OmniSciDB  1dac507f6e
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
ThriftClientConnection Class Reference

#include <ThriftClient.h>

+ Collaboration diagram for ThriftClientConnection:

Public Member Functions

 ThriftClientConnection (const std::string &server_host, const int port, const ThriftConnectionType conn_type, bool skip_host_verify, const std::string &ca_cert_name, const std::string &trust_cert_file)
 
 ThriftClientConnection (const std::string &server_host, const int port, const ThriftConnectionType conn_type, bool skip_host_verify, mapd::shared_ptr< TSSLSocketFactory > factory)
 
 ThriftClientConnection ()
 
mapd::shared_ptr< TTransport > open_buffered_client_transport (const std::string &server_host, const int port, const std::string &ca_cert_name, const bool with_timeout=false, const unsigned connect_timeout=0, const unsigned recv_timeount=0, const unsigned send_timeout=0)
 
mapd::shared_ptr< TTransport > open_http_client_transport (const std::string &server_host, const int port, const std::string &trust_cert_file_, bool use_https, bool skip_verify)
 
mapd::shared_ptr< TProtocol > get_protocol ()
 
virtual ~ThriftClientConnection ()
 

Private Attributes

std::string server_host_
 
int port_
 
ThriftConnectionType conn_type_
 
bool skip_host_verify_
 
std::string ca_cert_name_
 
std::string trust_cert_file_
 
bool using_X509_store_ = false
 
mapd::shared_ptr
< TSSLSocketFactory > 
factory_
 

Detailed Description

Definition at line 34 of file ThriftClient.h.

Constructor & Destructor Documentation

ThriftClientConnection::ThriftClientConnection ( const std::string &  server_host,
const int  port,
const ThriftConnectionType  conn_type,
bool  skip_host_verify,
const std::string &  ca_cert_name,
const std::string &  trust_cert_file 
)
inline

Definition at line 36 of file ThriftClient.h.

42  : server_host_(server_host)
43  , port_(port)
44  , conn_type_(conn_type)
45  , skip_host_verify_(skip_host_verify)
46  , ca_cert_name_(ca_cert_name)
47  , trust_cert_file_(trust_cert_file){};
ThriftConnectionType conn_type_
Definition: ThriftClient.h:79
std::string ca_cert_name_
Definition: ThriftClient.h:81
std::string trust_cert_file_
Definition: ThriftClient.h:82
std::string server_host_
Definition: ThriftClient.h:77
ThriftClientConnection::ThriftClientConnection ( const std::string &  server_host,
const int  port,
const ThriftConnectionType  conn_type,
bool  skip_host_verify,
mapd::shared_ptr< TSSLSocketFactory >  factory 
)

Definition at line 126 of file ThriftClient.cpp.

References BINARY_SSL, conn_type_, factory_, HTTPS, skip_host_verify_, and using_X509_store_.

132  : server_host_(server_host)
133  , port_(port)
134  , conn_type_(conn_type)
135  , skip_host_verify_(skip_host_verify)
136  , trust_cert_file_("") {
137  if (factory && (conn_type_ == ThriftConnectionType::BINARY_SSL ||
139  using_X509_store_ = true;
140  factory_ = factory;
141  factory_->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
142  if (skip_host_verify_) {
143  factory_->access(
144  mapd::shared_ptr<InsecureAccessManager>(new InsecureAccessManager()));
145  }
146  }
147 }
ThriftConnectionType conn_type_
Definition: ThriftClient.h:79
mapd::shared_ptr< TSSLSocketFactory > factory_
Definition: ThriftClient.h:84
std::string trust_cert_file_
Definition: ThriftClient.h:82
std::string server_host_
Definition: ThriftClient.h:77
ThriftClientConnection::ThriftClientConnection ( )
inline

Definition at line 55 of file ThriftClient.h.

55 {};
ThriftClientConnection::~ThriftClientConnection ( )
virtual

Definition at line 125 of file ThriftClient.cpp.

125 {}

Member Function Documentation

mapd::shared_ptr< TProtocol > ThriftClientConnection::get_protocol ( )

Definition at line 149 of file ThriftClient.cpp.

References ca_cert_name_, conn_type_, HTTP, HTTPS, open_buffered_client_transport(), open_http_client_transport(), port_, server_host_, skip_host_verify_, and to_string().

Referenced by RowToColumnLoader::createConnection().

149  {
150  mapd::shared_ptr<apache::thrift::transport::TTransport> mytransport;
154  port_,
158 
159  } else {
161  }
162 
163  try {
164  mytransport->open();
165  } catch (const apache::thrift::TException& e) {
166  throw apache::thrift::TException(std::string(e.what()) + ": host " + server_host_ +
167  ", port " + std::to_string(port_));
168  }
171  return mapd::shared_ptr<TProtocol>(new TJSONProtocol(mytransport));
172  } else {
173  return mapd::shared_ptr<TProtocol>(new TBinaryProtocol(mytransport));
174  }
175 }
ThriftConnectionType conn_type_
Definition: ThriftClient.h:79
mapd::shared_ptr< TTransport > open_http_client_transport(const std::string &server_host, const int port, const std::string &trust_cert_file_, bool use_https, bool skip_verify)
std::string to_string(char const *&&v)
mapd::shared_ptr< TTransport > open_buffered_client_transport(const std::string &server_host, const int port, const std::string &ca_cert_name, const bool with_timeout=false, const unsigned connect_timeout=0, const unsigned recv_timeount=0, const unsigned send_timeout=0)
std::string ca_cert_name_
Definition: ThriftClient.h:81
std::string server_host_
Definition: ThriftClient.h:77

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

mapd::shared_ptr< TTransport > ThriftClientConnection::open_buffered_client_transport ( const std::string &  server_host,
const int  port,
const std::string &  ca_cert_name,
const bool  with_timeout = false,
const unsigned  connect_timeout = 0,
const unsigned  recv_timeount = 0,
const unsigned  send_timeout = 0 
)

Definition at line 177 of file ThriftClient.cpp.

