You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@thrift.apache.org by je...@apache.org on 2017/12/03 01:02:48 UTC
[18/50] [abbrv] thrift git commit: THRIFT-4376: fix a few high impact
coverity defects: 1458947: memory leak in compiler 1458787: resource leak in
c_glib led to discovery of assert() abuse 1459090: fix string.find result
check in JSON processor (unlikely
http://git-wip-us.apache.org/repos/asf/thrift/blob/43f4bf2f/lib/c_glib/test/testtransportsocket.c
----------------------------------------------------------------------
diff --git a/lib/c_glib/test/testtransportsocket.c b/lib/c_glib/test/testtransportsocket.c
index d91507f..8e96375 100755
--- a/lib/c_glib/test/testtransportsocket.c
+++ b/lib/c_glib/test/testtransportsocket.c
@@ -17,7 +17,6 @@
* under the License.
*/
-#include <assert.h>
#include <netdb.h>
#include <sys/wait.h>
@@ -81,7 +80,7 @@ test_create_and_destroy(void)
GObject *object = NULL;
object = g_object_new (THRIFT_TYPE_SOCKET, NULL);
- assert (object != NULL);
+ g_assert (object != NULL);
g_object_get (G_OBJECT(object), "hostname", &hostname, "port", &port, NULL);
g_free (hostname);
@@ -100,9 +99,9 @@ test_open_and_close(void)
"port", 51188, NULL);
transport = THRIFT_TRANSPORT (tsocket);
thrift_socket_open (transport, NULL);
- assert (thrift_socket_is_open (transport) == TRUE);
+ g_assert (thrift_socket_is_open (transport) == TRUE);
thrift_socket_close (transport, NULL);
- assert (thrift_socket_is_open (transport) == FALSE);
+ g_assert (thrift_socket_is_open (transport) == FALSE);
/* test close failure */
tsocket->sd = -1;
@@ -113,7 +112,7 @@ test_open_and_close(void)
tsocket = g_object_new (THRIFT_TYPE_SOCKET, "hostname", "localhost.broken",
NULL);
transport = THRIFT_TRANSPORT (tsocket);
- assert (thrift_socket_open (transport, &err) == FALSE);
+ g_assert (thrift_socket_open (transport, &err) == FALSE);
g_object_unref (tsocket);
g_error_free (err);
err = NULL;
@@ -122,7 +121,7 @@ test_open_and_close(void)
tsocket = g_object_new (THRIFT_TYPE_SOCKET, "hostname", "localhost", NULL);
transport = THRIFT_TRANSPORT (tsocket);
socket_error = 1;
- assert (thrift_socket_open (transport, &err) == FALSE);
+ g_assert (thrift_socket_open (transport, &err) == FALSE);
socket_error = 0;
g_object_unref (tsocket);
g_error_free (err);
@@ -139,7 +138,7 @@ test_read_and_write(void)
guchar buf[10] = TEST_DATA; /* a buffer */
pid = fork ();
- assert ( pid >= 0 );
+ g_assert ( pid >= 0 );
if ( pid == 0 )
{
@@ -153,8 +152,8 @@ test_read_and_write(void)
tsocket = g_object_new (THRIFT_TYPE_SOCKET, "hostname", "localhost",
"port", port, NULL);
transport = THRIFT_TRANSPORT (tsocket);
- assert (thrift_socket_open (transport, NULL) == TRUE);
- assert (thrift_socket_is_open (transport));
+ g_assert (thrift_socket_open (transport, NULL) == TRUE);
+ g_assert (thrift_socket_is_open (transport));
thrift_socket_write (transport, buf, 10, NULL);
/* write fail */
@@ -167,8 +166,8 @@ test_read_and_write(void)
thrift_socket_close (transport, NULL);
g_object_unref (tsocket);
- assert ( wait (&status) == pid );
- assert ( status == 0 );
+ g_assert ( wait (&status) == pid );
+ g_assert ( status == 0 );
}
}
@@ -286,12 +285,12 @@ thrift_socket_server (const int port)
transport = THRIFT_SERVER_TRANSPORT (tsocket);
thrift_server_transport_listen (transport, NULL);
client = thrift_server_transport_accept (transport, NULL);
- assert (client != NULL);
+ g_assert (client != NULL);
/* read 10 bytes */
bytes = thrift_socket_read (client, buf, 10, NULL);
- assert (bytes == 10); /* make sure we've read 10 bytes */
- assert ( memcmp(buf, match, 10) == 0 ); /* make sure what we got matches */
+ g_assert (bytes == 10); /* make sure we've read 10 bytes */
+ g_assert ( memcmp(buf, match, 10) == 0 ); /* make sure what we got matches */
/* failed read */
recv_error = 1;
http://git-wip-us.apache.org/repos/asf/thrift/blob/43f4bf2f/lib/c_glib/test/testtransportsslsocket.c
----------------------------------------------------------------------
diff --git a/lib/c_glib/test/testtransportsslsocket.c b/lib/c_glib/test/testtransportsslsocket.c
index b4688f9..f2f56f8 100644
--- a/lib/c_glib/test/testtransportsslsocket.c
+++ b/lib/c_glib/test/testtransportsslsocket.c
@@ -17,7 +17,6 @@
* under the License.
