fix(csharp/src/Drivers/Apache): Set tls enabled to true all HTTP-based drivers, by default (apache#2667)

This change fixes a problem when connecting to a Databricks data source
using the `adbc.hive.host` and `adbc.hive.path` instead of `uri`.

Databricks connections always require an encrypted connection, so the
default of `false` for option `adbc.http_options.tls.enabled` does not
correctly apply to a Databricks connection. This change makes the
default `True` for Databricks and all HTTP-based drivers. Callers can
provide a `uri` with `http:` scheme or set the
`adbc.http_options.tls.enabled` to `False` to disable TLS communication.

Further, there are improvements in the test environment to support all
options in the `http_options.tls.*` namespace

Author: birschick-bq

csharp/src/Drivers/Apache/Hive2/HiveServer2TlsImpl.cs

@@ -26,7 +26,7 @@ namespace Apache.Arrow.Adbc.Drivers.Apache.Hive2
 {
     class TlsProperties
     {
-        public bool IsTlsEnabled { get; set; }
+        public bool IsTlsEnabled { get; set; } = true;
         public bool DisableServerCertificateValidation { get; set; }
         public bool AllowHostnameMismatch { get; set; }
         public bool AllowSelfSigned { get; set; }
@@ -43,15 +43,15 @@ static internal TlsProperties GetHttpTlsOptions(IReadOnlyDictionary<string, stri
                 var uriValue = new Uri(uri);
                 tlsProperties.IsTlsEnabled = uriValue.Scheme == Uri.UriSchemeHttps || (properties.TryGetValue(HttpTlsOptions.IsTlsEnabled, out string? isSslEnabled) && bool.TryParse(isSslEnabled, out bool isSslEnabledBool) && isSslEnabledBool);
             }
-            else
+            else if (properties.TryGetValue(HttpTlsOptions.IsTlsEnabled, out string? isSslEnabled) && bool.TryParse(isSslEnabled, out bool isSslEnabledBool))
             {
-                tlsProperties.IsTlsEnabled = properties.TryGetValue(HttpTlsOptions.IsTlsEnabled, out string? isSslEnabled) && bool.TryParse(isSslEnabled, out bool isSslEnabledBool) && isSslEnabledBool;
+                tlsProperties.IsTlsEnabled = isSslEnabledBool;
             }
             if (!tlsProperties.IsTlsEnabled)
             {
                 return tlsProperties;
             }
-            tlsProperties.IsTlsEnabled = true;
+
             if (properties.TryGetValue(HttpTlsOptions.DisableServerCertificateValidation, out string? disableServerCertificateValidation) && bool.TryParse(disableServerCertificateValidation, out bool disableServerCertificateValidationBool) && disableServerCertificateValidationBool)
             {
                 tlsProperties.DisableServerCertificateValidation = true;

csharp/src/Drivers/Apache/Hive2/README.md

@@ -39,7 +39,7 @@ but can also be passed in the call to `AdbcDatabase.Connect`.
 | `adbc.apache.statement.batch_size` | Sets the maximum number of rows to retrieve in a single batch request. | `50000` |
 | `adbc.apache.statement.polltime_ms` | If polling is necessary to get a result, this option sets the length of time (in milliseconds) to wait between polls. | `500` |
 | `adbc.apache.statement.query_timeout_s` | Sets the maximum time (in seconds) for a query to complete. Values can be 0 (infinite) or greater than zero. | `60` |
-| `adbc.http_options.tls.enabled` | If tls needs to enabled or not. One of `True`, `False` | `False` |
+| `adbc.http_options.tls.enabled` | If tls needs to enabled or not. One of `True`, `False` | `True` |
 | `adbc.http_options.tls.disable_server_certificate_validation` | If tls/ssl server certificate validation needs to enabled or not. One of `True`, `False`. If set to True, all certificate validation errors are ignored | `False` |
 | `adbc.http_options.tls.allow_self_signed` | If self signed tls/ssl certificate needs to be allowed or not. One of `True`, `False` | `False` |
 | `adbc.http_options.tls.allow_hostname_mismatch` | If hostname mismatch is allowed for ssl. One of `True`, `False` | `False` |