References factory_, and using_X509_store_.

Referenced by get_protocol().

184  {
185  mapd::shared_ptr<TTransport> transport;
186 
187  if (!factory_ && !ca_cert_name.empty()) {
188  // need to build a factory once for ssl conection
189  factory_ =
190  mapd::shared_ptr<TSSLSocketFactory>(new TSSLSocketFactory(SSLProtocol::SSLTLS));
191  factory_->ciphers("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
192  factory_->loadTrustedCertificates(ca_cert_name.c_str());
193  factory_->authenticate(false);
194  factory_->access(
195  mapd::shared_ptr<InsecureAccessManager>(new InsecureAccessManager()));
196  }
197  if (!using_X509_store_ && ca_cert_name.empty()) {
198  const auto socket = mapd::make_shared<TSocket>(server_host, port);
199  if (with_timeout) {
200  socket->setConnTimeout(connect_timeout);
201  socket->setRecvTimeout(recv_timeout);
202  socket->setSendTimeout(send_timeout);
203  }
204  transport = mapd::make_shared<TBufferedTransport>(socket);
205  } else {
206  mapd::shared_ptr<TSocket> secure_socket = factory_->createSocket(server_host, port);
207  if (with_timeout) {
208  secure_socket->setConnTimeout(connect_timeout);
209  secure_socket->setRecvTimeout(recv_timeout);
210  secure_socket->setSendTimeout(send_timeout);
211  }
212  transport = mapd::shared_ptr<TTransport>(new TBufferedTransport(secure_socket));
213  }
214 
215  return transport;
216 }
unsigned connect_timeout
Definition: MapDServer.cpp:70
mapd::shared_ptr< TSSLSocketFactory > factory_
Definition: ThriftClient.h:84
unsigned send_timeout
Definition: MapDServer.cpp:72
unsigned recv_timeout
Definition: MapDServer.cpp:71

+ Here is the caller graph for this function:

mapd::shared_ptr< TTransport > ThriftClientConnection::open_http_client_transport ( const std::string &  server_host,
const int  port,
const std::string &  trust_cert_file_,
bool  use_https,
bool  skip_verify 
)

Definition at line 218 of file ThriftClient.cpp.

References factory_, trust_cert_file_, and using_X509_store_.

Referenced by get_protocol().

223  {
224  std::string trust_cert_file{trust_cert_fileX};
225  if (trust_cert_file_.empty()) {
226  static std::list<std::string> v_known_ca_paths({
227  "/etc/ssl/certs/ca-certificates.crt",
228  "/etc/pki/tls/certs/ca-bundle.crt",
229  "/usr/share/ssl/certs/ca-bundle.crt",
230  "/usr/local/share/certs/ca-root.crt",
231  "/etc/ssl/cert.pem",
232  "/etc/ssl/ca-bundle.pem",
233  });
234  for (const auto& known_ca_path : v_known_ca_paths) {
235  if (boost::filesystem::exists(known_ca_path)) {
236  trust_cert_file = known_ca_path;
237  break;
238  }
239  }
240  }
241 
242  if (!factory_) {
243  factory_ =
244  mapd::shared_ptr<TSSLSocketFactory>(new TSSLSocketFactory(SSLProtocol::SSLTLS));
245  }
246  mapd::shared_ptr<TTransport> transport;
247  mapd::shared_ptr<TTransport> socket;
248  if (use_https) {
249  if (skip_verify) {
250  factory_->authenticate(false);
251  factory_->access(
252  mapd::shared_ptr<InsecureAccessManager>(new InsecureAccessManager()));
253  }
254  if (!using_X509_store_) {
255  factory_->loadTrustedCertificates(trust_cert_file.c_str());
256  }
257  socket = factory_->createSocket(server_host, port);
258  // transport = mapd::shared_ptr<TTransport>(new THttpClient(socket,
259  // server_host,
260  // "/"));
261  transport =
262  mapd::shared_ptr<TTransport>(new ProxyTHttpClient(socket, server_host, "/"));
263  } else {
264  transport =
265  mapd::shared_ptr<TTransport>(new ProxyTHttpClient(server_host, port, "/"));
266  }
267  return transport;
268 }
mapd::shared_ptr< TSSLSocketFactory > factory_
Definition: ThriftClient.h:84
std::string trust_cert_file_
Definition: ThriftClient.h:82

+ Here is the caller graph for this function:

Member Data Documentation

std::string ThriftClientConnection::ca_cert_name_
private

Definition at line 81 of file ThriftClient.h.

Referenced by get_protocol().

ThriftConnectionType ThriftClientConnection::conn_type_
private

Definition at line 79 of file ThriftClient.h.

Referenced by get_protocol(), and ThriftClientConnection().

mapd::shared_ptr<TSSLSocketFactory> ThriftClientConnection::factory_
private
int ThriftClientConnection::port_
private

Definition at line 78 of file ThriftClient.h.

Referenced by get_protocol().

std::string ThriftClientConnection::server_host_
private

Definition at line 77 of file ThriftClient.h.

Referenced by get_protocol().

bool ThriftClientConnection::skip_host_verify_
private

Definition at line 80 of file ThriftClient.h.

Referenced by get_protocol(), and ThriftClientConnection().

std::string ThriftClientConnection::trust_cert_file_
private

Definition at line 82 of file ThriftClient.h.

Referenced by open_http_client_transport().

bool ThriftClientConnection::using_X509_store_ = false
private

The documentation for this class was generated from the following files: