You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by mm...@apache.org on 2019/02/28 15:57:22 UTC
[geode-native] branch develop updated: GEODE-4339: cpp ssl example
(#449)
This is an automated email from the ASF dual-hosted git repository.
mmartell pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode-native.git
The following commit(s) were added to refs/heads/develop by this push:
new 2430c7d GEODE-4339: cpp ssl example (#449)
2430c7d is described below
commit 2430c7d16e3e518d1bf580efe33e394e3260b6d7
Author: Michael Martell <mm...@pivotal.io>
AuthorDate: Thu Feb 28 07:57:17 2019 -0800
GEODE-4339: cpp ssl example (#449)
* Initial commit.
Co-authored-by: Matthew Reddington <mr...@pivotal.io>
* Fixed parameter mismatch.
* Complete working cmake files.
Co-authored-by: Mike Martell <mm...@pivotal.io>
* Fixed dotnet sslputget shutdown script.
Co-authored-by: Matthew Reddington <mr...@pivotal.io>
* Fix startserver, stopserver scripts on non-Windows platforms
- also provide (required) full path to various gfsh ssl parameters
- use addLocator rather than addServer on pool mgr call
Co-authored-by: Ivan Godwin <ig...@pivotal.io>
* Example now runs on Windows, and updated README.md
Co-authored-by: Matthew Reddington <mr...@pivotal.io>
* Added .ps1 scripts and copied nc dll.
* Cleanup up platform dependent getcwd.
---
cppcache/src/TcrConnection.cpp | 4 +-
examples/cpp/CMakeLists.txt | 4 +-
examples/cpp/CMakeLists.txt.in | 4 +
.../CMakeLists.txt} | 21 ++--
examples/cpp/sslputget/CMakeLists.txt.in | 59 +++++++++++
examples/cpp/sslputget/README.md | 43 ++++++++
examples/cpp/sslputget/main.cpp | 108 +++++++++++++++++++++
examples/{dotnet => cpp}/sslputget/startserver.ps1 | 4 +-
examples/cpp/sslputget/startserver.sh | 35 +++++++
examples/{dotnet => cpp}/sslputget/stopserver.ps1 | 4 +-
.../{CMakeLists.txt.in => sslputget/stopserver.sh} | 28 +++---
examples/dotnet/sslputget/startserver.ps1 | 4 +-
examples/dotnet/sslputget/stopserver.ps1 | 4 +-
13 files changed, 290 insertions(+), 32 deletions(-)
diff --git a/cppcache/src/TcrConnection.cpp b/cppcache/src/TcrConnection.cpp
index bdfa00e..21ac8b4 100644
--- a/cppcache/src/TcrConnection.cpp
+++ b/cppcache/src/TcrConnection.cpp
@@ -568,9 +568,9 @@ Connector* TcrConnection::createConnection(
.getSystemProperties();
if (systemProperties.sslEnabled()) {
socket = new TcpSslConn(endpoint, connectTimeout, maxBuffSizePool,
- systemProperties.sslKeystorePassword().c_str(),
systemProperties.sslTrustStore().c_str(),
- systemProperties.sslKeyStore().c_str());
+ systemProperties.sslKeyStore().c_str(),
+ systemProperties.sslKeystorePassword().c_str());
} else {
socket = new TcpConn(endpoint, connectTimeout, maxBuffSizePool);
}
diff --git a/examples/cpp/CMakeLists.txt b/examples/cpp/CMakeLists.txt
index d90e806..13fc1a6 100644
--- a/examples/cpp/CMakeLists.txt
+++ b/examples/cpp/CMakeLists.txt
@@ -54,8 +54,10 @@ add_example(NAME put-get-remove
add_example(NAME remotequery
SOURCE main.cpp Order.cpp Order.hpp)
+add_subdirectory(sslputget)
+
add_example(NAME transaction
- SOURCE main.cpp)
+ SOURCE main.cpp)
install(DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
DESTINATION examples/
diff --git a/examples/cpp/CMakeLists.txt.in b/examples/cpp/CMakeLists.txt.in
index 3cf7367..9bae74c 100644
--- a/examples/cpp/CMakeLists.txt.in