csharp/src/Drivers/Apache/Spark/README.md

@@ -40,7 +40,7 @@ but can also be passed in the call to `AdbcDatabase.Connect`.
 | `adbc.apache.statement.batch_size` | Sets the maximum number of rows to retrieve in a single batch request. | `50000` |
 | `adbc.apache.statement.polltime_ms` | If polling is necessary to get a result, this option sets the length of time (in milliseconds) to wait between polls. | `500` |
 | `adbc.apache.statement.query_timeout_s` | Sets the maximum time (in seconds) for a query to complete. Values can be 0 (infinite) or greater than zero. | `60` |
-| `adbc.http_options.tls.enabled` | If tls needs to enabled or not. One of `True`, `False` | `False` |
+| `adbc.http_options.tls.enabled` | If tls needs to enabled or not. One of `True`, `False` | `True` |
 | `adbc.http_options.tls.disable_server_certificate_validation` | If tls/ssl server certificate validation needs to enabled or not. One of `True`, `False`. If set to True, all certificate validation errors are ignored | `False` |
 | `adbc.http_options.tls.allow_self_signed` | If self signed tls/ssl certificate needs to be allowed or not. One of `True`, `False` | `False` |
 | `adbc.http_options.tls.allow_hostname_mismatch` | If hostname mismatch is allowed for ssl. One of `True`, `False` | `False` |

csharp/test/Drivers/Apache/ApacheTestConfiguration.cs

@@ -60,7 +60,31 @@ public class ApacheTestConfiguration : TestConfiguration
         [JsonPropertyName("data_type_conv"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
         public string DataTypeConversion { get; set; } = string.Empty;
 
-        [JsonPropertyName("tls_options"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
-        public string TlsOptions { get; set; } = string.Empty;
+        [JsonPropertyName("http_options"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public HttpTestConfiguration? HttpOptions { get; set; }
+    }
+
+    public class HttpTestConfiguration
+    {
+        [JsonPropertyName("tls"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public TlsTestConfiguration? Tls { get; set; }
+    }
+
+    public class TlsTestConfiguration
+    {
+        [JsonPropertyName("enabled"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public bool? Enabled { get; set; }
+
+        [JsonPropertyName("disable_server_certificate_validation"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public bool? DisableServerCertificateValidation { get; set; }
+
+        [JsonPropertyName("allow_self_signed"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public bool? AllowSelfSigned { get; set; }
+
+        [JsonPropertyName("allow_hostname_mismatch"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public bool? AllowHostnameMismatch { get; set; }
+
+        [JsonPropertyName("trusted_certificate_path"), JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)]
+        public string? TrustedCertificatePath { get; set; }
     }
 }

csharp/test/Drivers/Apache/Hive2/HiveServer2TestEnvironment.cs

@@ -106,6 +106,34 @@ public override Dictionary<string, string> GetDriverParameters(ApacheTestConfigu
             {
                 parameters.Add(ApacheParameters.QueryTimeoutSeconds, testConfiguration.QueryTimeoutSeconds!);
             }
+            if (testConfiguration.HttpOptions != null)
+            {
+                if (testConfiguration.HttpOptions.Tls != null)
+                {
+                    TlsTestConfiguration tlsOptions = testConfiguration.HttpOptions.Tls;
+                    if (tlsOptions.Enabled.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.IsTlsEnabled, tlsOptions.Enabled.Value.ToString());
+                    }
+                    if (tlsOptions.AllowSelfSigned.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowSelfSigned, tlsOptions.AllowSelfSigned.Value.ToString());
+                    }
+                    if (tlsOptions.AllowHostnameMismatch.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowHostnameMismatch, tlsOptions.AllowHostnameMismatch.Value.ToString());
+                    }
+                    if (tlsOptions.DisableServerCertificateValidation.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.DisableServerCertificateValidation, tlsOptions.DisableServerCertificateValidation.Value.ToString());
+                    }
+                    if (!string.IsNullOrEmpty(tlsOptions.TrustedCertificatePath))
+                    {
+                        parameters.Add(HttpTlsOptions.TrustedCertificatePath, tlsOptions.TrustedCertificatePath!);
+                    }
+                }
+            }
+
             return parameters;
         }
 

csharp/test/Drivers/Apache/Impala/ImpalaTestEnvironment.cs

@@ -91,10 +91,6 @@ public override Dictionary<string, string> GetDriverParameters(ApacheTestConfigu
             {
                 parameters.Add(ImpalaParameters.DataTypeConv, testConfiguration.DataTypeConversion!);
             }
-            if (!string.IsNullOrEmpty(testConfiguration.TlsOptions))
-            {
-                parameters.Add(ImpalaParameters.TLSOptions, testConfiguration.TlsOptions!);
-            }
             if (!string.IsNullOrEmpty(testConfiguration.BatchSize))
             {
                 parameters.Add(ApacheParameters.BatchSize, testConfiguration.BatchSize!);
@@ -111,6 +107,34 @@ public override Dictionary<string, string> GetDriverParameters(ApacheTestConfigu
             {
                 parameters.Add(ApacheParameters.QueryTimeoutSeconds, testConfiguration.QueryTimeoutSeconds!);
             }
+            if (testConfiguration.HttpOptions != null)
+            {
+                if (testConfiguration.HttpOptions.Tls != null)
+                {
+                    TlsTestConfiguration tlsOptions = testConfiguration.HttpOptions.Tls;
+                    if (tlsOptions.Enabled.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.IsTlsEnabled, tlsOptions.Enabled.Value.ToString());
+                    }
+                    if (tlsOptions.AllowSelfSigned.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowSelfSigned, tlsOptions.AllowSelfSigned.Value.ToString());
+                    }
+                    if (tlsOptions.AllowHostnameMismatch.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowHostnameMismatch, tlsOptions.AllowHostnameMismatch.Value.ToString());
+                    }
+                    if (tlsOptions.DisableServerCertificateValidation.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.DisableServerCertificateValidation, tlsOptions.DisableServerCertificateValidation.Value.ToString());
+                    }
+                    if (!string.IsNullOrEmpty(tlsOptions.TrustedCertificatePath))
+                    {
+                        parameters.Add(HttpTlsOptions.TrustedCertificatePath, tlsOptions.TrustedCertificatePath!);
+                    }
+                }
+            }
+
             return parameters;
         }
 

