", transport.Addr())
+	fmt.Println("Starting the simple server... on ", addr)
 	return server.Serve()
 }