This is an automated email from the ASF dual-hosted git repository.
jbertram pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/master by this push:
new ba674fb ARTEMIS-2799 sniHost property not allowed on URLs
new 80e9e06 This closes #3159
ba674fb is described below
commit ba674fb842a1f08fcc3081f836eb542a5eff99f5
Author: Jacob Middag <[email protected]>
AuthorDate: Tue Jun 2 21:28:24 2020 +0200
ARTEMIS-2799 sniHost property not allowed on URLs
---
.../core/remoting/impl/netty/TransportConstants.java | 2 ++
.../integration/ssl/CoreClientOverOneWaySSLTest.java | 19 +++++++++++++++++++
2 files changed, 21 insertions(+)
diff --git
a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java
index 7f304e1..728d6b9 100644
---
a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java
+++
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java
@@ -380,6 +380,7 @@ public class TransportConstants {
allowableAcceptorKeys.add(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME);
allowableAcceptorKeys.add(TransportConstants.WANT_CLIENT_AUTH_PROP_NAME);
allowableAcceptorKeys.add(TransportConstants.VERIFY_HOST_PROP_NAME);
+ allowableAcceptorKeys.add(TransportConstants.SNIHOST_PROP_NAME);
allowableAcceptorKeys.add(TransportConstants.TCP_NODELAY_PROPNAME);
allowableAcceptorKeys.add(TransportConstants.TCP_SENDBUFFER_SIZE_PROPNAME);
allowableAcceptorKeys.add(TransportConstants.TCP_RECEIVEBUFFER_SIZE_PROPNAME);
@@ -445,6 +446,7 @@ public class TransportConstants {
allowableConnectorKeys.add(TransportConstants.VERIFY_HOST_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.TRUST_ALL_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.FORCE_SSL_PARAMETERS);
+ allowableConnectorKeys.add(TransportConstants.SNIHOST_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.TCP_NODELAY_PROPNAME);
allowableConnectorKeys.add(TransportConstants.TCP_SENDBUFFER_SIZE_PROPNAME);
allowableConnectorKeys.add(TransportConstants.TCP_RECEIVEBUFFER_SIZE_PROPNAME);
diff --git
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverOneWaySSLTest.java
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverOneWaySSLTest.java
index 7331c51..697569b 100644
---
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverOneWaySSLTest.java
+++
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverOneWaySSLTest.java
@@ -201,6 +201,25 @@ public class CoreClientOverOneWaySSLTest extends
ActiveMQTestBase {
}
@Test
+ public void testOneWaySSLwithSNINegativeAndURL() throws Exception {
+ createCustomSslServer("myhost\\.com");
+
+ ServerLocator locator =
addServerLocator(ActiveMQClient.createServerLocator("tcp://127.0.0.1:61616?" +
+
TransportConstants.SSL_ENABLED_PROP_NAME + "=true;" +
+
TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME + "=" + storeType + ";" +
+
TransportConstants.TRUSTSTORE_PATH_PROP_NAME + "=" +
CLIENT_SIDE_TRUSTSTORE +";" +
+
TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME + "=" + PASSWORD + ";" +
+
TransportConstants.SNIHOST_PROP_NAME + "=badhost.com"));
+
+ try {
+ ClientSessionFactory sf =
addSessionFactory(createSessionFactory(locator));
+ fail("Should have failed due to unrecognized SNI host name");
+ } catch (Exception e) {
+ // ignore
+ }
+ }
+
+ @Test
public void testOneWaySSLwithSNIOnlyOnTheClient() throws Exception {
createCustomSslServer();
String text = RandomUtil.randomString();