*/
-#include <assert.h>
#include <netdb.h>
#include <sys/wait.h>
#include <sys/types.h>
@@ -40,33 +39,33 @@ static int socket_error = 0;
int
my_socket(int domain, int type, int protocol)
{
- if (socket_error == 0)
- {
- return socket (domain, type, protocol);
- }
- return -1;
+ if (socket_error == 0)
+ {
+ return socket (domain, type, protocol);
+ }
+ return -1;
}
static int recv_error = 0;
ssize_t
my_recv(int socket, void *buffer, size_t length, int flags)
{
- if (recv_error == 0)
- {
- return recv (socket, buffer, length, flags);
- }
- return -1;
+ if (recv_error == 0)
+ {
+ return recv (socket, buffer, length, flags);
+ }
+ return -1;
}
static int send_error = 0;
ssize_t
my_send(int socket, const void *buffer, size_t length, int flags)
{
- if (send_error == 0)
- {
- return send (socket, buffer, length, flags);
- }
- return -1;
+ if (send_error == 0)
+ {
+ return send (socket, buffer, length, flags);
+ }
+ return -1;
}
#define socket my_socket
@@ -83,71 +82,71 @@ static void thrift_ssl_socket_server (const int port);
static void
test_ssl_create_and_destroy(void)
{
- gchar *hostname = NULL;
- guint port = 0;
-
- GObject *object = NULL;
- object = g_object_new (THRIFT_TYPE_SSL_SOCKET, NULL);
- assert (object != NULL);
- g_object_get (G_OBJECT(object), "hostname", &hostname, "port", &port, NULL);
- g_free (hostname);
- g_object_unref (object);
+ gchar *hostname = NULL;
+ guint port = 0;
+
+ GObject *object = NULL;
+ object = g_object_new (THRIFT_TYPE_SSL_SOCKET, NULL);
+ g_assert (object != NULL);
+ g_object_get (G_OBJECT(object), "hostname", &hostname, "port", &port, NULL);
+ g_free (hostname);
+ g_object_unref (object);
}
static void
test_ssl_create_and_set_properties(void)
{
- gchar *hostname = NULL;
- guint port = 0;
- SSL_CTX* ssl_ctx= NULL;
- GError *error=NULL;
-
- GObject *object = NULL;
- object = thrift_ssl_socket_new(SSLTLS, &error);
- g_object_get (G_OBJECT(object), "hostname", &hostname, "port", &port, "ssl_context", &ssl_ctx, NULL);
- assert (ssl_ctx!=NULL);
-
- g_free (hostname);
- g_object_unref (object);
+ gchar *hostname = NULL;
+ guint port = 0;
+ SSL_CTX* ssl_ctx= NULL;
+ GError *error=NULL;
+
+ GObject *object = NULL;
+ object = thrift_ssl_socket_new(SSLTLS, &error);
+ g_object_get (G_OBJECT(object), "hostname", &hostname, "port", &port, "ssl_context", &ssl_ctx, NULL);
+ g_assert (ssl_ctx!=NULL);
+
+ g_free (hostname);
+ g_object_unref (object);
}
static void
test_ssl_open_and_close(void)
{
- ThriftSSLSocket *tSSLSocket = NULL;
- ThriftTransport *transport = NULL;
- GError *error=NULL;
-
- /* open a connection and close it */
- tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", 51188, &error);
-
- transport = THRIFT_TRANSPORT (tSSLSocket);
- thrift_ssl_socket_open (transport, NULL);
- assert (thrift_ssl_socket_is_open (transport) == TRUE);
- thrift_ssl_socket_close (transport, NULL);
- assert (thrift_ssl_socket_is_open (transport) == FALSE);
-
- /* test close failure */
- THRIFT_SOCKET(tSSLSocket)->sd = -1;
- thrift_ssl_socket_close (transport, NULL);
- g_object_unref (tSSLSocket);
-
- /* try a hostname lookup failure */
- tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost.broken", 51188, &error);
- transport = THRIFT_TRANSPORT (tSSLSocket);
