ceph/src/jaegertracing/thrift/lib/d/src/thrift/server/transport/ssl.d

   1 /*
   2  * Licensed to the Apache Software Foundation (ASF) under one
   3  * or more contributor license agreements. See the NOTICE file
   4  * distributed with this work for additional information
   5  * regarding copyright ownership. The ASF licenses this file
   6  * to you under the Apache License, Version 2.0 (the
   7  * "License"); you may not use this file except in compliance
   8  * with the License. You may obtain a copy of the License at
   9  *
  10  *   http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  * Unless required by applicable law or agreed to in writing,
  13  * software distributed under the License is distributed on an
  14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  15  * KIND, either express or implied. See the License for the
  16  * specific language governing permissions and limitations
  17  * under the License.
  18  */
  19 module thrift.server.transport.ssl;
  20
  21 import std.datetime : Duration;
  22 import std.exception : enforce;
  23 import std.socket : Socket;
  24 import thrift.server.transport.socket;
  25 import thrift.transport.base;
  26 import thrift.transport.socket;
  27 import thrift.transport.ssl;
  28
  29 /**
  30  * A server transport implementation using SSL-encrypted sockets.
  31  *
  32  * Note:
  33  * On Posix systems which do not have the BSD-specific SO_NOSIGPIPE flag, you
  34  * might want to ignore the SIGPIPE signal, as OpenSSL might try to write to
  35  * a closed socket if the peer disconnects abruptly:
  36  * ---
  37  * import core.stdc.signal;
  38  * import core.sys.posix.signal;
  39  * signal(SIGPIPE, SIG_IGN);
  40  * ---
  41  *
  42  * See: thrift.transport.ssl.
  43  */
  44 class TSSLServerSocket : TServerSocket {
  45   /**
  46    * Creates a new TSSLServerSocket.
  47    *
  48    * Params:
  49    *   port = The port on which to listen.
  50    *   sslContext = The TSSLContext to use for creating client
  51    *     sockets. Must be in server-side mode.
  52    */
  53   this(ushort port, TSSLContext sslContext) {
  54     super(port);
  55     setSSLContext(sslContext);
  56   }
  57
  58   /**
  59    * Creates a new TSSLServerSocket.
  60    *
  61    * Params:
  62    *   port = The port on which to listen.
  63    *   sendTimeout = The send timeout to set on the client sockets.
  64    *   recvTimeout = The receive timeout to set on the client sockets.
  65    *   sslContext = The TSSLContext to use for creating client
  66    *     sockets. Must be in server-side mode.
  67    */
  68   this(ushort port, Duration sendTimeout, Duration recvTimeout,
  69     TSSLContext sslContext)
  70   {
  71     super(port, sendTimeout, recvTimeout);
  72     setSSLContext(sslContext);
  73   }
  74
  75 protected:
  76   override TSocket createTSocket(Socket socket) {
  77     return new TSSLSocket(sslContext_, socket);
  78   }
  79
  80 private:
  81   void setSSLContext(TSSLContext sslContext) {
  82     enforce(sslContext.serverSide, new TTransportException(
  83       "Need server-side SSL socket factory for TSSLServerSocket"));
  84     sslContext_ = sslContext;
  85   }
  86
  87   TSSLContext sslContext_;
  88 }