public static TTransport getSSLSocket(
     String host, int port, int loginTimeout, String trustStorePath, String trustStorePassWord)
     throws TTransportException {
   TSSLTransportFactory.TSSLTransportParameters params =
       new TSSLTransportFactory.TSSLTransportParameters();
   params.setTrustStore(trustStorePath, trustStorePassWord);
   params.requireClientAuth(true);
   return TSSLTransportFactory.getClientSocket(host, port, loginTimeout, params);
 }
 @Override
 public TTransport openTransport(String host, int port) throws Exception {
   TSSLTransportFactory.TSSLTransportParameters params =
       new TSSLTransportFactory.TSSLTransportParameters(protocol, cipherSuites);
   params.setTrustStore(truststore, truststorePassword);
   if (null != keystore) params.setKeyStore(keystore, keystorePassword);
   TTransport trans = TSSLTransportFactory.getClientSocket(host, port, SOCKET_TIMEOUT, params);
   return new FramedTransportFactory().getTransport(trans);
 }
  private EntitlementThriftClient.Client getThriftClient() throws Exception {

    TSSLTransportFactory.TSSLTransportParameters param =
        new TSSLTransportFactory.TSSLTransportParameters();
    param.setTrustStore(trustStore, trustStorePass);
    TTransport transport;
    transport =
        TSSLTransportFactory.getClientSocket(
            thriftHost, thriftPort, ProxyConstants.THRIFT_TIME_OUT, param);
    TProtocol protocol = new TBinaryProtocol(transport);
    return new EntitlementThriftClient.Client(protocol);
  }
 public static TServerSocket getServerSSLSocket(
     String hiveHost,
     int portNum,
     String keyStorePath,
     String keyStorePassWord,
     List<String> sslVersionBlacklist,
     int socketTimeout,
     boolean keepAlive)
     throws TTransportException, UnknownHostException {
   TSSLTransportFactory.TSSLTransportParameters params =
       new TSSLTransportFactory.TSSLTransportParameters();
   params.setKeyStore(keyStorePath, keyStorePassWord);
   InetSocketAddress serverAddress;
   if (hiveHost == null || hiveHost.isEmpty()) {
     // Wildcard bind
     serverAddress = new InetSocketAddress(portNum);
   } else {
     serverAddress = new InetSocketAddress(hiveHost, portNum);
   }
   TServerSocket thriftServerSocket =
       TSSLTransportFactory.getServerSocket(
           portNum, socketTimeout, serverAddress.getAddress(), params);
   if (thriftServerSocket.getServerSocket() instanceof SSLServerSocket) {
     List<String> sslVersionBlacklistLocal = new ArrayList<String>();
     for (String sslVersion : sslVersionBlacklist) {
       sslVersionBlacklistLocal.add(sslVersion.trim().toLowerCase());
     }
     SSLServerSocket sslServerSocket = (SSLServerSocket) thriftServerSocket.getServerSocket();
     List<String> enabledProtocols = new ArrayList<String>();
     for (String protocol : sslServerSocket.getEnabledProtocols()) {
       if (sslVersionBlacklistLocal.contains(protocol.toLowerCase())) {
         LOG.debug("Disabling SSL Protocol: " + protocol);
       } else {
         enabledProtocols.add(protocol);
       }
     }
     sslServerSocket.setEnabledProtocols(enabledProtocols.toArray(new String[0]));
     LOG.info(
         "SSL Server Socket Enabled Protocols: "
             + Arrays.toString(sslServerSocket.getEnabledProtocols()));
   }
   if (keepAlive) {
     thriftServerSocket = new TServerSocketKeepAlive(thriftServerSocket.getServerSocket());
   }
   return thriftServerSocket;
 }
    @Override
    public void open() throws ConnectionException {
      if (cassandraClient != null) {
        throw new IllegalStateException("Open called on already open connection");
      }

      long startTime = System.currentTimeMillis();
      try {
        final SSLConnectionContext sslCxt = cpConfig.getSSLConnectionContext();
        if (sslCxt != null) {
          TSSLTransportParameters params =
              new TSSLTransportParameters(
                  sslCxt.getSslProtocol(), sslCxt.getSslCipherSuites().toArray(new String[0]));
          params.setTrustStore(sslCxt.getSslTruststore(), sslCxt.getSslTruststorePassword());
          // thrift's SSL implementation does not allow you set the socket connect timeout, only
          // read timeout
          socket =
              TSSLTransportFactory.getClientSocket(
                  getHost().getIpAddress(),
                  getHost().getPort(),
                  cpConfig.getSocketTimeout(),
                  params);
        } else {
          socket =
              new TSocket(
                  getHost().getIpAddress(), getHost().getPort(), cpConfig.getConnectTimeout());
        }

        socket.getSocket().setTcpNoDelay(true);
        socket.getSocket().setKeepAlive(true);
        socket.getSocket().setSoLinger(false, 0);

        setTimeout(cpConfig.getSocketTimeout());
        transport = new TFramedTransport(socket);
        if (!transport.isOpen()) transport.open();

        cassandraClient =
            new Cassandra.Client(new TBinaryProtocol.Factory().getProtocol(transport));
        monitor.incConnectionCreated(getHost());

