You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by mm...@apache.org on 2020/08/05 18:10:08 UTC
[geode-native] 02/07: WIP: More progress - looks like we're
actually hitting the proxy and doing things (~80% sure)
This is an automated email from the ASF dual-hosted git repository.
mmartell pushed a commit to branch GEODE-8398-sni-support-dotnet
in repository https://gitbox.apache.org/repos/asf/geode-native.git
commit 3f6eb81e4f2e95520736108e71e64d32a23ab75f
Author: Blake Bender <bb...@bblake-a01.vmware.com>
AuthorDate: Fri Jul 31 16:11:24 2020 -0700
WIP: More progress - looks like we're actually hitting the proxy and doing things (~80% sure)
---
cppcache/src/TcpSslConn.hpp | 18 +++++++-----------
cppcache/src/TcrConnection.cpp | 20 ++++++++++++++++----
cppcache/src/ThinClientLocatorHelper.cpp | 3 +--
cppcache/src/ThinClientPoolDM.hpp | 2 ++
4 files changed, 26 insertions(+), 17 deletions(-)
diff --git a/cppcache/src/TcpSslConn.hpp b/cppcache/src/TcpSslConn.hpp
index eb6afe0..e01eba5 100644
--- a/cppcache/src/TcpSslConn.hpp
+++ b/cppcache/src/TcpSslConn.hpp
@@ -53,15 +53,14 @@ class TcpSslConn : public TcpConn {
void createSocket(ACE_HANDLE sock) override;
public:
- TcpSslConn(
- std::chrono::microseconds waitSeconds, int32_t maxBuffSizePool,
- const std::string& sniProxyHostname, uint16_t sniProxyPort,
- const std::string& pubkeyfile, const std::string& privkeyfile,
- const std::string& pemPassword)
- : TcpConn(sniProxyHostname.c_str(), sniProxyPort, waitSeconds, maxBuffSizePool),
+ TcpSslConn(const std::string& hostname, std::chrono::microseconds waitSeconds,
+ int32_t maxBuffSizePool, const std::string& sniProxyHostname,
+ uint16_t sniProxyPort, const std::string& pubkeyfile,
+ const std::string& privkeyfile, const std::string& pemPassword)
+ : TcpConn(sniProxyHostname.c_str(), sniProxyPort, waitSeconds,
+ maxBuffSizePool),
m_ssl(nullptr),
- m_sniPort(sniProxyPort),
- m_sniHostname(sniProxyHostname),
+ m_sniHostname(hostname),
m_pubkeyfile(pubkeyfile),
m_privkeyfile(privkeyfile),
m_pemPassword(pemPassword) {}
@@ -72,7 +71,6 @@ class TcpSslConn : public TcpConn {
const std::string& pemPassword)
: TcpConn(hostname.c_str(), port, connect_timeout, maxBuffSizePool),
m_ssl(nullptr),
- m_sniPort(0),
m_sniHostname(""),
m_pubkeyfile(pubkeyfile),
m_privkeyfile(privkeyfile),
@@ -89,8 +87,6 @@ class TcpSslConn : public TcpConn {
m_privkeyfile(privkeyfile),
m_pemPassword(pemPassword) {}
-
-
virtual ~TcpSslConn() override {}
private:
diff --git a/cppcache/src/TcrConnection.cpp b/cppcache/src/TcrConnection.cpp
index 79a5002..e6f432d 100644
--- a/cppcache/src/TcrConnection.cpp
+++ b/cppcache/src/TcrConnection.cpp
@@ -432,10 +432,22 @@ Connector* TcrConnection::createConnection(
->getDistributedSystem()
.getSystemProperties();
if (systemProperties.sslEnabled()) {
- socket = new TcpSslConn(endpoint, connectTimeout, maxBuffSizePool,
- systemProperties.sslTrustStore().c_str(),
- systemProperties.sslKeyStore().c_str(),
- systemProperties.sslKeystorePassword().c_str());
+ auto sniProxyHostname = m_poolDM->getSNIProxyHostname();
+ auto sniPort = m_poolDM->getSNIPort();
+ if (sniProxyHostname.empty()) {
+ socket = new TcpSslConn(endpoint, connectTimeout, maxBuffSizePool,
+ systemProperties.sslTrustStore().c_str(),
+ systemProperties.sslKeyStore().c_str(),
+ systemProperties.sslKeystorePassword().c_str());
+ } else {
+ auto ipaddr = std::string(endpoint);
+ auto hostname = ipaddr.substr(0, ipaddr.find(':'));
+ socket = new TcpSslConn(hostname, connectTimeout, maxBuffSizePool,
+ sniProxyHostname, sniPort,
+ systemProperties.sslTrustStore().c_str(),
+ systemProperties.sslKeyStore().c_str(),
+ systemProperties.sslKeystorePassword().c_str());
+ }
} else {
socket = new TcpConn(endpoint, connectTimeout, maxBuffSizePool);
}
diff --git a/cppcache/src/ThinClientLocatorHelper.cpp b/cppcache/src/ThinClientLocatorHelper.cpp
index bbed2a0..c325d60 100644
--- a/cppcache/src/ThinClientLocatorHelper.cpp
+++ b/cppcache/src/ThinClientLocatorHelper.cpp
@@ -93,8 +93,7 @@ Connector* ThinClientLocatorHelper::createConnection(
systemProperties.sslTrustStore(), systemProperties.sslKeyStore(),
systemProperties.sslKeystorePassword());
} else {
- socket = new TcpSslConn(
- waitSeconds, maxBuffSizePool, m_sniProxyHost,
+ socket = new TcpSslConn(hostname, waitSeconds, maxBuffSizePool, m_sniProxyHost,
m_sniProxyPort, systemProperties.sslTrustStore(),
systemProperties.sslKeyStore(),
systemProperties.sslKeystorePassword());
diff --git a/cppcache/src/ThinClientPoolDM.hpp b/cppcache/src/ThinClientPoolDM.hpp
index 711e906..ffd3d90 100644
--- a/cppcache/src/ThinClientPoolDM.hpp
+++ b/cppcache/src/ThinClientPoolDM.hpp
@@ -168,6 +168,8 @@ class ThinClientPoolDM
GfErrType getConnectionToAnEndPoint(std::string epNameStr,
TcrConnection*& conn);
+ const std::string getSNIProxyHostname() { return m_attrs->getSniProxyHost(); }
+ uint16_t getSNIPort() { return m_attrs->getSniProxyPort(); }
virtual inline bool isSticky() { return m_sticky; }
virtual TcrEndpoint* getEndPoint(
const std::shared_ptr<BucketServerLocation>& serverLocation,