- assert (thrift_ssl_socket_open (transport, &error) == FALSE);
- g_object_unref (tSSLSocket);
- g_error_free (error);
- error = NULL;
-
- /* try an error call to socket() */
- tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", 51188, &error);
- transport = THRIFT_TRANSPORT (tSSLSocket);
- socket_error = 1;
- assert (thrift_ssl_socket_open (transport, &error) == FALSE);
- socket_error = 0;
- g_object_unref (tSSLSocket);
- g_error_free (error);
+ ThriftSSLSocket *tSSLSocket = NULL;
+ ThriftTransport *transport = NULL;
+ GError *error=NULL;
+
+ /* open a connection and close it */
+ tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", 51188, &error);
+
+ transport = THRIFT_TRANSPORT (tSSLSocket);
+ thrift_ssl_socket_open (transport, NULL);
+ g_assert (thrift_ssl_socket_is_open (transport) == TRUE);
+ thrift_ssl_socket_close (transport, NULL);
+ g_assert (thrift_ssl_socket_is_open (transport) == FALSE);
+
+ /* test close failure */
+ THRIFT_SOCKET(tSSLSocket)->sd = -1;
+ thrift_ssl_socket_close (transport, NULL);
+ g_object_unref (tSSLSocket);
+
+ /* try a hostname lookup failure */
+ tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost.broken", 51188, &error);
+ transport = THRIFT_TRANSPORT (tSSLSocket);
+ g_assert (thrift_ssl_socket_open (transport, &error) == FALSE);
+ g_object_unref (tSSLSocket);
+ g_error_free (error);
+ error = NULL;
+
+ /* try an error call to socket() */
+ tSSLSocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", 51188, &error);
+ transport = THRIFT_TRANSPORT (tSSLSocket);
+ socket_error = 1;
+ g_assert (thrift_ssl_socket_open (transport, &error) == FALSE);
+ socket_error = 0;
+ g_object_unref (tSSLSocket);
+ g_error_free (error);
}
@@ -157,27 +156,27 @@ test_ssl_open_and_close(void)
*/
unsigned char * get_cn_name(X509_NAME* const name)
{
- int idx = -1;
- unsigned char *utf8 = NULL;
+ int idx = -1;
+ unsigned char *utf8 = NULL;
- do
- {
- if(!name) break; /* failed */
+ do
+ {
+ if(!name) break; /* failed */
- idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1);
- if(!(idx > -1)) break; /* failed */
+ idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1);
+ if(!(idx > -1)) break; /* failed */
- X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, idx);
- if(!entry) break; /* failed */
+ X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, idx);
+ if(!entry) break; /* failed */
- ASN1_STRING* data = X509_NAME_ENTRY_get_data(entry);
- if(!data) break; /* failed */
+ ASN1_STRING* data = X509_NAME_ENTRY_get_data(entry);
+ if(!data) break; /* failed */
- int length = ASN1_STRING_to_UTF8(&utf8, data);
- if(!utf8 || !(length > 0)) break; /* failed */
+ int length = ASN1_STRING_to_UTF8(&utf8, data);
+ if(!utf8 || !(length > 0)) break; /* failed */
- } while (0);
- return utf8;
+ } while (0);
+ return utf8;
}
/*
@@ -185,77 +184,77 @@ unsigned char * get_cn_name(X509_NAME* const name)
*/
void *get_in_addr(struct sockaddr *sa)
{
- if (sa->sa_family == AF_INET)
- return &(((struct sockaddr_in*)sa)->sin_addr);
- return &(((struct sockaddr_in6*)sa)->sin6_addr);
+ if (sa->sa_family == AF_INET)
+ return &(((struct sockaddr_in*)sa)->sin_addr);
+ return &(((struct sockaddr_in6*)sa)->sin6_addr);
}
int verify_ip(char * hostname, struct sockaddr_storage *addr)
{
- struct addrinfo *addr_info,*p;
