thrift-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Isuru Haththotuwa <>
Subject Implementing a Custom SSL Authorization Manager
Date Sun, 31 Mar 2013 06:47:46 GMT

I'm in the process of implementing a dummy SSL authorization manager which
will allow self signed certificates, etc. and will not perform host name

For the skipping host name verification, I have overridden AccessManager
class in TSSLSocket.h, and passed an instance to TSSLSocket::access().

For allowing self-signed certificates, I have overridden
TSSLSocket::authorize() and boost::shared_ptr<TSSLSocket>
TSSLSocketFactory::createSocket() as follows:

void DummyTSSLSocket::authorize() {

   //no implementation

boost::shared_ptr<TSSLSocket> DummyTSSLSocketFactory::createSocket() {

   boost::shared_ptr<TSSLSocket> sslSocket (new DummyTSSLSocket(ctx_));
   boost::shared_ptr<AccessManager> accessManager
                                     (new DummyAccessManager());
   return sslSocket;

The authorize() method skips authorization of peer access while
createSocket() method creates and return an instance of DummyTSSLSocket, in
which the I have the empty authorize() method as above.

However, in my client code both these methods are not seem to be getting
called. I checked it with couts. I use it as follows:

boost::shared_ptr<TSSLSocketFactory> socketFactory
                                (new DummyTSSLSocketFactory());
//load private, public and trusted certificates
boost::shared_ptr<TSSLSocket> socket =
                                 socketFactory->createSocket(host, port);
//rest of the implementation

Still I'm getting the original TSSLSocket::authorize() method's errors,
that means the overriden method in my class is not effective. Is there any
issue with my implementation?

The TSSLSocket interface and implementation that I followed are:

Thanks and Regards,

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message