+++ b/examples/cpp/CMakeLists.txt.in
@@ -26,3 +26,7 @@ add_subdirectory(pdxserializer)
add_subdirectory(put-get-remove)
add_subdirectory(remotequery)
add_subdirectory(transaction)
+
+if(OPENSSL_FOUND)
+ add_subdirectory(sslputget)
+endif()
diff --git a/examples/cpp/CMakeLists.txt.in b/examples/cpp/sslputget/CMakeLists.txt
similarity index 69%
copy from examples/cpp/CMakeLists.txt.in
copy to examples/cpp/sslputget/CMakeLists.txt
index 3cf7367..2eff899 100644
--- a/examples/cpp/CMakeLists.txt.in
+++ b/examples/cpp/sslputget/CMakeLists.txt
@@ -15,14 +15,15 @@
cmake_minimum_required(VERSION 3.10)
-project(@PRODUCT_DLL_NAME@.Cpp.Examples LANGUAGES NONE)
+project(cpp-sslputget LANGUAGES NONE)
+
+configure_file(${CMAKE_CURRENT_SOURCE_DIR}/CMakeLists.txt.in ${CMAKE_CURRENT_BINARY_DIR}/CMakeLists.txt @ONLY)
+
+install(FILES
+ ${CMAKE_CURRENT_BINARY_DIR}/CMakeLists.txt
+ main.cpp
+ README.md
+ startserver.sh
+ stopserver.sh
+ DESTINATION examples/cpp/sslputget)
-add_subdirectory(authinitialize)
-add_subdirectory(continuousquery)
-add_subdirectory(dataserializable)
-add_subdirectory(function-execution)
-add_subdirectory(pdxserializable)
-add_subdirectory(pdxserializer)
-add_subdirectory(put-get-remove)
-add_subdirectory(remotequery)
-add_subdirectory(transaction)
diff --git a/examples/cpp/sslputget/CMakeLists.txt.in b/examples/cpp/sslputget/CMakeLists.txt.in
new file mode 100644
index 0000000..e6a8665
--- /dev/null
+++ b/examples/cpp/sslputget/CMakeLists.txt.in
@@ -0,0 +1,59 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+cmake_minimum_required(VERSION 3.10)
+
+project(cpp-sslputget LANGUAGES CXX)
+
+set(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/../../cmake)
+set(CMAKE_CXX_STANDARD 11)
+
+find_package(GeodeNative REQUIRED COMPONENTS cpp crypto)
+find_package(OpenSSL REQUIRED COMPONENTS SSL)
+
+add_executable(${PROJECT_NAME} main.cpp)
+
+configure_file("startserver.sh" ${CMAKE_CURRENT_BINARY_DIR} COPYONLY)
+configure_file("stopserver.sh" ${CMAKE_CURRENT_BINARY_DIR} COPYONLY)
+configure_file("startserver.ps1" ${CMAKE_CURRENT_BINARY_DIR} COPYONLY)
+configure_file("stopserver.ps1" ${CMAKE_CURRENT_BINARY_DIR} COPYONLY)
+configure_file("README.md" ${CMAKE_CURRENT_BINARY_DIR} COPYONLY)
+
+file(GLOB SSL_CERTIFICATES
+ "${CMAKE_CURRENT_SOURCE_DIR}/../../utilities/*Keys"
+)
+
+file(INSTALL ${SSL_CERTIFICATES} DESTINATION ${CMAKE_CURRENT_BINARY_DIR})
+
+target_link_libraries(${PROJECT_NAME}
+ PUBLIC
+ @PRODUCT_NAME_NOSPACE@::cpp)
+
+add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+ COMMAND ${CMAKE_COMMAND} -E copy_directory
+ $<SHELL_PATH:$<TARGET_FILE_DIR:OpenSSL::SSL>/../bin>
+ $<SHELL_PATH:$<TARGET_FILE_DIR:${PROJECT_NAME}>>
+ COMMAND ${CMAKE_COMMAND} -E copy
+ $<SHELL_PATH:$<TARGET_FILE:GeodeNative::crypto>>
+ $<SHELL_PATH:$<TARGET_FILE_DIR:${PROJECT_NAME}>>
+)
+
+if(WIN32)
+ add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+ COMMAND ${CMAKE_COMMAND} -E copy
+ $<SH...@.dll>
+ $<SHELL_PATH:$<TARGET_FILE_DIR:${PROJECT_NAME}>>
+ )
+endif()
diff --git a/examples/cpp/sslputget/README.md b/examples/cpp/sslputget/README.md
new file mode 100644
index 0000000..f7b417d
--- /dev/null
+++ b/examples/cpp/sslputget/README.md
@@ -0,0 +1,43 @@
+# SSLPutGet Example
+This example illustrates how to use SSL encryption for all traffic between a client application and Apache Geode.