- struct addrinfo hints;
- int res;
- int retval = 0;
-
-
- memset(&hints, 0, sizeof hints);
- hints.ai_family = AF_UNSPEC; // use AF_INET6 to force IPv6
- hints.ai_socktype = SOCK_STREAM;
-
-
- if ( (res = getaddrinfo(hostname, NULL, &hints, &addr_info) ) != 0)
- {
- // get the host info
- g_error("Cannot get the host address");
- return retval;
- }
- // loop through all the results and connect to the first we can
- char dnshost[INET6_ADDRSTRLEN]; // bigger addr supported IPV6
- char socket_ip[INET6_ADDRSTRLEN];
- if(inet_ntop(addr->ss_family, get_in_addr(addr), socket_ip, INET6_ADDRSTRLEN)==socket_ip){
- g_debug("We are connected to host %s checking against certificate...", socket_ip);
- int sizeip = socket_ip!=NULL ? strlen(socket_ip) : 0;
- for(p = addr_info; p != NULL; p = p->ai_next) {
- if(inet_ntop(p->ai_family, get_in_addr((struct sockaddr *)p->ai_addr), dnshost, INET6_ADDRSTRLEN)==dnshost){
- if(dnshost!=NULL){
- g_info("DNS address [%i -> %s]", p->ai_addr, dnshost);
- if(!strncmp(dnshost, socket_ip, sizeip)){
- retval=1;
- break; // if we get here, we must have connected successfully
- }
- }
- }
- }
- }
-
- if(addr_info)
- freeaddrinfo(addr_info);
-
- return retval;
+ struct addrinfo *addr_info,*p;
+ struct addrinfo hints;
+ int res;
+ int retval = 0;
+
+
+ memset(&hints, 0, sizeof hints);
+ hints.ai_family = AF_UNSPEC; // use AF_INET6 to force IPv6
+ hints.ai_socktype = SOCK_STREAM;
+
+
+ if ( (res = getaddrinfo(hostname, NULL, &hints, &addr_info) ) != 0)
+ {
+ // get the host info
+ g_error("Cannot get the host address");
+ return retval;
+ }
+ // loop through all the results and connect to the first we can
+ char dnshost[INET6_ADDRSTRLEN]; // bigger addr supported IPV6
+ char socket_ip[INET6_ADDRSTRLEN];
+ if(inet_ntop(addr->ss_family, get_in_addr(addr), socket_ip, INET6_ADDRSTRLEN)==socket_ip){
+ g_debug("We are connected to host %s checking against certificate...", socket_ip);
+ int sizeip = socket_ip!=NULL ? strlen(socket_ip) : 0;
+ for(p = addr_info; p != NULL; p = p->ai_next) {
+ if(inet_ntop(p->ai_family, get_in_addr((struct sockaddr *)p->ai_addr), dnshost, INET6_ADDRSTRLEN)==dnshost){
+ if(dnshost!=NULL){
+ g_info("DNS address [%i -> %s]", p->ai_addr, dnshost);
+ if(!strncmp(dnshost, socket_ip, sizeip)){
+ retval=1;
+ break; // if we get here, we must have connected successfully
+ }
+ }
+ }
+ }
+ }
+
+ if(addr_info)
+ freeaddrinfo(addr_info);
+
+ return retval;
}
static void
read_from_file(char *buffer, long size, const char *file_name)
{
- char ch;
- long index=0;
- FILE *fp;
+ char ch;
+ long index=0;
+ FILE *fp;
- fp = fopen(file_name,"r"); // read mode
+ fp = fopen(file_name,"r"); // read mode
- if( fp == NULL )
- {
- perror("Error while opening the file.\n");
- exit(EXIT_FAILURE);
- }
+ if( fp == NULL )
+ {
+ perror("Error while opening the file.\n");
+ exit(EXIT_FAILURE);
+ }
- printf("The contents of %s file are :\n", file_name);
+ printf("The contents of %s file are :\n", file_name);
- while(index<size && ( ch = fgetc(fp) ) != EOF ){
- buffer[index++] = ch;
- }
+ while(index<size && ( ch = fgetc(fp) ) != EOF ){
+ buffer[index++] = ch;
+ }
- fclose(fp);
+ fclose(fp);
}
#define ISSUER_CN_PINNING "The Apache Software Foundation"
@@ -264,98 +263,98 @@ read_from_file(char *buffer, long size, const char *file_name)
