summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
authorRafael H. Schloming <rhs@apache.org>2012-01-30 21:04:58 +0000
committerRafael H. Schloming <rhs@apache.org>2012-01-30 21:04:58 +0000
commitcc929b8fddebe197a7a3b5cee57f87d5779d2c1f (patch)
tree09f659d19963ccab100a97ed8baaa38bd9084ae2 /python
parent0b536f6fa61cb192c9cba08c443a10c779aa2a91 (diff)
downloadqpid-python-cc929b8fddebe197a7a3b5cee57f87d5779d2c1f.tar.gz
QPID-3175: applied patch with a default sasl_mechanisms of ANONYMOUS
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1238012 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'python')
-rw-r--r--python/qpid/messaging/endpoints.py13
-rw-r--r--python/qpid/messaging/transports.py2
-rw-r--r--python/qpid/sasl.py2
3 files changed, 15 insertions, 2 deletions
diff --git a/python/qpid/messaging/endpoints.py b/python/qpid/messaging/endpoints.py
index 338ac70ecf..85ec7d331c 100644
--- a/python/qpid/messaging/endpoints.py
+++ b/python/qpid/messaging/endpoints.py
@@ -116,6 +116,13 @@ class Connection(Endpoint):
@type address_ttl: float
@param address_ttl: time until cached address resolution expires
+ @type ssl_keyfile: str
+ @param ssl_keyfile: file with client's private key (PEM format)
+ @type ssl_certfile: str
+ @param ssl_certfile: file with client's public (eventually priv+pub) key (PEM format)
+ @type ssl_trustfile: str
+ @param ssl_trustfile: file trusted certificates to validate the server
+
@rtype: Connection
@return: a disconnected Connection
"""
@@ -141,7 +148,7 @@ class Connection(Endpoint):
self.password = default(url.password, options.get("password", None))
self.auth_username = None
- self.sasl_mechanisms = options.get("sasl_mechanisms")
+ self.sasl_mechanisms = options.get("sasl_mechanisms", "ANONYMOUS")
self.sasl_service = options.get("sasl_service", "qpidd")
self.sasl_min_ssf = options.get("sasl_min_ssf")
self.sasl_max_ssf = options.get("sasl_max_ssf")
@@ -160,6 +167,10 @@ class Connection(Endpoint):
self.address_ttl = options.get("address_ttl", 60)
self.tcp_nodelay = options.get("tcp_nodelay", False)
+ self.ssl_keyfile = options.get("ssl_keyfile", None)
+ self.ssl_certfile = options.get("ssl_certfile", None)
+ self.ssl_trustfile = options.get("ssl_trustfile", None)
+
self.options = options
diff --git a/python/qpid/messaging/transports.py b/python/qpid/messaging/transports.py
index 7abaae12e8..532c365884 100644
--- a/python/qpid/messaging/transports.py
+++ b/python/qpid/messaging/transports.py
@@ -61,7 +61,7 @@ else:
def __init__(self, conn, host, port):
SocketTransport.__init__(self, conn, host, port)
- self.tls = wrap_socket(self.socket)
+ self.tls = wrap_socket(self.socket, keyfile=conn.ssl_keyfile, certfile=conn.ssl_certfile, ca_certs=conn.ssl_trustfile)
self.socket.setblocking(0)
self.state = None
diff --git a/python/qpid/sasl.py b/python/qpid/sasl.py
index fed6deac20..677a5e4e22 100644
--- a/python/qpid/sasl.py
+++ b/python/qpid/sasl.py
@@ -89,6 +89,8 @@ class PlainClient:
return "PLAIN", "\0%s\0%s" % (self.attrs.get("username"), self.attrs.get("password"))
elif "ANONYMOUS" in mechs:
return "ANONYMOUS", "%s@%s" % (self.attrs.get("username"), socket.gethostname())
+ elif "EXTERNAL" in mechs:
+ return "EXTERNAL", "%s" % (self.attrs.get("username"))
else:
raise SASLError("sasl negotiation failed: no mechanism agreed")