Additional parameters for connection, namely, 'secure' and 'verify'?

[gdemin]

Hi,
In my organization I can connect with Clickhouse in Python with the code:

con = clickhouse_driver.Client(
    host=my_host,
    port='9440',
    user='user',
    password='password',
    database='test',
    secure=True,
    verify=False
)

However, there are no such parameters as secure and verify in RClickhouse.

If I omit these parameters in R:

con = dbConnect(RClickhouse::clickhouse(),
                host = my_host,
                port = 9440,
                user='user',
                password='password',
                db = "test"

)

I got an error:

connect(config[["host"]], strtoi(config[["port"]]), config[["db"]], :
can't receive string data: connection dropped by other side

I also tried to pass parameters via the xml file but without success.
Are there any way connect with Clickhouse in R with such type of connection? Or, is it possible to add 'secure' and 'verify' as arguments for connection in the future version of RClickhouse?

[xinstein]

+1

[inkrement]

Thanks for bringing this up. Indeed, neither secure nor verify are supported right now. The reason is that this client is internally based on the official c++ client. AFAIK the c++ client does not support these features right now, but we'll investigate it. Furthermore, we are also planning a major rewrite of the communication parts were we'll consider it.

[andyrichardson]

Good news! It looks like SSL support has been added

[inkrement]

Nice to hear, but we are currently relying on an older version of the client. The newer one, which you are referring to, requires C++17 (or higher). Although R/Rcpp (partly) supports C++17, it would require a c++17 compiler, which is not always the case. I would love to switch to the latest versions, but as package developers, we have to scarify functionality and fancy features for the sake of supporting as many platforms as possible. In this case it even hurts since this would greatly benefit security. Nevertheless, we'll discuss this issue internally and evaluate all possibilities (e.g., backporting, switching the backend, upgrading to cpp17) - this issue stays open in the meanwhile.

[patzaw]

Hi

Because we needed secure connection to our ClickHouse instances and since it is not yet supported by RClickhouse, I've developed a ClickHouse R DBI based on ClickHouse HTTP interface. It supports HTTP and HTTPS connections (with or without ssl peer verification).

It's available on CRAN (https://cran.r-project.org/package=ClickHouseHTTP) and github (https://github.com/patzaw/ClickHouseHTTP).

It is slower than RClickhouse (mainly because of data format transformation). Thus, if you don't need SSL, I recommend to still use RClickhouse package.

I hope it helps anyway

[inkrement]

@patzaw Thanks for the great work! I see your point with the ssl-connection, but two packages with such a similar functionality are not really needed (and hard to maintain). If you want, we can merge our efforts. In particular, we could add a small abstraction layer and share common parts (e.g., dplyr level). As I already indicated in my last post, we already thought of supporting the HTTP interface.

[patzaw]

Hi @inkrement
Thanks for your feedback.
I agree that it would be easier to use only one backend. Nevertheless the HTTP interface and the native interface are quite different (especially regarding data format and data types) and I did not know where to put the abstraction layer.
If you have a clearer idea, I'll be happy to help.
I thought from your previous post that you were considering developing support for the native interface through SSL: that would be very great since such interface would be fast and secure.