gboolean verify_certificate_sn(X509 *cert, const unsigned char *serial_number)
{
- gboolean retval = FALSE;
-
- ASN1_INTEGER *serial = X509_get_serialNumber(cert);
-
- BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL);
- if (!bn) {
- fprintf(stderr, "unable to convert ASN1INTEGER to BN\n");
- return EXIT_FAILURE;
- }
- char *tmp = BN_bn2dec(bn);
- if (!tmp) {
- g_warning(stderr, "unable to convert BN to decimal string.\n");
- BN_free(bn);
- return EXIT_FAILURE;
- }
-// if (strlen(tmp) >= len) {
-// g_warn(stderr, "buffer length shorter than serial number\n");
-// BN_free(bn);
-// OPENSSL_free(tmp);
-// return EXIT_FAILURE;
-// }
- if(!strncmp(serial_number, tmp, strlen(serial_number))){
- retval=TRUE;
- }else{
- g_warning("Serial number is not valid");
- }
-
- BN_free(bn);
- OPENSSL_free(tmp);
- return retval;
+ gboolean retval = FALSE;
+
+ ASN1_INTEGER *serial = X509_get_serialNumber(cert);
+
+ BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL);
+ if (!bn) {
+ fprintf(stderr, "unable to convert ASN1INTEGER to BN\n");
+ return EXIT_FAILURE;
+ }
+ char *tmp = BN_bn2dec(bn);
+ if (!tmp) {
+ g_warning(stderr, "unable to convert BN to decimal string.\n");
+ BN_free(bn);
+ return EXIT_FAILURE;
+ }
+// if (strlen(tmp) >= len) {
+// g_warn(stderr, "buffer length shorter than serial number\n");
+// BN_free(bn);
+// OPENSSL_free(tmp);
+// return EXIT_FAILURE;
+// }
+ if(!strncmp(serial_number, tmp, strlen(serial_number))){
+ retval=TRUE;
+ }else{
+ g_warning("Serial number is not valid");
+ }
+
+ BN_free(bn);
+ OPENSSL_free(tmp);
+ return retval;
}
gboolean my_access_manager(ThriftTransport * transport, X509 *cert, struct sockaddr_storage *addr, GError **error)
{
- ThriftSSLSocket *sslSocket = THRIFT_SSL_SOCKET (transport);
-
- g_info("Processing access to the server");
- X509_NAME* iname = cert ? X509_get_issuer_name(cert) : NULL;
- X509_NAME* sname = cert ? X509_get_subject_name(cert) : NULL;
-
- /* Issuer is the authority we trust that warrants nothing useful */
- const unsigned char * issuer = get_cn_name(iname);
- if(issuer){
- gboolean valid = TRUE;
- g_info("Issuer (cn) %s", issuer);
-
- // Issuer pinning
- if(strncmp(ISSUER_CN_PINNING, issuer, strlen(ISSUER_CN_PINNING))){
- g_warning("The Issuer of the certificate is not valid");
- valid=FALSE;
- }
- OPENSSL_free(issuer);
- if(!valid)
- return valid;
- }
-
-
- /* Subject is who the certificate is issued to by the authority */
- const unsigned char * subject = get_cn_name(sname);
- if(subject){
- g_info("Subject (cn) %s", subject);
- gboolean valid = TRUE;
-
- // Subject pinning
- if(strncmp(SUBJECT_CN_PINNING, subject, strlen(SUBJECT_CN_PINNING))){
- g_warning("The subject of the certificate is not valid");
- valid=FALSE;
- }
-
- if(!valid)
- return valid;
-
- // Host pinning
- if(verify_ip(subject, addr)){
- g_info("Verified subject");
- }else{
- g_info("Cannot verify subject");
- valid=FALSE;
- }
- OPENSSL_free(subject);
-
- if(!valid)
- return valid;
- }
-
- if(!verify_certificate_sn(cert, CERT_SERIAL_NUMBER)){
- return FALSE;
- }else{
- g_info("Verified serial number");
- }
-
- return TRUE;
+ ThriftSSLSocket *sslSocket = THRIFT_SSL_SOCKET (transport);
+
+ g_info("Processing access to the server");
