This is an automated email from the ASF dual-hosted git repository.
suneet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new e684b83 Add the ability to supply client certificate to dsql comand
line tool. (#10765)
e684b83 is described below
commit e684b83e296987decac17f79b234e632af1ad781
Author: misqos <[email protected]>
AuthorDate: Fri Feb 12 05:16:47 2021 +0100
Add the ability to supply client certificate to dsql comand line tool.
(#10765)
---
examples/bin/dsql-main | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/examples/bin/dsql-main b/examples/bin/dsql-main
index cf68581..c246027 100755
--- a/examples/bin/dsql-main
+++ b/examples/bin/dsql-main
@@ -47,9 +47,9 @@ class DruidSqlException(Exception):
f.flush()
def do_query_with_args(url, sql, context, args):
- return do_query(url, sql, context, args.timeout, args.user,
args.ignore_ssl_verification, args.cafile, args.capath)
+ return do_query(url, sql, context, args.timeout, args.user,
args.ignore_ssl_verification, args.cafile, args.capath, args.certchain,
args.keyfile, args.keypass)
-def do_query(url, sql, context, timeout, user, ignore_ssl_verification,
ca_file, ca_path):
+def do_query(url, sql, context, timeout, user, ignore_ssl_verification,
ca_file, ca_path, cert_chain, key_file, key_pass):
json_decoder = json.JSONDecoder(object_pairs_hook=collections.OrderedDict)
try:
if timeout <= 0:
@@ -63,13 +63,15 @@ def do_query(url, sql, context, timeout, user,
ignore_ssl_verification, ca_file,
# SSL stuff
ssl_context = None
- if ignore_ssl_verification or ca_file is not None or ca_path is not None:
+ if ignore_ssl_verification or ca_file is not None or ca_path is not None
or cert_chain is not None:
ssl_context = ssl.create_default_context()
if ignore_ssl_verification:
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
- else:
+ elif ca_path is not None:
ssl_context.load_verify_locations(cafile=ca_file, capath=ca_path)
+ else:
+ ssl_context.load_cert_chain(certfile=cert_chain, keyfile=key_file,
password=key_pass)
req = urllib2.Request(url, sql_json, {'Content-Type' : 'application/json'})
@@ -402,6 +404,9 @@ def main():
parser_fmt.add_argument('--tsv-delimiter', type=str, default='\t',
help='Delimiter for format "tsv"')
parser_oth.add_argument('--context-option', '-c', type=str, action='append',
help='Set context option for this connection, see
https://druid.apache.org/docs/latest/querying/sql.html#connection-context for
options')
parser_oth.add_argument('--execute', '-e', type=str, help='Execute single
SQL query')
+ parser_cnn.add_argument('--certchain', type=str, help='Path to SSL
certificate used to connect to server. See load_cert_chain() in
https://docs.python.org/2/library/ssl.html#ssl.SSLContext.')
+ parser_cnn.add_argument('--keyfile', type=str, help='Path to private SSL key
used to connect to server. See load_cert_chain() in
https://docs.python.org/2/library/ssl.html#ssl.SSLContext.')
+ parser_cnn.add_argument('--keypass', type=str, help='Password to private SSL
key file used to connect to server. See load_cert_chain() in
https://docs.python.org/2/library/ssl.html#ssl.SSLContext.')
args = parser.parse_args()
# Build broker URL
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
