def _x_start_ok(self, client_properties, mechanism, response, locale):
"""
select security mechanism and locale
This method selects a SASL security mechanism. ASL uses SASL
(RFC2222) to negotiate authentication and encryption.
PARAMETERS:
client_properties: table
client properties
mechanism: shortstr
selected security mechanism
A single security mechanisms selected by the client,
which must be one of those specified by the server.
RULE:
The client SHOULD authenticate using the highest-
level security profile it can handle from the list
provided by the server.
RULE:
The mechanism field MUST contain one of the
security mechanisms proposed by the server in the
Start method. If it doesn't, the server MUST close
the socket.
response: longstr
security response data
A block of opaque data passed to the security
mechanism. The contents of this data are defined by
the SASL security mechanism. For the PLAIN security
mechanism this is defined as a field table holding two
fields, LOGIN and PASSWORD.
locale: shortstr
selected message locale
A single message local selected by the client, which
must be one of those specified by the server.
"""
args = AMQPWriter()
args.write_table(client_properties)
args.write_shortstr(mechanism)
args.write_longstr(response)
args.write_shortstr(locale)
self._send_method((10, 11), args)
def _x_start_ok(self, client_properties, mechanism, response, locale):
"""
select security mechanism and locale
This method selects a SASL security mechanism. ASL uses SASL
(RFC2222) to negotiate authentication and encryption.
PARAMETERS:
client_properties: table
client properties
mechanism: shortstr
selected security mechanism
A single security mechanisms selected by the client,
which must be one of those specified by the server.
RULE:
The client SHOULD authenticate using the highest-
level security profile it can handle from the list
provided by the server.
RULE:
The mechanism field MUST contain one of the
security mechanisms proposed by the server in the
Start method. If it doesn't, the server MUST close
the socket.
response: longstr
security response data
A block of opaque data passed to the security
mechanism. The contents of this data are defined by
the SASL security mechanism. For the PLAIN security
mechanism this is defined as a field table holding two
fields, LOGIN and PASSWORD.
locale: shortstr
selected message locale
A single message local selected by the client, which
must be one of those specified by the server.
"""
args = AMQPWriter()
args.write_table(client_properties)
args.write_shortstr(mechanism)
args.write_longstr(response)
args.write_shortstr(locale)
self._send_method((10, 11), args)
def _x_tune_ok(self, channel_max, frame_max, heartbeat):
"""
negotiate connection tuning parameters
This method sends the client's connection tuning parameters to
the server. Certain fields are negotiated, others provide
capability information.
PARAMETERS:
channel_max: short
negotiated maximum channels
The maximum total number of channels that the client
will use per connection. May not be higher than the
value specified by the server.
RULE:
The server MAY ignore the channel-max value or MAY
use it for tuning its resource allocation.
frame_max: long
negotiated maximum frame size
The largest frame size that the client and server will
use for the connection. Zero means that the client
does not impose any specific limit but may reject very
large frames if it cannot allocate resources for them.
Note that the frame-max limit applies principally to
content frames, where large contents can be broken
into frames of arbitrary size.
RULE:
Until the frame-max has been negotiated, both
peers must accept frames of up to 4096 octets
large. The minimum non-zero value for the frame-
max field is 4096.
heartbeat: short
desired heartbeat delay
The delay, in seconds, of the connection heartbeat
that the client wants. Zero means the client does not
want a heartbeat.
"""
args = AMQPWriter()
args.write_short(channel_max)
args.write_long(frame_max)
args.write_short(heartbeat)
self._send_method((10, 31), args)
self._wait_tune_ok = False
def _x_secure_ok(self, response):
"""
security mechanism response
This method attempts to authenticate, passing a block of SASL
data for the security mechanism at the server side.
PARAMETERS:
response: longstr
security response data
A block of opaque data passed to the security
mechanism. The contents of this data are defined by
the SASL security mechanism.
