THRIFT-1068. py: Python SSL Socket Support
A python implementation of TSSLSocket.
Patch: Kevin Worth
git-svn-id: https://svn.apache.org/repos/asf/thrift/trunk@1073447 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/lib/py/src/transport/TSSLSocket.py b/lib/py/src/transport/TSSLSocket.py
new file mode 100644
index 0000000..8ab91ca
--- /dev/null
+++ b/lib/py/src/transport/TSSLSocket.py
@@ -0,0 +1,38 @@
+import sys
+sys.path.append('/usr/lib/python2.6/site-packages/')
+
+from thrift.transport import TSocket
+import socket, ssl
+
+class TSSLSocket(TSocket.TSocket):
+ def open(self):
+ try:
+ res0 = self._resolveAddr()
+ for res in res0:
+ plain_sock = socket.socket(res[0], res[1])
+ #TODO verify server cert
+ self.handle = ssl.wrap_socket(plain_sock, ssl_version=ssl.PROTOCOL_TLSv1)
+ self.handle.settimeout(self._timeout)
+ try:
+ self.handle.connect(res[4])
+ except socket.error, e:
+ if res is not res0[-1]:
+ continue
+ else:
+ raise e
+ break
+ except socket.error, e:
+ if self._unix_socket:
+ message = 'Could not connect to secure socket %s' % self._unix_socket
+ else:
+ message = 'Could not connect to %s:%d' % (self.host, self.port)
+ raise TTransportException(type=TTransportException.NOT_OPEN, message=message)
+
+class TSSLServerSocket(TSocket.TServerSocket):
+ def accept(self):
+ plain_client, addr = self.handle.accept()
+ result = TSocket.TSocket()
+ #TODO take certfile/keyfile as a parameter at setup
+ client = ssl.wrap_socket(plain_client, certfile='cert.pem', server_side=True)
+ result.setHandle(client)
+ return result