        AuthenticationCredentials credentials = cpConfig.getAuthenticationCredentials();
        if (credentials != null) {
          Map<String, String> thriftCredentials = Maps.newHashMapWithExpectedSize(2);
          thriftCredentials.put("username", credentials.getUsername());
          thriftCredentials.put("password", credentials.getPassword());
          cassandraClient.login(new AuthenticationRequest(thriftCredentials));
        }
      } catch (Exception e) {
        pool.addLatencySample(
            TimeUnit.NANOSECONDS.convert(cpConfig.getSocketTimeout(), TimeUnit.MILLISECONDS),
            System.nanoTime());
        closeClient();
        ConnectionException ce =
            ThriftConverter.ToConnectionPoolException(e)
                .setHost(getHost())
                .setLatency(System.currentTimeMillis() - startTime);
        monitor.incConnectionCreateFailed(getHost(), ce);
        throw ce;
      } catch (Throwable t) {
        LOG.error("Error creating connection", t);
        pool.addLatencySample(
            TimeUnit.NANOSECONDS.convert(cpConfig.getSocketTimeout(), TimeUnit.MILLISECONDS),
            System.nanoTime());
        closeClient();
        ConnectionException ce =
            ThriftConverter.ToConnectionPoolException(
                    new RuntimeException("Error openning connection", t))
                .setHost(getHost())
                .setLatency(System.currentTimeMillis() - startTime);
        monitor.incConnectionCreateFailed(getHost(), ce);
        throw ce;
      }
    }
 public static TTransport getSSLSocket(String host, int port, int loginTimeout)
     throws TTransportException {
   return TSSLTransportFactory.getClientSocket(host, port, loginTimeout);
 }
Ejemplo n.º 7
0
  public static TServer factory(ProcessorFactory processorFactory) {

    loadProperties();

    try {
      validate();
    } catch (Exception e) {
      e.printStackTrace();
    }

    TProtocolFactory tProtocolFactory = getTProtocolFactory();

    TTransportFactory tTransportFactory = getTTransportFactory();

    TServer serverEngine = null;

    TMultiplexedProcessor tProcessor = processorFactory.getProcessor();

    if (server_type.equals("nonblocking") || server_type.equals("threaded-selector")) {
      // Nonblocking servers
      TNonblockingServerSocket tNonblockingServerSocket = null;
      try {
        tNonblockingServerSocket =
            new TNonblockingServerSocket(
                new TNonblockingServerSocket.NonblockingAbstractServerSocketArgs().port(port));
      } catch (TTransportException e) {
        e.printStackTrace();
      }

      if (server_type.equals("nonblocking")) {
        // Nonblocking Server
        TNonblockingServer.Args tNonblockingServerArgs =
            new TNonblockingServer.Args(tNonblockingServerSocket);
        tNonblockingServerArgs.processor(tProcessor);
        tNonblockingServerArgs.protocolFactory(tProtocolFactory);
        tNonblockingServerArgs.transportFactory(tTransportFactory);

        serverEngine = new TNonblockingServer(tNonblockingServerArgs);
      } else { // server_type.equals("threaded-selector")
        // ThreadedSelector Server
        TThreadedSelectorServer.Args tThreadedSelectorServerArgs =
            new TThreadedSelectorServer.Args(tNonblockingServerSocket);
        tThreadedSelectorServerArgs.processor(tProcessor);
        tThreadedSelectorServerArgs.protocolFactory(tProtocolFactory);
        tThreadedSelectorServerArgs.transportFactory(tTransportFactory);

        serverEngine = new TThreadedSelectorServer(tThreadedSelectorServerArgs);
      }
    } else {
      // Blocking servers

      // SSL socket
      TServerSocket tServerSocket = null;
      if (ssl) {
        try {
          tServerSocket = TSSLTransportFactory.getServerSocket(port, 0);
        } catch (TTransportException e) {
          e.printStackTrace();
        }
      } else {
        try {
          tServerSocket =
              new TServerSocket(new TServerSocket.ServerSocketTransportArgs().port(port));
        } catch (TTransportException e) {
          e.printStackTrace();
        }
      }

      if (server_type.equals("simple")) {
        // Simple Server
        TServer.Args tServerArgs = new TServer.Args(tServerSocket);
        tServerArgs.processor(tProcessor);
        tServerArgs.protocolFactory(tProtocolFactory);
        tServerArgs.transportFactory(tTransportFactory);

        serverEngine = new TSimpleServer(tServerArgs);
      } else { // server_type.equals("threadpool")
        // ThreadPool Server
        TThreadPoolServer.Args tThreadPoolServerArgs = new TThreadPoolServer.Args(tServerSocket);
        tThreadPoolServerArgs.processor(tProcessor);
        tThreadPoolServerArgs.protocolFactory(tProtocolFactory);
        tThreadPoolServerArgs.transportFactory(tTransportFactory);

        serverEngine = new TThreadPoolServer(tThreadPoolServerArgs);
      }
    }
    // Set server event handler
    serverEngine.setServerEventHandler(new TServerEventHandlerImpl());

    return serverEngine;
  }