"""
args = AMQPWriter()
args.write_longstr(response)
self._send_method((10, 21), args)
def _x_secure_ok(self, response):
"""
security mechanism response
This method attempts to authenticate, passing a block of SASL
data for the security mechanism at the server side.
PARAMETERS:
response: longstr
security response data
A block of opaque data passed to the security
mechanism. The contents of this data are defined by
the SASL security mechanism.
"""
args = AMQPWriter()
args.write_longstr(response)
self._send_method((10, 21), args)
def _x_tune_ok(self, channel_max, frame_max, heartbeat):
"""
negotiate connection tuning parameters
This method sends the client's connection tuning parameters to
the server. Certain fields are negotiated, others provide
capability information.
PARAMETERS:
channel_max: short
negotiated maximum channels
The maximum total number of channels that the client
will use per connection. May not be higher than the
value specified by the server.
RULE:
The server MAY ignore the channel-max value or MAY
use it for tuning its resource allocation.
frame_max: long
negotiated maximum frame size
The largest frame size that the client and server will
use for the connection. Zero means that the client
does not impose any specific limit but may reject very
large frames if it cannot allocate resources for them.
Note that the frame-max limit applies principally to
content frames, where large contents can be broken
into frames of arbitrary size.
RULE:
Until the frame-max has been negotiated, both
peers must accept frames of up to 4096 octets
large. The minimum non-zero value for the frame-
max field is 4096.
heartbeat: short
desired heartbeat delay
The delay, in seconds, of the connection heartbeat
that the client wants. Zero means the client does not
want a heartbeat.
"""
args = AMQPWriter()
args.write_short(channel_max)
args.write_long(frame_max)
args.write_short(heartbeat)
self._send_method((10, 31), args)
self._wait_tune_ok = False
def __init__(self,
host='localhost',
userid='guest',
password='******',
login_method='AMQPLAIN',
login_response=None,
virtual_host='/',
locale='en_US',
client_properties=None,
ssl=False,
insist=False,
connect_timeout=None,
**kwargs):
"""
Create a connection to the specified host, which should be
a 'host[:port]', such as 'localhost', or '1.2.3.4:5672'
(defaults to 'localhost', if a port is not specified then
5672 is used)
If login_response is not specified, one is built up for you from
userid and password if they are present.
The 'ssl' parameter may be simply True/False, or for Python >= 2.6
a dictionary of options to pass to ssl.wrap_socket() such as
requiring certain certificates.
"""
if (login_response is None) \
and (userid is not None) \
and (password is not None):
login_response = AMQPWriter()
login_response.write_table({'LOGIN': userid, 'PASSWORD': password})
login_response = login_response.getvalue()[4:] #Skip the length
#at the beginning
d = {}
d.update(LIBRARY_PROPERTIES)
if client_properties:
d.update(client_properties)
self.known_hosts = ''
while True:
self.channels = {}
# The connection object itself is treated as channel 0
super(Connection, self).__init__(self, 0)
self.transport = None
# Properties set in the Tune method
self.channel_max = 65535
self.frame_max = 131072
self.heartbeat = 0
# Properties set in the Start method
self.version_major = 0
self.version_minor = 0
self.server_properties = {}
self.mechanisms = []
self.locales = []
# Let the transport.py module setup the actual
# socket connection to the broker.
#
self.transport = create_transport(host, connect_timeout, ssl)
self.method_reader = MethodReader(self.transport)
self.method_writer = MethodWriter(self.transport, self.frame_max)
self.wait(allowed_methods=[
(10, 10), # start
])
self._x_start_ok(d, login_method, login_response, locale)
self._wait_tune_ok = True
while self._wait_tune_ok:
self.wait(allowed_methods=[
(10, 20), # secure
(10, 30), # tune
])
host = self._x_open(virtual_host, insist=insist)
if host is None:
# we weren't redirected
return
# we were redirected, close the socket, loop and try again
try:
self.close()
except Exception:
pass
def _x_open(self, virtual_host, capabilities='', insist=False):
"""
open connection to virtual host
This method opens a connection to a virtual host, which is a
collection of resources, and acts to separate multiple
application domains within a server.
