Add SSL support by modifying org.math.R.RserverConf.java
Closed this issue · 0 comments
icejean commented
In summary first:
- Add a new constructor to org.math.R.RserverConf.java.
- Add a branch dealing with SSL connection to org.math.R.RserverConf.connect()
- Configure Rsreve with SSL support.
- Connect to Rserve with SSL enabled.
Hope that this feature may be merged into the coming versions.
1.Add a new constructor to org.math.R.RserverConf.java.
// Added by Jean 2023/05/23
public Properties properties = null;
// Added by Jean 2023/05/23
public RserverConf(String RserverHostName, int RserverPort, String login, String password, Properties props) {
this.host = RserverHostName;
this.port = RserverPort;
this.login = login;
this.password = password;
this.properties = props;
}
- Add a branch dealing with SSL connection to org.math.R.RserverConf.connect().
public synchronized RConnection connect() {
// Logger.err.print("Connecting " + toString()+" ... ");
TimeOut t = new TimeOut() {
protected Object defaultResult() {
return -2;
}
protected Object command() {
// Added by Jean 2023/05/23
String tls = "false";
if (properties != null) {
try {
tls = properties.getProperty("tls");
if (tls == null || tls != "true")
tls = "false";
} catch (Exception ex) {
}
}
int n = 10;
while ((n--) > 0) {
// Modified by Jean 2023/05/23
if (tls == "false") {
try {
if (host == null) {
if (port > 0) {
connection = new RConnection(DEFAULT_RSERVE_HOST, port);
} else {
connection = new RConnection(DEFAULT_RSERVE_HOST, DEFAULT_RSERVE_PORT);
}
if (connection.needLogin()) {
connection.login(login, password);
}
} else {
if (port > 0) {
connection = new RConnection(host, port);
} else {
connection = new RConnection(host);
}
if (connection.needLogin()) {
connection.login(login, password);
}
}
return 0;
} catch (RserveException ex) {
Log.Err.println("Failed to connect on host:" + host + " port:" + port + " login:" + login
+ "\n " + ex.getMessage());
}
// Added by Jean for tls connection 2023/05/23
} else {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket;
try {
if (host == null) {
host = DEFAULT_RSERVE_HOST;
}
if (port > 0) {
} else {
port = 6311;
}
// connection = new RConnection();
sslsocket = (SSLSocket) sslsocketfactory.createSocket(host, port);
// Connect to the remote server.
connection = new RConnection(sslsocket);
if (connection.needLogin()) {
connection.login(login, password);
}
return 0;
} catch (Exception ex) {
Log.Err.println("Failed to connect: " + ex.getMessage());
}
}
}
return -1;
}
};
try {
t.execute(CONNECT_TIMEOUT);
} catch (Exception e) {
Log.Err.println("Connection " + toString() + " failed: " + e.getMessage());
}
if (((Integer) t.getResult()) != 0) {
Log.Err.println("Connection " + toString() + " failed.");
return null;
} else {
return connection;
}
}
- Configure Rsreve with SSL support.
root@VM-0-14-ubuntu:/home/ubuntu# vi /etc/Rserv.conf
// Enable remote login
remote enable
// Authentication required
auth required
// Disable plaintext
plaintext disable
// Use utf-8
encoding utf8
//Enable remote control or R process
control enable
//Use qap+tls protocol
qap.tls.port 6311
//Rserve server key
tls.key /root/cert/server.key
//Selfsigned Rserve server cert
tls.cert /root/cert/server.crt
//Selfsigned CA cert
tls.ca /root/cert/demoCA/cacert.pem
//Disable unencypted qap
qap disable
- Connect to Rserve with SSL enabled.
public static Rsession initRserve() throws IOException {
Properties prop = new Properties();
prop.setProperty("tls", "true");
RserverConf rconf = new RserverConf(host, 6311, "user", "password", prop);
rsession = (RserveSession)new RserveSession(System.out, null, rconf);
return rsession;
}