+ X509_NAME* iname = cert ? X509_get_issuer_name(cert) : NULL;
+ X509_NAME* sname = cert ? X509_get_subject_name(cert) : NULL;
+
+ /* Issuer is the authority we trust that warrants nothing useful */
+ const unsigned char * issuer = get_cn_name(iname);
+ if(issuer){
+ gboolean valid = TRUE;
+ g_info("Issuer (cn) %s", issuer);
+
+ // Issuer pinning
+ if(strncmp(ISSUER_CN_PINNING, issuer, strlen(ISSUER_CN_PINNING))){
+ g_warning("The Issuer of the certificate is not valid");
+ valid=FALSE;
+ }
+ OPENSSL_free(issuer);
+ if(!valid)
+ return valid;
+ }
+
+
+ /* Subject is who the certificate is issued to by the authority */
+ const unsigned char * subject = get_cn_name(sname);
+ if(subject){
+ g_info("Subject (cn) %s", subject);
+ gboolean valid = TRUE;
+
+ // Subject pinning
+ if(strncmp(SUBJECT_CN_PINNING, subject, strlen(SUBJECT_CN_PINNING))){
+ g_warning("The subject of the certificate is not valid");
+ valid=FALSE;
+ }
+
+ if(!valid)
+ return valid;
+
+ // Host pinning
+ if(verify_ip(subject, addr)){
+ g_info("Verified subject");
+ }else{
+ g_info("Cannot verify subject");
+ valid=FALSE;
+ }
+ OPENSSL_free(subject);
+
+ if(!valid)
+ return valid;
+ }
+
+ if(!verify_certificate_sn(cert, CERT_SERIAL_NUMBER)){
+ return FALSE;
+ }else{
+ g_info("Verified serial number");
+ }
+
+ return TRUE;
}
@@ -366,57 +365,57 @@ gboolean my_access_manager(ThriftTransport * transport, X509 *cert, struct socka
static void
test_ssl_authorization_manager(void)
{
- int status=0;
- pid_t pid;
- ThriftSSLSocket *tSSLsocket = NULL;
- ThriftTransport *transport = NULL;
- // int port = 51199;
- int port = 443;
- GError *error=NULL;
-
- guchar buf[17] = TEST_DATA; /* a buffer */
-
- // pid = fork ();
- // assert ( pid >= 0 );
- //
- // if ( pid == 0 )
- // {
- // /* child listens */
- // thrift_ssl_socket_server (port);
- // exit (0);
- // } else {
- /* parent connects, wait a bit for the socket to be created */
- sleep (1);
-
- // Test against level2 owncloud certificate
- tSSLsocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", port, &error);
- thrift_ssl_socket_set_manager(tSSLsocket, my_access_manager); // Install pinning manager
- //thrift_ssl_load_cert_from_file(tSSLsocket, "./owncloud.level2crm.pem");
- unsigned char cert_buffer[65534];
- read_from_file(cert_buffer, 65534, "../../keys/client.pem");
- if(!thrift_ssl_load_cert_from_buffer(tSSLsocket, cert_buffer)){
- g_warning("Certificates cannot be loaded!");
- }
-
- transport = THRIFT_TRANSPORT (tSSLsocket);
- assert (thrift_ssl_socket_open (transport, NULL) == TRUE);
- assert (thrift_ssl_socket_is_open (transport));
-
- thrift_ssl_socket_write (transport, buf, 17, NULL);
-
- /* write fail */
- send_error = 1;
- // thrift_ssl_socket_write (transport, buf, 1, NULL);
- // send_error = 0;
-
- // thrift_ssl_socket_write_end (transport, NULL);
- // thrift_ssl_socket_flush (transport, NULL);
- thrift_ssl_socket_close (transport, NULL);
- g_object_unref (tSSLsocket);
-
- // assert ( wait (&status) == pid );
- assert ( status == 0 );
- // }
+ int status=0;
+ pid_t pid;
+ ThriftSSLSocket *tSSLsocket = NULL;
+ ThriftTransport *transport = NULL;
+ // int port = 51199;
+ int port = 443;
+ GError *error=NULL;
+
+ guchar buf[17] = TEST_DATA; /* a buffer */
+
+ // pid = fork ();