RULE:
The client MUST open the context before doing any work on
the connection.
PARAMETERS:
virtual_host: shortstr
virtual host name
The name of the virtual host to work with.
RULE:
If the server supports multiple virtual hosts, it
MUST enforce a full separation of exchanges,
queues, and all associated entities per virtual
host. An application, connected to a specific
virtual host, MUST NOT be able to access resources
of another virtual host.
RULE:
The server SHOULD verify that the client has
permission to access the specified virtual host.
RULE:
The server MAY configure arbitrary limits per
virtual host, such as the number of each type of
entity that may be used, per connection and/or in
total.
capabilities: shortstr
required capabilities
The client may specify a number of capability names,
delimited by spaces. The server can use this string
to how to process the client's connection request.
insist: boolean
insist on connecting to server
In a configuration with multiple load-sharing servers,
the server may respond to a Connection.Open method
with a Connection.Redirect. The insist option tells
the server that the client is insisting on a
connection to the specified server.
RULE:
When the client uses the insist option, the server
SHOULD accept the client connection unless it is
technically unable to do so.
"""
args = AMQPWriter()
args.write_shortstr(virtual_host)
args.write_shortstr(capabilities)
args.write_bit(insist)
self._send_method((10, 40), args)
return self.wait(allowed_methods=[
(10, 41), # Connection.open_ok
(10, 50), # Connection.redirect
])
def close(self, reply_code=0, reply_text='', method_sig=(0, 0)):
"""
request a connection close
This method indicates that the sender wants to close the
connection. This may be due to internal conditions (e.g. a
forced shut-down) or due to an error handling a specific
method, i.e. an exception. When a close is due to an
exception, the sender provides the class and method id of the
method which caused the exception.
RULE:
After sending this method any received method except the
Close-OK method MUST be discarded.
RULE:
The peer sending this method MAY use a counter or timeout
to detect failure of the other peer to respond correctly
with the Close-OK method.
RULE:
When a server receives the Close method from a client it
MUST delete all server-side resources associated with the
client's context. A client CANNOT reconnect to a context
after sending or receiving a Close method.
PARAMETERS:
reply_code: short
The reply code. The AMQ reply codes are defined in AMQ
RFC 011.
reply_text: shortstr
The localised reply text. This text can be logged as an
aid to resolving issues.
class_id: short
failing method class
When the close is provoked by a method exception, this
is the class of the method.
method_id: short
failing method ID
When the close is provoked by a method exception, this
is the ID of the method.
"""
if self.transport is None:
# already closed
return
args = AMQPWriter()
args.write_short(reply_code)
args.write_shortstr(reply_text)
args.write_short(method_sig[0]) # class_id
args.write_short(method_sig[1]) # method_id
self._send_method((10, 60), args)
return self.wait(allowed_methods=[
(10, 61), # Connection.close_ok
])
def __init__(
self,
host="localhost",
userid="guest",
password="******",
login_method="AMQPLAIN",
login_response=None,
virtual_host="/",
locale="en_US",
client_properties=None,
ssl=False,
insist=False,
connect_timeout=None,
**kwargs
):
"""
Create a connection to the specified host, which should be
a 'host[:port]', such as 'localhost', or '1.2.3.4:5672'
(defaults to 'localhost', if a port is not specified then
5672 is used)
If login_response is not specified, one is built up for you from
userid and password if they are present.