+
+## Prerequisites
+* Install [Apache Geode](https://geode.apache.org)
+* Build and install [Apache Geode Native](https://github.com/apache/geode-native)
+* Apache Geode Native examples, built and installed
+* Set `GEODE_HOME` to the install directory of Apache Geode
+* Install [OpenSSL]()
+
+## Running
+1. From a command shell, set the current directory to the `sslputget` directory in your example workspace.
+
+ ```console
+ $ cd workspace/examples/cpp/sslputget
+ ```
+
+2. Run the `startserver` script to start the Geode cluster with authentication and create a region.
+
+ For Windows cmd:
+
+ ```console
+ $ powershell.exe -File startserver.ps1
+ ```
+
+ For Windows Powershell:
+
+ ```console
+ $ startserver.ps1
+ ```
+
+ For Bash:
+
+ ```console
+ $ ./startserver.sh
+ ```
+1. Execute `cpp-sslputget`, expect the following output:
+ ```console
+ Storing id and username in the region
+ Getting the user info from the region
+ rtimmons = Robert Timmons
+ scharles = Sylvia Charles
+ ```
\ No newline at end of file
diff --git a/examples/cpp/sslputget/main.cpp b/examples/cpp/sslputget/main.cpp
new file mode 100644
index 0000000..9bee39c
--- /dev/null
+++ b/examples/cpp/sslputget/main.cpp
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifdef _MSC_VER
+#include <direct.h>
+#include <stdlib.h>
+#include <windows.h>
+#undef max
+#else
+#include <unistd.h>
+#endif
+
+#include <iostream>
+#include <memory>
+#include <string>
+
+#include <geode/Cache.hpp>
+#include <geode/CacheFactory.hpp>
+#include <geode/PoolManager.hpp>
+#include <geode/RegionFactory.hpp>
+#include <geode/RegionShortcut.hpp>
+
+using apache::geode::client::CacheableString;
+using apache::geode::client::CacheFactory;
+using apache::geode::client::RegionShortcut;
+
+std::string myGetcwd() {
+ std::string cwd;
+
+#ifdef _MSC_VER
+ char buf[MAX_PATH];
+
+ if (_getcwd(buf, MAX_PATH)) {
+ cwd = buf;
+ }
+#else
+ char buf[PATH_MAX];
+ if (getcwd(buf, PATH_MAX)) {
+ cwd = buf;
+ }
+#endif
+ return cwd;
+}
+
+int main(int argc, char** argv) {
+ auto workingDirectory = myGetcwd();
+
+#ifdef _MSC_VER
+ workingDirectory += "/..";
+#endif
+
+ auto cache =
+ CacheFactory()
+ .set("log-level", "none")
+ .set("ssl-enabled", "true")
+ .set("ssl-keystore",
+ workingDirectory + "/ClientSslKeys/client_keystore.password.pem")
+ .set("ssl-keystore-password", "gemstone")
+ .set("ssl-truststore",
+ workingDirectory + "/ClientSslKeys/client_truststore.pem")
+ .create();
+
+ const auto pool = cache.getPoolManager()
+ .createFactory()
+ .addLocator("localhost", 10334)
+ .create("pool");
+
+ auto region = cache.createRegionFactory(RegionShortcut::PROXY)
+ .setPoolName("pool")
+ .create("testSSLRegion");
+
+ std::string rtimmonsKey = "rtimmons";
+ std::string rtimmonsValue = "Robert Timmons";
+ std::string scharlesKey = "scharles";
+ std::string scharlesValue = "Sylvia Charles";
+
+ std::cout << "Storing id and username in the region" << std::endl;
+
+ region->put(rtimmonsKey, rtimmonsValue);
+ region->put(scharlesKey, scharlesValue);
+
+ std::cout << "Getting the user info from the region" << std::endl;
+
+ const auto user1 = region->get(rtimmonsKey);
+ const auto user2 = region->get(scharlesKey);
+
+ std::cout << rtimmonsKey << " = "
+ << std::dynamic_pointer_cast<CacheableString>(user1)->value()
+ << '\n';
+ std::cout << scharlesKey << " = "
+ << std::dynamic_pointer_cast<CacheableString>(user2)->value()
+ << '\n';
+
+ cache.close();
+}
diff --git a/examples/dotnet/sslputget/startserver.ps1 b/examples/cpp/sslputget/startserver.ps1
similarity index 66%
copy from examples/dotnet/sslputget/startserver.ps1
copy to examples/cpp/sslputget/startserver.ps1
index 78c0f76..d0a649e 100644
--- a/examples/dotnet/sslputget/startserver.ps1
+++ b/examples/cpp/sslputget/startserver.ps1
@@ -35,5 +35,5 @@ else
if ($GFSH_PATH -ne "")
{
- Invoke-Expression "$GFSH_PATH -e 'start locator --name=locator --dir=$PSScriptRoot/locator --connect=false --J=-Dgemfire.ssl-enabled-components=all --J=-Dgemfire.ssl-keystore=$PSScriptRoot\..\..\Utilities\ServerSslKeys\server_keystore.jks --J=-Dgemfire.ssl-truststore=$PSScriptRoot\..\..\Utilities\ServerSslKeys\server_truststore.jks --J=-Dgemfire.ssl-keystore-password=gemstone --J=-Dgemfire.ssl-truststore-password=gemstone' -e 'connect --use-ssl=true --key-store=$PSScriptRoot\..\..\Ut [...]