+ // g_assert ( pid >= 0 );
+ //
+ // if ( pid == 0 )
+ // {
+ // /* child listens */
+ // thrift_ssl_socket_server (port);
+ // exit (0);
+ // } else {
+ /* parent connects, wait a bit for the socket to be created */
+ sleep (1);
+
+ // Test against level2 owncloud certificate
+ tSSLsocket = thrift_ssl_socket_new_with_host(SSLTLS, "localhost", port, &error);
+ thrift_ssl_socket_set_manager(tSSLsocket, my_access_manager); // Install pinning manager
+ //thrift_ssl_load_cert_from_file(tSSLsocket, "./owncloud.level2crm.pem");
+ unsigned char cert_buffer[65534];
+ read_from_file(cert_buffer, 65534, "../../keys/client.pem");
+ if(!thrift_ssl_load_cert_from_buffer(tSSLsocket, cert_buffer)){
+ g_warning("Certificates cannot be loaded!");
+ }
+
+ transport = THRIFT_TRANSPORT (tSSLsocket);
+ g_assert (thrift_ssl_socket_open (transport, NULL) == TRUE);
+ g_assert (thrift_ssl_socket_is_open (transport));
+
+ thrift_ssl_socket_write (transport, buf, 17, NULL);
+
+ /* write fail */
+ send_error = 1;
+ // thrift_ssl_socket_write (transport, buf, 1, NULL);
+ // send_error = 0;
+
+ // thrift_ssl_socket_write_end (transport, NULL);
+ // thrift_ssl_socket_flush (transport, NULL);
+ thrift_ssl_socket_close (transport, NULL);
+ g_object_unref (tSSLsocket);
+
+ // g_assert ( wait (&status) == pid );
+ g_assert ( status == 0 );
+ // }
}
#endif
@@ -523,59 +522,59 @@ test_ssl_authorization_manager(void)
static void
thrift_ssl_socket_server (const int port)
{
- int bytes = 0;
- ThriftServerTransport *transport = NULL;
- ThriftTransport *client = NULL;
- guchar buf[10]; /* a buffer */
- guchar match[10] = TEST_DATA;
-
- ThriftServerSocket *tsocket = g_object_new (THRIFT_TYPE_SERVER_SOCKET,
- "port", port, NULL);
-
- transport = THRIFT_SERVER_TRANSPORT (tsocket);
- thrift_server_transport_listen (transport, NULL);
- client = thrift_server_transport_accept (transport, NULL);
- assert (client != NULL);
-
- /* read 10 bytes */
- bytes = thrift_ssl_socket_read (client, buf, 10, NULL);
- assert (bytes == 10); /* make sure we've read 10 bytes */
- assert ( memcmp(buf, match, 10) == 0 ); /* make sure what we got matches */
-
- /* failed read */
- recv_error = 1;
- thrift_ssl_socket_read (client, buf, 1, NULL);
- recv_error = 0;
-
- thrift_ssl_socket_read_end (client, NULL);
- thrift_ssl_socket_close (client, NULL);
- g_object_unref (tsocket);
- g_object_unref (client);
+ int bytes = 0;
+ ThriftServerTransport *transport = NULL;
+ ThriftTransport *client = NULL;
+ guchar buf[10]; /* a buffer */
+ guchar match[10] = TEST_DATA;
+
+ ThriftServerSocket *tsocket = g_object_new (THRIFT_TYPE_SERVER_SOCKET,
+ "port", port, NULL);
+
+ transport = THRIFT_SERVER_TRANSPORT (tsocket);
+ thrift_server_transport_listen (transport, NULL);
+ client = thrift_server_transport_accept (transport, NULL);
+ g_assert (client != NULL);
+
+ /* read 10 bytes */
+ bytes = thrift_ssl_socket_read (client, buf, 10, NULL);
+ g_assert (bytes == 10); /* make sure we've read 10 bytes */
+ g_assert ( memcmp(buf, match, 10) == 0 ); /* make sure what we got matches */
+
+ /* failed read */
+ recv_error = 1;
+ thrift_ssl_socket_read (client, buf, 1, NULL);
+ recv_error = 0;
+
+ thrift_ssl_socket_read_end (client, NULL);
+ thrift_ssl_socket_close (client, NULL);
+ g_object_unref (tsocket);
