drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-5431) Support SSL
Date Wed, 27 Sep 2017 05:58:05 GMT

    [ https://issues.apache.org/jira/browse/DRILL-5431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16182051#comment-16182051
] 

ASF GitHub Bot commented on DRILL-5431:
---------------------------------------

Github user sohami commented on a diff in the pull request:

    https://github.com/apache/drill/pull/950#discussion_r141218943
  
    --- Diff: contrib/native/client/src/clientlib/channel.hpp ---
    @@ -0,0 +1,237 @@
    +/*
    + * Licensed to the Apache Software Foundation (ASF) under one
    + * or more contributor license agreements.  See the NOTICE file
    + * distributed with this work for additional information
    + * regarding copyright ownership.  The ASF licenses this file
    + * to you under the Apache License, Version 2.0 (the
    + * "License"); you may not use this file except in compliance
    + * with the License.  You may obtain a copy of the License at
    + *
    + * http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software
    + * distributed under the License is distributed on an "AS IS" BASIS,
    + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    + * See the License for the specific language governing permissions and
    + * limitations under the License.
    + */
    +
    +#ifndef CHANNEL_HPP
    +#define CHANNEL_HPP
    +
    +#include "drill/common.hpp"
    +#include "drill/drillClient.hpp"
    +#include "streamSocket.hpp"
    +
    +namespace Drill {
    +
    +class UserProperties;
    +
    +    class ConnectionEndpoint{
    +        public:
    +            ConnectionEndpoint(const char* connStr);
    +            ConnectionEndpoint(const char* host, const char* port);
    +            ~ConnectionEndpoint();
    +
    +            //parse the connection string and set up the host and port to connect to
    +            connectionStatus_t getDrillbitEndpoint();
    +
    +            std::string& getProtocol(){return m_protocol;}
    +            std::string& getHost(){return m_host;}
    +            std::string& getPort(){return m_port;}
    +            DrillClientError* getError(){ return m_pError;};
    +
    +        private:
    +            void parseConnectString();
    +            connectionStatus_t validateConnectionString();
    +            bool isDirectConnection();
    +            bool isZookeeperConnection();
    +            connectionStatus_t getDrillbitEndpointFromZk();
    +            connectionStatus_t handleError(connectionStatus_t status, std::string msg);
    +
    +            std::string m_connectString;
    +            std::string m_pathToDrill;
    +            std::string m_protocol; 
    +            std::string m_hostPortStr;
    +            std::string m_host;
    +            std::string m_port;
    +
    +            DrillClientError* m_pError;
    +
    +    };
    +
    +    class ChannelContext{
    +        public:
    +            ChannelContext(DrillUserProperties* props):m_properties(props){};
    +            virtual ~ChannelContext(){};
    +            const DrillUserProperties* getUserProperties() const { return m_properties;}
    +        protected:
    +            DrillUserProperties* m_properties;
    +    };
    +
    +    class SSLChannelContext: public ChannelContext{
    +        public:
    +            static boost::asio::ssl::context::method getTlsVersion(std::string version){
    +                if(version.empty()){
    +                    return boost::asio::ssl::context::tlsv12;
    +                } else if (version == "tlsv12") {
    +                    return boost::asio::ssl::context::tlsv12;
    +                } else if (version == "tlsv11") {
    +                    return boost::asio::ssl::context::tlsv11;
    +                } else if (version == "sslv23") {
    +                    return boost::asio::ssl::context::sslv23;
    +                } else if (version == "tlsv1") {
    +                    return boost::asio::ssl::context::tlsv1;
    +                } else if (version == "sslv3") {
    +                    return boost::asio::ssl::context::sslv3;
    +                } else {
    +                    return boost::asio::ssl::context::tlsv12;
    +                }
    +            }
    +
    +        SSLChannelContext(DrillUserProperties *props, boost::asio::ssl::context::method
tlsVersion, boost::asio::ssl::verify_mode verifyMode) :
    +                ChannelContext(props),
    +                m_SSLContext(tlsVersion) {
    +                m_SSLContext.set_default_verify_paths();
    +                m_SSLContext.set_options(
    +                        boost::asio::ssl::context::default_workarounds
    +                        | boost::asio::ssl::context::no_sslv2
    +                        | boost::asio::ssl::context::single_dh_use
    +                        );
    +                m_SSLContext.set_verify_mode(verifyMode);
    +            };
    +            ~SSLChannelContext(){};
    +            boost::asio::ssl::context& getSslContext(){ return m_SSLContext;}
    +        private:
    +            boost::asio::ssl::context m_SSLContext;
    +    };
    +
    +    typedef ChannelContext ChannelContext_t; 
    +    typedef SSLChannelContext SSLChannelContext_t; 
    +
    +    class ChannelContextFactory{
    +        public:
    +            static ChannelContext_t* getChannelContext(channelType_t t, DrillUserProperties*
props);
    +    };
    +
    +    /***
    +     * The Channel class encapsulates a connection to a drillbit. Based on 
    +     * the connection string and the options, the connection will be either 
    +     * a simple socket or a socket using an ssl stream. The class also encapsulates
    +     * connecting to a drillbit directly or thru zookeeper.
    +     * The channel class owns the socket and the io_service that the applications
    +     * will use to communicate with the server.
    +     ***/
    +    class Channel{
    +        public: 
    +            Channel(const char* connStr);
    +            Channel(const char* host, const char* port);
    +            Channel(boost::asio::io_service& ioService, const char* connStr);
    +            Channel(boost::asio::io_service& ioService, const char* host, const char*
port);
    +            virtual ~Channel();
    +            virtual connectionStatus_t init(ChannelContext_t* context)=0;
    --- End diff --
    
    Why are we using `connectionStatus_t` as return type for `init` of a channel. `init` is
not dealing with creating any connection, it is just setting some state of Channel object
and doing few validations. So return type can be changed to `bool type.`


> Support SSL
> -----------
>
>                 Key: DRILL-5431
>                 URL: https://issues.apache.org/jira/browse/DRILL-5431
>             Project: Apache Drill
>          Issue Type: New Feature
>          Components: Client - Java, Client - ODBC
>            Reporter: Sudheesh Katkam
>            Assignee: Parth Chandra
>
> Support SSL between Drillbit and JDBC/ODBC drivers. Drill already supports HTTPS for
web traffic.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message