From 2b969add48431feab8c1769e05e15a572fba1e3d Mon Sep 17 00:00:00 2001 From: Bryan Duxbury Date: Tue, 22 Feb 2011 18:20:53 +0000 Subject: [PATCH] THRIFT-1068. py: Python SSL Socket Support A python implementation of TSSLSocket. Patch: Kevin Worth git-svn-id: https://svn.apache.org/repos/asf/thrift/trunk@1073447 13f79535-47bb-0310-9956-ffa450edef68 --- lib/py/src/transport/TSSLSocket.py | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 lib/py/src/transport/TSSLSocket.py diff --git a/lib/py/src/transport/TSSLSocket.py b/lib/py/src/transport/TSSLSocket.py new file mode 100644 index 00000000..8ab91ca6 --- /dev/null +++ b/lib/py/src/transport/TSSLSocket.py @@ -0,0 +1,38 @@ +import sys +sys.path.append('/usr/lib/python2.6/site-packages/') + +from thrift.transport import TSocket +import socket, ssl + +class TSSLSocket(TSocket.TSocket): + def open(self): + try: + res0 = self._resolveAddr() + for res in res0: + plain_sock = socket.socket(res[0], res[1]) + #TODO verify server cert + self.handle = ssl.wrap_socket(plain_sock, ssl_version=ssl.PROTOCOL_TLSv1) + self.handle.settimeout(self._timeout) + try: + self.handle.connect(res[4]) + except socket.error, e: + if res is not res0[-1]: + continue + else: + raise e + break + except socket.error, e: + if self._unix_socket: + message = 'Could not connect to secure socket %s' % self._unix_socket + else: + message = 'Could not connect to %s:%d' % (self.host, self.port) + raise TTransportException(type=TTransportException.NOT_OPEN, message=message) + +class TSSLServerSocket(TSocket.TServerSocket): + def accept(self): + plain_client, addr = self.handle.accept() + result = TSocket.TSocket() + #TODO take certfile/keyfile as a parameter at setup + client = ssl.wrap_socket(plain_client, certfile='cert.pem', server_side=True) + result.setHandle(client) + return result -- 2.17.1