"""
if (login_response is None) and (userid is not None) and (password is not None):
login_response = AMQPWriter()
login_response.write_table({"LOGIN": userid, "PASSWORD": password})
login_response = login_response.getvalue()[4:] # Skip the length
# at the beginning
d = {}
d.update(LIBRARY_PROPERTIES)
if client_properties:
d.update(client_properties)
self.known_hosts = ""
while True:
self.channels = {}
# The connection object itself is treated as channel 0
super(Connection, self).__init__(self, 0)
self.transport = None
# Properties set in the Tune method
self.channel_max = 65535
self.frame_max = 131072
self.heartbeat = 0
# Properties set in the Start method
self.version_major = 0
self.version_minor = 0
self.server_properties = {}
self.mechanisms = []
self.locales = []
# Let the transport.py module setup the actual
# socket connection to the broker.
#
self.transport = create_transport(host, connect_timeout, ssl)
self.method_reader = MethodReader(self.transport)
self.method_writer = MethodWriter(self.transport, self.frame_max)
self.wait(allowed_methods=[(10, 10)]) # start
self._x_start_ok(d, login_method, login_response, locale)
self._wait_tune_ok = True
while self._wait_tune_ok:
self.wait(allowed_methods=[(10, 20), (10, 30)]) # secure # tune
host = self._x_open(virtual_host, insist=insist)
if host is None:
# we weren't redirected
return
# we were redirected, close the socket, loop and try again
try:
self.close()
except Exception:
pass
def _x_open(self, virtual_host, capabilities="", insist=False):
"""
open connection to virtual host
This method opens a connection to a virtual host, which is a
collection of resources, and acts to separate multiple
application domains within a server.
RULE:
The client MUST open the context before doing any work on
the connection.
PARAMETERS:
virtual_host: shortstr
virtual host name
The name of the virtual host to work with.
RULE:
If the server supports multiple virtual hosts, it
MUST enforce a full separation of exchanges,
queues, and all associated entities per virtual
host. An application, connected to a specific
virtual host, MUST NOT be able to access resources
of another virtual host.
RULE:
The server SHOULD verify that the client has
permission to access the specified virtual host.
RULE:
The server MAY configure arbitrary limits per
virtual host, such as the number of each type of
entity that may be used, per connection and/or in
total.
capabilities: shortstr
required capabilities
The client may specify a number of capability names,
delimited by spaces. The server can use this string
to how to process the client's connection request.
insist: boolean
insist on connecting to server
In a configuration with multiple load-sharing servers,
the server may respond to a Connection.Open method
with a Connection.Redirect. The insist option tells
the server that the client is insisting on a
connection to the specified server.
RULE:
When the client uses the insist option, the server
SHOULD accept the client connection unless it is
technically unable to do so.
"""
args = AMQPWriter()
args.write_shortstr(virtual_host)
args.write_shortstr(capabilities)
args.write_bit(insist)
self._send_method((10, 40), args)
return self.wait(allowed_methods=[(10, 41), (10, 50)]) # Connection.open_ok # Connection.redirect
def close(self, reply_code=0, reply_text="", method_sig=(0, 0)):
"""
request a connection close
This method indicates that the sender wants to close the
connection. This may be due to internal conditions (e.g. a
forced shut-down) or due to an error handling a specific
method, i.e. an exception. When a close is due to an
exception, the sender provides the class and method id of the
method which caused the exception.
RULE:
After sending this method any received method except the
Close-OK method MUST be discarded.
RULE:
The peer sending this method MAY use a counter or timeout
to detect failure of the other peer to respond correctly
with the Close-OK method.
RULE:
When a server receives the Close method from a client it
MUST delete all server-side resources associated with the
client's context. A client CANNOT reconnect to a context
after sending or receiving a Close method.
PARAMETERS:
reply_code: short
The reply code. The AMQ reply codes are defined in AMQ
RFC 011.
reply_text: shortstr
The localised reply text. This text can be logged as an
aid to resolving issues.
class_id: short
failing method class
When the close is provoked by a method exception, this
is the class of the method.
method_id: short
failing method ID
When the close is provoked by a method exception, this
is the ID of the method.
"""
if self.transport is None:
# already closed
return
args = AMQPWriter()
args.write_short(reply_code)
args.write_shortstr(reply_text)
args.write_short(method_sig[0]) # class_id
args.write_short(method_sig[1]) # method_id
self._send_method((10, 60), args)
return self.wait(allowed_methods=[(10, 61)]) # Connection.close_ok