[jira] Commented: (THRIFT-151) TSSLServerSocket and TSSLSocket implementation

["Alexey Savartsov (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/THRIFT-151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12853276#action_12853276 ] 

Alexey Savartsov commented on THRIFT-151:
-----------------------------------------

I've applied your 'redisigned' patch to thrift-0.2.0 and tried communicate with Evernote service today.
I had to make some little changes to get the code compile successfully (changed facebook namespace to apache, local includes to system ("TSocket.h" to <transport/TSocket.h> and so on)), and it (I've used only client class) seems to work pretty good, except closing connection. TSSLSocket::close() hangs on second call to SSL_shutdown. I've just removed second call, but I have a question. As far as I know, according to TSL standard it is acceptable for an application to only send its shutdown alert and then close the underlying connection without waiting for the peer's response. Is it safe here? Or client or server side should be fixed?


> TSSLServerSocket and TSSLSocket implementation
> ----------------------------------------------
>
>                 Key: THRIFT-151
>                 URL: https://issues.apache.org/jira/browse/THRIFT-151
>             Project: Thrift
>          Issue Type: Improvement
>          Components: Library (C++)
>            Reporter: Ian Pye
>         Attachments: ssl-pingli.patch, ssl-redesigned.patch, ssl-test-pingli.patch, ssl.patch
>
>   Original Estimate: 6h
>  Remaining Estimate: 6h
>
> SSL Connections w/ autogenerated self signed x509 certs seem to be the state of the art for rpc layers.
> It would be good if there was a C++ implementation of TSocket and TServerSocket classes.
> This is similar to the Java issue Thrift 106.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.