You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@thrift.apache.org by "Ian Pye (JIRA)" <ji...@apache.org> on 2008/09/24 21:01:49 UTC

[jira] Updated: (THRIFT-106) TSSLServerSocket

     [ https://issues.apache.org/jira/browse/THRIFT-106?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ian Pye updated THRIFT-106:
---------------------------

    Attachment: ssl.patch

Here's a patch I've been working on which implements TSSLSocket and TSSLServerSocket classes in c++ -- I wasn't quite sure whether to send it here or start a new issue in the C++ category.

All of the IO is done via OpenSSL's BIO abstraction.

Currently both classes expect to be given .pem files which contain the X509 certs to use. TSSLServerSocket does not handle encrypted private keys, but it would be fairly easy to add this feature in.



> TSSLServerSocket
> ----------------
>
>                 Key: THRIFT-106
>                 URL: https://issues.apache.org/jira/browse/THRIFT-106
>             Project: Thrift
>          Issue Type: Improvement
>          Components: Library (Java)
>         Environment: n/a
>            Reporter: rico sec
>         Attachments: ssl.patch
>
>   Original Estimate: 6h
>  Remaining Estimate: 6h
>
> SSL Connection w/ autogenerated self signed x509 certs seems to be the state of the art for rpc layers.
> if thrift had one ...that would be very good.
> http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html
> if someone does this pls ping/email me, I will do some testing and write a simple key mgmt utility.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.