Bump httpclient dependency

continuous_integration/recipe/meta.yaml

@@ -15,8 +15,7 @@ build:
   number: {{ GIT_DESCRIBE_NUMBER }}
   noarch: python
   entry_points:
-    # TODO: re-enable server once CVEs are resolved
-    # - dask-sql-server = dask_sql.server.app:main
+    - dask-sql-server = dask_sql.server.app:main
     - dask-sql = dask_sql.cmd:main
   string: py_{{ GIT_DESCRIBE_HASH }}_{{ GIT_DESCRIBE_NUMBER }}
   script: {{ PYTHON }} -m pip install . --no-deps -vv
@@ -46,8 +45,7 @@ test:
     - dask_sql
   commands:
     - pip check
-    # TODO: re-enable server once CVEs are resolved
-    # - dask-sql-server --help
+    - dask-sql-server --help
     - dask-sql --help
   requires:
     - pip

dask_sql/__init__.py

@@ -3,12 +3,9 @@
 from .cmd import cmd_loop
 from .context import Context
 from .datacontainer import Statistics
-
-# from .server.app import run_server
+from .server.app import run_server
 
 __version__ = get_versions()["version"]
 del get_versions
 
-# TODO: re-enable server once CVEs are resolved
-# __all__ = [__version__, cmd_loop, Context, run_server, Statistics]
-__all__ = [__version__, cmd_loop, Context, Statistics]
+__all__ = [__version__, cmd_loop, Context, run_server, Statistics]

dask_sql/context.py

@@ -659,7 +659,7 @@ def run_server(
         from dask_sql.server.app import run_server
 
         self.stop_server()
-        self.sql_server = run_server(
+        self.server = run_server(
             context=self,
             client=client,
             host=host,

dask_sql/server/app.py

@@ -276,9 +276,6 @@ def _init_app(
     context: Context = None,
     client: dask.distributed.Client = None,
 ):
-    # TODO: re-enable server once CVEs are resolved
-    raise NotImplementedError
-
     app.c = context or Context()
     app.future_list = {}
 

docs/source/server.rst

@@ -3,10 +3,6 @@
 SQL Server
 ==========
 
-.. warning::
-
-    ``dask-sql``'s SQL server functionality is currently exploitable and has been disabled until the exposed vulnerabilities can be resolved.
-
 ``dask-sql`` comes with a small test implementation for a SQL server.
 Instead of rebuilding a full ODBC driver, we re-use the `presto wire protocol <https://github.com/prestodb/presto/wiki/HTTP-Protocol>`_.
 

planner/pom.xml

@@ -61,6 +61,11 @@
 			<artifactId>avatica-core</artifactId>
 			<version>1.20.0</version>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient</artifactId>
+			<version>4.5.13</version>
+		</dependency>
 		<dependency>
 			<groupId>org.apiguardian</groupId>
 			<artifactId>apiguardian-api</artifactId>

setup.py

@@ -116,8 +116,7 @@ def build(self):
     },
     entry_points={
         "console_scripts": [
-            # TODO: re-enable server once CVEs are resolved
-            # "dask-sql-server = dask_sql.server.app:main",
+            "dask-sql-server = dask_sql.server.app:main",
             "dask-sql = dask_sql.cmd:main",
         ]
     },

tests/integration/test_jdbc.py

@@ -7,11 +7,6 @@
 from dask_sql.server.app import _init_app, app
 from dask_sql.server.presto_jdbc import create_meta_data
 
-# TODO: re-enable server once CVEs are resolved
-pytest.skip(
-    "SQL server is disabled until related CVEs are resolved", allow_module_level=True
-)
-
 # needed for the testclient
 pytest.importorskip("requests")
 

tests/integration/test_server.py

@@ -5,11 +5,6 @@
 from dask_sql import Context
 from dask_sql.server.app import _init_app, app
 
-# TODO: re-enable server once CVEs are resolved
-pytest.skip(
-    "SQL server is disabled until related CVEs are resolved", allow_module_level=True
-)
-
 # needed for the testclient
 pytest.importorskip("requests")
 
@@ -28,35 +23,6 @@ def app_client():
     app.client.close()
 
 
-def get_result_or_error(app_client, response):
-    result = response.json()
-
-    assert "nextUri" in result
-    assert "error" not in result
-
-    status_url = result["nextUri"]
-    next_url = status_url
-
-    counter = 0
-    while True:
-        response = app_client.get(next_url)
-        assert response.status_code == 200
-
-        result = response.json()
-
-        if "nextUri" not in result:
-            break
-
-        next_url = result["nextUri"]
-
-        counter += 1
-        assert counter <= 100
-
-        sleep(0.1)
-
-    return result
-
-
 def test_routes(app_client):
     assert app_client.post("/v1/statement", data="SELECT 1 + 1").status_code == 200
     assert app_client.get("/v1/statement", data="SELECT 1 + 1").status_code == 405
@@ -208,3 +174,32 @@ def test_inf_table(app_client, user_table_inf):
     assert len(result["data"]) == 3
     assert result["data"][1] == ["+Infinity"]
     assert "error" not in result
+
+
+def get_result_or_error(app_client, response):
+    result = response.json()
+
+    assert "nextUri" in result
+    assert "error" not in result
+
+    status_url = result["nextUri"]
+    next_url = status_url
+
+    counter = 0
+    while True:
+        response = app_client.get(next_url)
+        assert response.status_code == 200
+
+        result = response.json()
+
+        if "nextUri" not in result:
+            break
+
+        next_url = result["nextUri"]
+
+        counter += 1
+        assert counter <= 100
+
+        sleep(0.1)
+
+    return result