blob: 24e5fd7fc3eab8d6db8211a48152b5df2c5e978d [file] [log] [blame]
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Thrift utility functions
from thrift.transport.TSocket import TSocket
from thrift.transport.TTransport import TBufferedTransport
import getpass
import sasl
import struct
def create_transport(host, port, service, transport_type="buffered", user=None,
password=None, use_ssl=False, ssl_cert=None):
Create a new Thrift Transport based on the requested type.
Supported transport types:
- buffered, returns simple buffered transport
- plain_sasl, return a SASL transport with the PLAIN mechanism
- kerberos, return a SASL transport with the GSSAPI mechanism
If use_ssl is True, the connection will use SSL, optionally using the file at ssl_cert
as the CA cert.
port = int(port)
if use_ssl:
from thrift.transport import TSSLSocket
if ssl_cert is None:
sock = TSSLSocket.TSSLSocket(host, port, validate=False)
sock = TSSLSocket.TSSLSocket(host, port, validate=True, ca_certs=ssl_cert)
# Set allowed SSL / TLS protocols to a permissive set to connect to any Impala server.
import ssl
sock = TSocket(host, port)
if transport_type.lower() == "buffered":
return TBufferedTransport(sock)
# Set defaults for LDAP connections
if transport_type.lower() == "plain_sasl":
if user is None: user = getpass.getuser()
if password is None: password = ""
# Initializes a sasl client
from shell.thrift_sasl import TSaslClientTransport
def sasl_factory():
sasl_client = sasl.Client()
sasl_client.setAttr("host", host)
sasl_client.setAttr("service", service)
if transport_type.lower() == "plain_sasl":
sasl_client.setAttr("username", user)
sasl_client.setAttr("password", password)
return sasl_client
if transport_type.lower() == "plain_sasl":
return TSaslClientTransport(sasl_factory, "PLAIN", sock)
# GSSASPI is the underlying mechanism used by kerberos to authenticate.
return TSaslClientTransport(sasl_factory, "GSSAPI", sock)
def op_handle_to_query_id(t_op_handle):
if t_op_handle is None or t_op_handle.operationId is None:
return None
# This should use the same logic as in ImpalaServer::THandleIdentifierToTUniqueId().
return "%x:%x" % struct.unpack("QQ", t_op_handle.operationId.guid)