| 154 | } |
| 155 | |
| 156 | void client(apache::thrift::transport::SSLProtocol protocol) { |
| 157 | try { |
| 158 | shared_ptr<TSSLSocketFactory> pClientSocketFactory; |
| 159 | shared_ptr<TSSLSocket> pClientSocket; |
| 160 | |
| 161 | try { |
| 162 | pClientSocketFactory.reset(new TSSLSocketFactory(static_cast<apache::thrift::transport::SSLProtocol>(protocol))); |
| 163 | pClientSocketFactory->authenticate(true); |
| 164 | #if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 165 | // OpenSSL 1.1.0 introduced @SECLEVEL. Modern distributions limit TLS 1.0/1.1 |
| 166 | // to @SECLEVEL=0 or 1, so specify it to test all combinations. |
| 167 | pClientSocketFactory->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@SECLEVEL=0"); |
| 168 | #endif |
| 169 | pClientSocketFactory->loadCertificateFromBuffer(certString("client.crt").c_str()); |
| 170 | pClientSocketFactory->loadPrivateKeyFromBuffer(certString("client.key").c_str()); |
| 171 | pClientSocketFactory->loadTrustedCertificatesFromBuffer(certString("CA.pem").c_str()); |
| 172 | pClientSocket = pClientSocketFactory->createSocket("localhost", mPort); |
| 173 | pClientSocket->open(); |
| 174 | |
| 175 | uint8_t buf[3]; |
| 176 | buf[0] = 0; |
| 177 | buf[1] = 0; |
| 178 | BOOST_CHECK_EQUAL(2, pClientSocket->read(&buf[0], 2)); |
| 179 | BOOST_CHECK_EQUAL(0, memcmp(&buf[0], "OK", 2)); |
| 180 | mConnected = true; |
| 181 | } catch (apache::thrift::transport::TTransportException& ex) { |
| 182 | boost::mutex::scoped_lock lock(gMutex); |
| 183 | BOOST_TEST_MESSAGE(boost::format("CLI %1% Exception: %2%") % boost::this_thread::get_id() % ex.what()); |
| 184 | } |
| 185 | |
| 186 | if (pClientSocket) { |
| 187 | pClientSocket->close(); |
| 188 | pClientSocket.reset(); |
| 189 | } |
| 190 | } catch (std::exception& ex) { |
| 191 | BOOST_FAIL(boost::format("%1%: %2%") % typeid(ex).name() % ex.what()); |
| 192 | } |
| 193 | } |
| 194 | |
| 195 | static const char* protocol2str(size_t protocol) { |
| 196 | static const char* strings[apache::thrift::transport::LATEST + 1] |
nothing calls this directly
no test coverage detected