Fixes for the CLI (SSL ThriftBackend) #3673
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The ThriftClient doesn't work with current versions of pyOpenSSL.
This could possibly be related to: pyca/pyopenssl#168
The PR adds a timeout to the SecureSocketConnection class, which should work for any pyOpenSSL version, even the ancient not-cffi-based versions.
Since ThriftClient auto-detects if a server uses SSL, the socket timeout values are kept low to speed up the detection. This possibly can lead to problems on high latency network connections, the PR adds a command line option to the CLI to bypass the detection and use a higher timeout.
Tested on:
Debian Stretch, pyOpenSSL 16.2.0
Debian Jessie, pyOpenSSL 0.14
Windows 10, pyOpenSSL 19.1.0
Windows 10, pyOpenSSL 0.13.16 (egenix)