Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-4066

Perl client, C++ Server in cross test with SSL fails, tlsv1 alert unknown ca

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 0.10.0
    • None
    • C++ - Library, Perl - Library, Test Suite
    • None

    • Ubuntu 14.04 (gcc 4.6.4) Perl 5.18

    Description

      I re-enabled the two cpp-perl SSL based tests in make cross and they failed:

      cpp-perl binary framed-ip-ssl failure(255)
      cpp-perl binary buffered-ip-ssl failure(255)

      The cpp server complained that "tlsv1 alert unknown ca".

      Thu Feb 02 14:07:33 2017
Executing: /home/jking/thrift/github/thrift/test/cpp/TestServer --protocol=binary --transport=buffered --ssl --port=41785
Directory: /home/jking/thrift/github/thrift/test/cpp
config:delay: 5
config:timeout: 5
==========================================================================
Starting "simple" server (buffered/binary) listen on: 41785
Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: error code: 0
Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
Thrift: Thu Feb  2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca

Server process is successfully killed.
==========================================================================
Process is killed.
Test execution took 2.2 seconds.
Thu Feb 02 14:07:35 2017

      The perl client simply said it could not connect:

      Thu Feb 02 14:07:35 2017
Executing: perl -Igen-perl/ -I../../lib/perl/lib/ TestClient.pl --cert=../keys/client.pem --protocol=binary --transport=buffered --ssl --port=41785
Directory: /home/jking/thrift/github/thrift/test/perl
config:delay: 5
config:timeout: 5
==========================================================================
$VAR1 = bless( {
                 'message' => 'Thrift::SSLSocket: Could not connect to localhost:41785 ()',
                 'code' => 0
               }, 'Thrift::TException' );
==========================================================================
Return code: 255
Test execution took 0.1 seconds.
Thu Feb 02 14:07:35 2017

      Given both tests should be using the same certificate files, this is quite odd.

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. THRIFT-3272 Perl SSL Authentication Support

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #1189

          Activity

            People

              jking3 James E. King III
              jking3 James E. King III
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: