Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12135 )
Change subject: [python] handle DisableOpenSSLInitialization() result status ...................................................................... Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/12135/1/python/kudu/client.pyx File python/kudu/client.pyx: http://gerrit.cloudera.org:8080/#/c/12135/1/python/kudu/client.pyx@288 PS1, Line 288: # Python programs will often have already imported _ssl, which : # has the side effect of initializing OpenSSL. So, we detect : # whether _ssl is present, and if we can import it, we disable : # Kudu's initialization to avoid a conflict. > Just to clarify, "import _ssl" is not the "correct" way to initialize OpenS Yep, "import _ssl" is not the "standard" way of getting SSL/TLS socket support in Python. The "standard" way is to call "import ssl". The 'ssl' Python's module is a wrapper around the '_ssl' module; the 'ssl module calls "import _ssl" by itself. Essentially, the 'ssl' module provides SSLContext, SSLSocket and a few other wrapper classes, plus handy utility functions. The "import _ssl" will fail if OpenSSL is not present or the Python interpreter is built without TLS/SSL support. The "import _ssl" statement is about initting the OpenSSL library and importing "low-level" functionality for TLS/SSL. As I understand, the original idea behind this try/except was to unconditionally disable initting of the OpenSSL library by the underlying Kudu C++ client if Python is build with TLS/SSL support. Kudu requires that the OpenSSL library is initialized with support for multi-threading, and the DisableOpenSSLInitialization() function checks for that behind the scenes. As an additional info, calling DisableOpenSSLInitialization() prior to initting the OpenSSL library would result in non-OK result status from DisableOpenSSLInitialization(). Calling DisableOpenSSLInitialization() on not-multi-thread-compatible-initialized OpenSSL library would result in non-OK result status as well. This small patch is targeted to handle the latter case (if it ever happens) and to remove the compilation warning. -- To view, visit http://gerrit.cloudera.org:8080/12135 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I1963b6d87d731fbfa87a09b986595aa8ea00da60 Gerrit-Change-Number: 12135 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Comment-Date: Wed, 02 Jan 2019 20:16:55 +0000 Gerrit-HasComments: Yes
