diff options
| author | Grzegorz Grasza <xek@redhat.com> | 2020-12-04 16:27:11 +0100 |
|---|---|---|
| committer | Tim Burke <tim.burke@gmail.com> | 2021-01-06 09:47:38 -0800 |
| commit | 6930bc24b2f7613bc56bee3d2c34f7bb4890ec39 (patch) | |
| tree | a10eb0e1025d2d9a4ab81f709f3c3567a6c17a11 /swift/common/memcached.py | |
| parent | e22cad666a7bbb16a40a85a162a829da0f23c187 (diff) | |
| download | swift-6930bc24b2f7613bc56bee3d2c34f7bb4890ec39.tar.gz | |
Memcached client TLS support
This patch specifies a set of configuration options required to build
a TLS context, which is used to wrap the client connection socket.
Closes-Bug: #1906846
Change-Id: I03a92168b90508956f367fbb60b7712f95b97f60
Diffstat (limited to 'swift/common/memcached.py')
| -rw-r--r-- | swift/common/memcached.py | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/swift/common/memcached.py b/swift/common/memcached.py index bc1216283..7966b7ed6 100644 --- a/swift/common/memcached.py +++ b/swift/common/memcached.py @@ -127,11 +127,12 @@ class MemcacheConnPool(Pool): :func:`swift.common.utils.parse_socket_string` for details. """ - def __init__(self, server, size, connect_timeout): + def __init__(self, server, size, connect_timeout, tls_context=None): Pool.__init__(self, max_size=size) self.host, self.port = utils.parse_socket_string( server, DEFAULT_MEMCACHED_PORT) self._connect_timeout = connect_timeout + self._tls_context = tls_context def create(self): addrs = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, @@ -141,6 +142,9 @@ class MemcacheConnPool(Pool): sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) with Timeout(self._connect_timeout): sock.connect(sockaddr) + if self._tls_context: + sock = self._tls_context.wrap_socket(sock, + server_hostname=self.host) return (sock.makefile('rwb'), sock) def get(self): @@ -159,7 +163,7 @@ class MemcacheRing(object): def __init__(self, servers, connect_timeout=CONN_TIMEOUT, io_timeout=IO_TIMEOUT, pool_timeout=POOL_TIMEOUT, tries=TRY_COUNT, allow_pickle=False, allow_unpickle=False, - max_conns=2, logger=None, + max_conns=2, tls_context=None, logger=None, error_limit_count=ERROR_LIMIT_COUNT, error_limit_time=ERROR_LIMIT_TIME, error_limit_duration=ERROR_LIMIT_DURATION): @@ -174,10 +178,10 @@ class MemcacheRing(object): self._ring[md5hash('%s-%s' % (server, i))] = server self._tries = tries if tries <= len(servers) else len(servers) self._sorted = sorted(self._ring) - self._client_cache = dict(((server, - MemcacheConnPool(server, max_conns, - connect_timeout)) - for server in servers)) + self._client_cache = dict(( + (server, MemcacheConnPool(server, max_conns, connect_timeout, + tls_context=tls_context)) + for server in servers)) self._connect_timeout = connect_timeout self._io_timeout = io_timeout self._pool_timeout = pool_timeout |