Skip to content

Enable TLS Handshake #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Enable TLS Handshake #17

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
70eb4d4
Enable TLS Handshake
spiros139 Aug 9, 2023
615ea80
Update qconnection.py
spiros139 Aug 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 14 additions & 6 deletions qpython/qconnection.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,28 @@

import socket
import struct
import ssl

from qpython import MetaData, CONVERSION_OPTIONS
from qpython.qtype import QException
from qpython.qreader import QReader, QReaderException
from qpython.qwriter import QWriter, QWriterException


''' SSL Section to load Certificate'''
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems unusual to have a docstring at the top level.
Any reason not to go with ssl.create_default_context() ?

context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True
context.load_default_certs()

class QConnectionException(Exception):
'''Raised when a connection to the q service cannot be established.'''
pass



class QAuthenticationException(QConnectionException):
'''Raised when a connection to the q service is denied.'''
pass



class MessageType(object):
'''Enumeration defining IPC protocol message types.'''
ASYNC = 0
Expand All @@ -62,6 +64,7 @@ class QConnection(object):
- `username` (`string` or `None`) - username for q authentication/authorization
- `password` (`string` or `None`) - password for q authentication/authorization
- `timeout` (`nonnegative float` or `None`) - set a timeout on blocking socket operations
- `tls_enabled` (`True`False or `None) - set tls_enabled to use TLS Handshake and SSL Encryption
- `encoding` (`string`) - string encoding for data deserialization
- `reader_class` (subclass of `QReader`) - data deserializer
- `writer_class` (subclass of `QWriter`) - data serializer
Expand All @@ -79,11 +82,12 @@ class QConnection(object):

MAX_PROTOCOL_VERSION = 6

def __init__(self, host, port, username = None, password = None, timeout = None, encoding = 'latin-1', reader_class = None, writer_class = None, **options):
def __init__(self, host, port, username = None, password = None, timeout = None, tls_enabled = False ,encoding = 'latin-1', reader_class = None, writer_class = None, **options):
self.host = host
self.port = port
self.username = username
self.password = password
self.tls_enabled = tls_enabled

self._connection = None
self._connection_file = None
Expand Down Expand Up @@ -152,9 +156,13 @@ def _init_socket(self):
'''Initialises the socket used for communicating with a q service,'''
try:
self._connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

if self.tls_enabled:
self._connection = context.wrap_socket(self._connection,server_hostname = self.host)

self._connection.connect((self.host, self.port))
self._connection.settimeout(self.timeout)
self._connection_file = self._connection.makefile('b')
self._connection_file = self._connection.makefile('b')
except:
self._connection = None
self._connection_file = None
Expand Down