-}
\ No newline at end of file
+ Invoke-Expression "$GFSH_PATH -e 'start locator --name=locator --dir=$PSScriptRoot/locator --connect=false --J=-Dgemfire.ssl-enabled-components=all --J=-Dgemfire.ssl-keystore=$PSScriptRoot\ServerSslKeys\server_keystore.jks --J=-Dgemfire.ssl-truststore=$PSScriptRoot\ServerSslKeys\server_truststore.jks --J=-Dgemfire.ssl-keystore-password=gemstone --J=-Dgemfire.ssl-truststore-password=gemstone' -e 'connect --use-ssl=true --key-store=$PSScriptRoot\ServerSslKeys\server_keystore.jks --trus [...]
+}
diff --git a/examples/cpp/sslputget/startserver.sh b/examples/cpp/sslputget/startserver.sh
new file mode 100755
index 0000000..4ea621c
--- /dev/null
+++ b/examples/cpp/sslputget/startserver.sh
@@ -0,0 +1,35 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/usr/bin/env bash
+GFSH_PATH=""
+which gfsh 2> /dev/null
+
+if [ $? -eq 0 ]; then
+ GFSH_PATH="gfsh"
+else
+ if [ "$GEODE_HOME" == "" ]; then
+ echo "Could not find gfsh. Please set the GEODE_HOME path."
+ echo "e.g. export GEODE_HOME=<path to Geode>"
+ else
+ GFSH_PATH=$GEODE_HOME/bin/gfsh
+ fi
+fi
+
+BASEDIR="$( cd "$( dirname "$0" )" && pwd )"
+
+$GFSH_PATH -e "start locator --name=locator --dir=locator --connect=false --J=-Dgemfire.ssl-enabled-components=all --J=-Dgemfire.ssl-keystore=${BASEDIR}/ServerSslKeys/server_keystore.jks --J=-Dgemfire.ssl-truststore=${BASEDIR}/ServerSslKeys/server_truststore.jks --J=-Dgemfire.ssl-keystore-password=gemstone --J=-Dgemfire.ssl-truststore-password=gemstone" -e "connect --use-ssl=true --key-store=${BASEDIR}/ServerSslKeys/server_keystore.jks --trust-store=${BASEDIR}/ServerSslKeys/server_trus [...]
+
+
diff --git a/examples/dotnet/sslputget/stopserver.ps1 b/examples/cpp/sslputget/stopserver.ps1
similarity index 81%
copy from examples/dotnet/sslputget/stopserver.ps1
copy to examples/cpp/sslputget/stopserver.ps1
index 742ce8d..4e59f7a 100644
--- a/examples/dotnet/sslputget/stopserver.ps1
+++ b/examples/cpp/sslputget/stopserver.ps1
@@ -35,5 +35,5 @@ else
if ($GFSH_PATH -ne "")
{
- Invoke-Expression "$GFSH_PATH -e 'connect' -e 'shutdown --include-locators=true'"
-}
\ No newline at end of file
+ Invoke-Expression "$GFSH_PATH -e 'connect --use-ssl=true --key-store=$PSScriptRoot\ServerSslKeys\server_keystore.jks --trust-store=$PSScriptRoot\ServerSslKeys\server_truststore.jks --trust-store-password=gemstone --key-store-password=gemstone' -e 'shutdown --include-locators=true'"
+}
diff --git a/examples/cpp/CMakeLists.txt.in b/examples/cpp/sslputget/stopserver.sh
old mode 100644
new mode 100755
similarity index 55%
copy from examples/cpp/CMakeLists.txt.in
copy to examples/cpp/sslputget/stopserver.sh
index 3cf7367..afa1c0f
--- a/examples/cpp/CMakeLists.txt.in
+++ b/examples/cpp/sslputget/stopserver.sh
@@ -13,16 +13,22 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-cmake_minimum_required(VERSION 3.10)
+#!/usr/bin/env bash
+GFSH_PATH=""
+which gfsh 2> /dev/null
-project(@PRODUCT_DLL_NAME@.Cpp.Examples LANGUAGES NONE)
+if [ $? -eq 0 ]; then
+ GFSH_PATH="gfsh"
+else
+ if [ "$GEODE_HOME" == "" ]; then
+ echo "Could not find gfsh. Please set the GEODE_HOME path."
