diff options
author | Rafael H. Schloming <rhs@apache.org> | 2012-01-30 21:04:58 +0000 |
---|---|---|
committer | Rafael H. Schloming <rhs@apache.org> | 2012-01-30 21:04:58 +0000 |
commit | cc929b8fddebe197a7a3b5cee57f87d5779d2c1f (patch) | |
tree | 09f659d19963ccab100a97ed8baaa38bd9084ae2 /python | |
parent | 0b536f6fa61cb192c9cba08c443a10c779aa2a91 (diff) | |
download | qpid-python-cc929b8fddebe197a7a3b5cee57f87d5779d2c1f.tar.gz |
QPID-3175: applied patch with a default sasl_mechanisms of ANONYMOUS
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1238012 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'python')
-rw-r--r-- | python/qpid/messaging/endpoints.py | 13 | ||||
-rw-r--r-- | python/qpid/messaging/transports.py | 2 | ||||
-rw-r--r-- | python/qpid/sasl.py | 2 |
3 files changed, 15 insertions, 2 deletions
diff --git a/python/qpid/messaging/endpoints.py b/python/qpid/messaging/endpoints.py index 338ac70ecf..85ec7d331c 100644 --- a/python/qpid/messaging/endpoints.py +++ b/python/qpid/messaging/endpoints.py @@ -116,6 +116,13 @@ class Connection(Endpoint): @type address_ttl: float @param address_ttl: time until cached address resolution expires + @type ssl_keyfile: str + @param ssl_keyfile: file with client's private key (PEM format) + @type ssl_certfile: str + @param ssl_certfile: file with client's public (eventually priv+pub) key (PEM format) + @type ssl_trustfile: str + @param ssl_trustfile: file trusted certificates to validate the server + @rtype: Connection @return: a disconnected Connection """ @@ -141,7 +148,7 @@ class Connection(Endpoint): self.password = default(url.password, options.get("password", None)) self.auth_username = None - self.sasl_mechanisms = options.get("sasl_mechanisms") + self.sasl_mechanisms = options.get("sasl_mechanisms", "ANONYMOUS") self.sasl_service = options.get("sasl_service", "qpidd") self.sasl_min_ssf = options.get("sasl_min_ssf") self.sasl_max_ssf = options.get("sasl_max_ssf") @@ -160,6 +167,10 @@ class Connection(Endpoint): self.address_ttl = options.get("address_ttl", 60) self.tcp_nodelay = options.get("tcp_nodelay", False) + self.ssl_keyfile = options.get("ssl_keyfile", None) + self.ssl_certfile = options.get("ssl_certfile", None) + self.ssl_trustfile = options.get("ssl_trustfile", None) + self.options = options diff --git a/python/qpid/messaging/transports.py b/python/qpid/messaging/transports.py index 7abaae12e8..532c365884 100644 --- a/python/qpid/messaging/transports.py +++ b/python/qpid/messaging/transports.py @@ -61,7 +61,7 @@ else: def __init__(self, conn, host, port): SocketTransport.__init__(self, conn, host, port) - self.tls = wrap_socket(self.socket) + self.tls = wrap_socket(self.socket, keyfile=conn.ssl_keyfile, certfile=conn.ssl_certfile, ca_certs=conn.ssl_trustfile) self.socket.setblocking(0) self.state = None diff --git a/python/qpid/sasl.py b/python/qpid/sasl.py index fed6deac20..677a5e4e22 100644 --- a/python/qpid/sasl.py +++ b/python/qpid/sasl.py @@ -89,6 +89,8 @@ class PlainClient: return "PLAIN", "\0%s\0%s" % (self.attrs.get("username"), self.attrs.get("password")) elif "ANONYMOUS" in mechs: return "ANONYMOUS", "%s@%s" % (self.attrs.get("username"), socket.gethostname()) + elif "EXTERNAL" in mechs: + return "EXTERNAL", "%s" % (self.attrs.get("username")) else: raise SASLError("sasl negotiation failed: no mechanism agreed") |