def create_transport(host, port, service, transport_type="buffered"):
"""
Create a new Thrift Transport based on the requested type.
Supported transport types:
- buffered, returns simple buffered transport
- plain_sasl, return a SASL transport with the PLAIN mechanism
- kerberos, return a SASL transport with the GSSAPI mechanism
"""
sock = TSocket(host, int(port))
if transport_type.lower() == "buffered":
return TBufferedTransport(sock)
# Initializes a sasl client
from shell.thrift_sasl import TSaslClientTransport
def sasl_factory():
try:
import saslwrapper as sasl
except ImportError:
print 'saslwrapper not found, trying to import sasl'
import sasl
sasl_client = sasl.Client()
sasl_client.setAttr("host", host)
sasl_client.setAttr("service", service)
if transport_type.lower() == "plain_sasl":
sasl_client.setAttr("username", getpass.getuser())
sasl_client.setAttr("password", getpass.getuser())
sasl_client.init()
return sasl_client
if transport_type.lower() == "plain_sasl":
return TSaslClientTransport(sasl_factory, "PLAIN", sock)
else:
# GSSASPI is the underlying mechanism used by kerberos to authenticate.
return TSaslClientTransport(sasl_factory, "GSSAPI", sock)
def create_transport(host,
port,
service,
transport_type="buffered",
user=None,
password=None,
use_ssl=False,
ssl_cert=None):
"""
Create a new Thrift Transport based on the requested type.
Supported transport types:
- buffered, returns simple buffered transport
- plain_sasl, return a SASL transport with the PLAIN mechanism
- kerberos, return a SASL transport with the GSSAPI mechanism
If use_ssl is True, the connection will use SSL, optionally using the file at ssl_cert
as the CA cert.
"""
port = int(port)
if use_ssl:
from thrift.transport import TSSLSocket
if ssl_cert is None:
sock = TSSLSocket.TSSLSocket(host, port, validate=False)
else:
sock = TSSLSocket.TSSLSocket(host,
port,
validate=True,
ca_certs=ssl_cert)
# Set allowed SSL / TLS protocols to a permissive set to connect to any Impala server.
import ssl
sock.SSL_VERSION = ssl.PROTOCOL_SSLv23
else:
sock = TSocket(host, port)
if transport_type.lower() == "buffered":
return TBufferedTransport(sock)
# Set defaults for LDAP connections
if transport_type.lower() == "plain_sasl":
if user is None: user = getpass.getuser()
if password is None: password = ""
# Initializes a sasl client
from shell.thrift_sasl import TSaslClientTransport
def sasl_factory():
sasl_client = sasl.Client()
sasl_client.setAttr("host", host)
sasl_client.setAttr("service", service)
if transport_type.lower() == "plain_sasl":
sasl_client.setAttr("username", user)
sasl_client.setAttr("password", password)
sasl_client.init()
return sasl_client
if transport_type.lower() == "plain_sasl":
return TSaslClientTransport(sasl_factory, "PLAIN", sock)
else:
# GSSASPI is the underlying mechanism used by kerberos to authenticate.
return TSaslClientTransport(sasl_factory, "GSSAPI", sock)
def create_transport(use_kerberos, host, port, service):
"""
Create a new Transport based on the connection type.
If not using kerberos, just return a simple buffered transport. For
the kerberos, a sasl transport is created.
"""
sock = TSocket(host, int(port))
if not use_kerberos:
return TBufferedTransport(sock)
# Initializes a sasl client
from shell.thrift_sasl import TSaslClientTransport
def sasl_factory():
try:
import saslwrapper as sasl
except ImportError:
print 'saslwrapper not found, trying to import sasl'
import sasl
sasl_client = sasl.Client()
sasl_client.setAttr("host", host)
sasl_client.setAttr("service", service)
sasl_client.init()
return sasl_client
# GSSASPI is the underlying mechanism used by kerberos to authenticate.
return TSaslClientTransport(sasl_factory, "GSSAPI", sock)