You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2014/09/07 00:06:57 UTC

svn commit: r1622953 - in /qpid/trunk/qpid/python/qpid: client.py connection08.py

Author: kwall
Date: Sat Sep  6 22:06:57 2014
New Revision: 1622953

URL: http://svn.apache.org/r1622953
Log:
QPID-6086: [Python Client] 08..091 Add support for SSL and client cert authentication

Modified:
    qpid/trunk/qpid/python/qpid/client.py
    qpid/trunk/qpid/python/qpid/connection08.py

Modified: qpid/trunk/qpid/python/qpid/client.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/python/qpid/client.py?rev=1622953&r1=1622952&r2=1622953&view=diff
==============================================================================
--- qpid/trunk/qpid/python/qpid/client.py (original)
+++ qpid/trunk/qpid/python/qpid/client.py Sat Sep  6 22:06:57 2014
@@ -77,13 +77,13 @@ class Client:
       self.lock.release()
     return q
 
-  def start(self, response, mechanism="AMQPLAIN", locale="en_US", tune_params=None, client_properties=None):
+  def start(self, response, mechanism="AMQPLAIN", locale="en_US", tune_params=None, client_properties=None, connection_options=None):
     self.mechanism = mechanism
     self.response = response
     self.locale = locale
     self.tune_params = tune_params
     self.client_properties=get_client_properties_with_defaults(provided_client_properties=client_properties)
-    self.socket = connect(self.host, self.port)
+    self.socket = connect(self.host, self.port, connection_options)
     self.conn = Connection(self.socket, self.spec)
     self.peer = Peer(self.conn, ClientDelegate(self), Session)
 

Modified: qpid/trunk/qpid/python/qpid/connection08.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/python/qpid/connection08.py?rev=1622953&r1=1622952&r2=1622953&view=diff
==============================================================================
--- qpid/trunk/qpid/python/qpid/connection08.py (original)
+++ qpid/trunk/qpid/python/qpid/connection08.py Sat Sep  6 22:06:57 2014
@@ -63,8 +63,29 @@ class SockIO:
     self.sock.shutdown(SHUT_RDWR)
     self.sock.close()
 
-def connect(host, port):
+def connect(host, port, options = None):
   sock = socket.socket()
+
+  if options and options.get("ssl", False):
+    log.debug("Wrapping socket for SSL")
+    from ssl import wrap_socket, CERT_REQUIRED, CERT_NONE
+
+    ssl_certfile = options.get("ssl_certfile", None)
+    ssl_keyfile = options.get("ssl_keyfile", ssl_certfile)
+    ssl_trustfile = options.get("ssl_trustfile", None)
+    ssl_require_trust = options.get("ssl_require_trust", True)
+
+    if ssl_require_trust:
+      validate = CERT_REQUIRED
+    else:
+      validate = CERT_NONE
+
+    sock = wrap_socket(sock,
+                       keyfile = ssl_keyfile,
+                       certfile = ssl_certfile,
+                       ca_certs = ssl_trustfile,
+                       cert_reqs = validate)
+
   sock.connect((host, port))
   sock.setblocking(1)
   return SockIO(sock)



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org