csharp/test/Drivers/Apache/Spark/Resources/sparkconfig-databricks.json

@@ -12,5 +12,21 @@
         "schema": "default",
         "table": "<tableName>",
         "expectedColumnCount": 19
+    },
+    "http_options-comment": "Allowed values, null|object",
+    "http_options": {
+        "tls-comment": "Allowed values, null|object",
+        "tls": {
+            "enabled-comment": "Allowed values, true|false|null.",
+            "enabled": null,
+            "disable_server_certificate_validation-comment": "Allowed values, true|false|null.",
+            "disable_server_certificate_validation": null,
+            "allow_self_signed-comment": "Allowed values, true|false|null.",
+            "allow_self_signed": null,
+            "allow_hostname_mismatch-comment": "Allowed values, true|false|null.",
+            "allow_hostname_mismatch": null,
+            "trusted_certificate_path-commnt": "Allowed values: string|null",
+            "trusted_certificate_path": null
+        }
     }
 }

csharp/test/Drivers/Apache/Spark/Resources/sparkconfig-http.json

@@ -11,5 +11,21 @@
         "schema": "default",
         "table": "<tableName>",
         "expectedColumnCount": 17
+    },
+    "http_options-comment": "Allowed values, null|object",
+    "http_options": {
+        "tls-comment": "Allowed values, null|object",
+        "tls": {
+            "enabled-comment": "Allowed values, true|false|null.",
+            "enabled": null,
+            "disable_server_certificate_validation-comment": "Allowed values, true|false|null.",
+            "disable_server_certificate_validation": null,
+            "allow_self_signed-comment": "Allowed values, true|false|null.",
+            "allow_self_signed": null,
+            "allow_hostname_mismatch-comment": "Allowed values, true|false|null.",
+            "allow_hostname_mismatch": null,
+            "trusted_certificate_path-commnt": "Allowed values: string|null",
+            "trusted_certificate_path": null
+        }
     }
 }

csharp/test/Drivers/Apache/Spark/SparkTestEnvironment.cs

@@ -19,6 +19,7 @@
 using System.Collections.Generic;
 using System.Data.SqlTypes;
 using System.Text;
+using System.Text.Json.Serialization;
 using Apache.Arrow.Adbc.Drivers.Apache;
 using Apache.Arrow.Adbc.Drivers.Apache.Hive2;
 using Apache.Arrow.Adbc.Drivers.Apache.Spark;
@@ -117,6 +118,33 @@ public override Dictionary<string, string> GetDriverParameters(SparkTestConfigur
             {
                 parameters.Add(ApacheParameters.QueryTimeoutSeconds, testConfiguration.QueryTimeoutSeconds!);
             }
+            if (testConfiguration.HttpOptions != null)
+            {
+                if (testConfiguration.HttpOptions.Tls != null)
+                {
+                    TlsTestConfiguration tlsOptions = testConfiguration.HttpOptions.Tls;
+                    if (tlsOptions.Enabled.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.IsTlsEnabled, tlsOptions.Enabled.Value.ToString());
+                    }
+                    if (tlsOptions.AllowSelfSigned.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowSelfSigned, tlsOptions.AllowSelfSigned.Value.ToString());
+                    }
+                    if (tlsOptions.AllowHostnameMismatch.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.AllowHostnameMismatch, tlsOptions.AllowHostnameMismatch.Value.ToString());
+                    }
+                    if (tlsOptions.DisableServerCertificateValidation.HasValue)
+                    {
+                        parameters.Add(HttpTlsOptions.DisableServerCertificateValidation, tlsOptions.DisableServerCertificateValidation.Value.ToString());
+                    }
+                    if (!string.IsNullOrEmpty(tlsOptions.TrustedCertificatePath))
+                    {
+                        parameters.Add(HttpTlsOptions.TrustedCertificatePath, tlsOptions.TrustedCertificatePath!);
+                    }
+                }
+            }
 
             return parameters;
         }