+ g_object_unref (client);
}
int
main(int argc, char *argv[])
{
- int retval;
+ int retval;
#if (!GLIB_CHECK_VERSION (2, 36, 0))
- g_type_init();
+ g_type_init();
#endif
- g_test_init (&argc, &argv, NULL);
+ g_test_init (&argc, &argv, NULL);
- thrift_ssl_socket_initialize_openssl();
+ thrift_ssl_socket_initialize_openssl();
- g_test_add_func ("/testtransportsslsocket/CreateAndDestroy", test_ssl_create_and_destroy);
- g_test_add_func ("/testtransportsslsocket/CreateAndSetProperties", test_ssl_create_and_set_properties);
- g_test_add_func ("/testtransportsslsocket/OpenAndClose", test_ssl_open_and_close);
- // This test is disabled because server is not ready
- // g_test_add_func ("/testtransportsslsocket/AuthorizationManagerPinning", test_ssl_authorization_manager);
- // g_test_add_func ("/testtransportsslsocket/Peek", test_ssl_peek);
+ g_test_add_func ("/testtransportsslsocket/CreateAndDestroy", test_ssl_create_and_destroy);
+ g_test_add_func ("/testtransportsslsocket/CreateAndSetProperties", test_ssl_create_and_set_properties);
+ g_test_add_func ("/testtransportsslsocket/OpenAndClose", test_ssl_open_and_close);
+ // This test is disabled because server is not ready
+ // g_test_add_func ("/testtransportsslsocket/AuthorizationManagerPinning", test_ssl_authorization_manager);
+ // g_test_add_func ("/testtransportsslsocket/Peek", test_ssl_peek);
- retval = g_test_run ();
+ retval = g_test_run ();
- thrift_ssl_socket_finalize_openssl();
+ thrift_ssl_socket_finalize_openssl();
- return retval;
+ return retval;
}
http://git-wip-us.apache.org/repos/asf/thrift/blob/43f4bf2f/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
----------------------------------------------------------------------
diff --git a/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp b/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
index bbba260..a49a148 100644
--- a/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
+++ b/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
@@ -773,7 +773,7 @@ uint32_t TJSONProtocol::readJSONString(std::string& str, bool skipContext) {
continue;
} else {
size_t pos = kEscapeChars.find(ch);
- if (pos == std::string::npos) {
+ if (pos == kEscapeChars.npos) {
throw TProtocolException(TProtocolException::INVALID_DATA,
"Expected control char, got '" + std::string((const char*)&ch, 1)
+ "'.");
http://git-wip-us.apache.org/repos/asf/thrift/blob/43f4bf2f/test/known_failures_Linux.json
----------------------------------------------------------------------
diff --git a/test/known_failures_Linux.json b/test/known_failures_Linux.json
index d424772..3b835f3 100644
--- a/test/known_failures_Linux.json
+++ b/test/known_failures_Linux.json
@@ -131,6 +131,8 @@
"d-py_json_buffered-ip-ssl",
"d-py_json_framed-ip",
"d-py_json_framed-ip-ssl",
+ "erl-csharp_binary_buffered-ip",
+ "erl-csharp_compact_buffered-ip",
"erl-nodejs_binary_buffered-ip",
"erl-nodejs_compact_buffered-ip",
"erl-rb_binary-accel_buffered-ip",
@@ -167,6 +169,10 @@
"java-d_compact_buffered-ip",
"java-d_compact_buffered-ip-ssl",
"java-d_compact_framed-ip",
+ "rs-csharp_binary_buffered-ip",
+ "rs-csharp_compact_buffered-ip",
+ "rs-csharp_binary_framed-ip",
+ "rs-csharp_compact_framed-ip",
"rs-dart_binary_framed-ip",
"rs-dart_compact_framed-ip"
]