+ echo "e.g. export GEODE_HOME=<path to Geode>"
+ else
+ GFSH_PATH=$GEODE_HOME/bin/gfsh
+ fi
+fi
+
+BASEDIR="$( cd "$( dirname "$0" )" && pwd )"
+
+$GFSH_PATH -e "connect --use-ssl=true --key-store=${BASEDIR}/ServerSslKeys/server_keystore.jks --trust-store=${BASEDIR}/ServerSslKeys/server_truststore.jks --trust-store-password=gemstone --key-store-password=gemstone" -e "shutdown --include-locators=true"
-add_subdirectory(authinitialize)
-add_subdirectory(continuousquery)
-add_subdirectory(dataserializable)
-add_subdirectory(function-execution)
-add_subdirectory(pdxserializable)
-add_subdirectory(pdxserializer)
-add_subdirectory(put-get-remove)
-add_subdirectory(remotequery)
-add_subdirectory(transaction)
diff --git a/examples/dotnet/sslputget/startserver.ps1 b/examples/dotnet/sslputget/startserver.ps1
index 78c0f76..d0a649e 100644
--- a/examples/dotnet/sslputget/startserver.ps1
+++ b/examples/dotnet/sslputget/startserver.ps1
@@ -35,5 +35,5 @@ else
if ($GFSH_PATH -ne "")
{
- Invoke-Expression "$GFSH_PATH -e 'start locator --name=locator --dir=$PSScriptRoot/locator --connect=false --J=-Dgemfire.ssl-enabled-components=all --J=-Dgemfire.ssl-keystore=$PSScriptRoot\..\..\Utilities\ServerSslKeys\server_keystore.jks --J=-Dgemfire.ssl-truststore=$PSScriptRoot\..\..\Utilities\ServerSslKeys\server_truststore.jks --J=-Dgemfire.ssl-keystore-password=gemstone --J=-Dgemfire.ssl-truststore-password=gemstone' -e 'connect --use-ssl=true --key-store=$PSScriptRoot\..\..\Ut [...]
-}
\ No newline at end of file
+ Invoke-Expression "$GFSH_PATH -e 'start locator --name=locator --dir=$PSScriptRoot/locator --connect=false --J=-Dgemfire.ssl-enabled-components=all --J=-Dgemfire.ssl-keystore=$PSScriptRoot\ServerSslKeys\server_keystore.jks --J=-Dgemfire.ssl-truststore=$PSScriptRoot\ServerSslKeys\server_truststore.jks --J=-Dgemfire.ssl-keystore-password=gemstone --J=-Dgemfire.ssl-truststore-password=gemstone' -e 'connect --use-ssl=true --key-store=$PSScriptRoot\ServerSslKeys\server_keystore.jks --trus [...]
+}
diff --git a/examples/dotnet/sslputget/stopserver.ps1 b/examples/dotnet/sslputget/stopserver.ps1
index 742ce8d..4e59f7a 100644
--- a/examples/dotnet/sslputget/stopserver.ps1
+++ b/examples/dotnet/sslputget/stopserver.ps1
@@ -35,5 +35,5 @@ else
if ($GFSH_PATH -ne "")
{
- Invoke-Expression "$GFSH_PATH -e 'connect' -e 'shutdown --include-locators=true'"
-}
\ No newline at end of file
+ Invoke-Expression "$GFSH_PATH -e 'connect --use-ssl=true --key-store=$PSScriptRoot\ServerSslKeys\server_keystore.jks --trust-store=$PSScriptRoot\ServerSslKeys\server_truststore.jks --trust-store-password=gemstone --key-store-password=gemstone' -e 'shutdown --include-locators=true'"
+}