Author: gsim
Date: Wed Aug 27 17:27:45 2014
New Revision: 1620948
URL: http://svn.apache.org/r1620948
Log:
QPID-6049: ensure nss is initialised (and shutdown) for 1.0 connections; add
1.0 based ssl test
Added:
qpid/trunk/qpid/cpp/src/qpid/client/ssl.h
Modified:
qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
qpid/trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp
qpid/trunk/qpid/cpp/src/tests/ssl_test
Modified: qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp?rev=1620948&r1=1620947&r2=1620948&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp Wed Aug 27 17:27:45
2014
@@ -161,6 +161,16 @@ namespace {
}
}
+void initialiseSSL()
+{
+ init.checkInitialised();
+}
+
+void shutdownSSL()
+{
+ if (StaticInit::initialised) shutdownNSS();
+}
+
SslConnector::SslConnector(Poller::shared_ptr p,
ProtocolVersion ver,
const ConnectionSettings& settings,
Added: qpid/trunk/qpid/cpp/src/qpid/client/ssl.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/client/ssl.h?rev=1620948&view=auto
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/client/ssl.h (added)
+++ qpid/trunk/qpid/cpp/src/qpid/client/ssl.h Wed Aug 27 17:27:45 2014
@@ -0,0 +1,30 @@
+#ifndef QPID_CLIENT_SSL_H
+#define QPID_CLIENT_SSL_H
+
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+namespace qpid {
+namespace client {
+void initialiseSSL();
+void shutdownSSL();
+}} // namespace qpid::client
+
+#endif /*!QPID_CLIENT_SSL_H*/
Modified: qpid/trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp?rev=1620948&r1=1620947&r2=1620948&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp Wed Aug 27
17:27:45 2014
@@ -25,6 +25,7 @@
#include "qpid/sys/AsynchIO.h"
#include "qpid/sys/ConnectionCodec.h"
#include "qpid/sys/Poller.h"
+#include "qpid/client/ssl.h"
#include "qpid/log/Statement.h"
#include <boost/bind.hpp>
#include <boost/format.hpp>
@@ -40,6 +41,7 @@ namespace amqp {
namespace {
Transport* create(TransportContext& c, Poller::shared_ptr p)
{
+ qpid::client::initialiseSSL();
return new SslTransport(c, p);
}
@@ -49,6 +51,11 @@ struct StaticInit
{
Transport::add("ssl", &create);
};
+
+ ~StaticInit()
+ {
+ qpid::client::shutdownSSL();
+ }
} init;
}
Modified: qpid/trunk/qpid/cpp/src/tests/ssl_test
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/tests/ssl_test?rev=1620948&r1=1620947&r2=1620948&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/tests/ssl_test (original)
+++ qpid/trunk/qpid/cpp/src/tests/ssl_test Wed Aug 27 17:27:45 2014
@@ -35,6 +35,10 @@ OTHER_CA_PEM_FILE=${TEST_CERT_DIR}/other
PY_PING_BROKER=${QPID_TEST_SRC_DIR}/ping_broker
COUNT=10
+if [[ -a $AMQP_LIB ]] ; then
+ MODULES="--load-module $AMQP_LIB"
+fi
+
trap cleanup EXIT
error() { echo $*; exit 1; }
@@ -135,7 +139,7 @@ cleanup() {
}
start_ssl_broker() {
- start_brokers 1 "--transport ssl --ssl-port 0 --require-encryption --auth
no"
+ start_brokers 1 "--transport ssl --ssl-port 0 --require-encryption --auth
no $MODULES"
}
start_ssl_mux_broker() {
@@ -146,7 +150,7 @@ start_ssl_mux_broker() {
sasl_config_dir=$QPID_TEST_EXEC_DIR/sasl_config
start_authenticating_broker() {
- start_brokers 1 "--transport ssl --ssl-port 0 --require-encryption
--ssl-sasl-no-dict --ssl-require-client-authentication --auth yes
--sasl-config=${sasl_config_dir}"
+ start_brokers 1 "--transport ssl --ssl-port 0 --require-encryption
--ssl-sasl-no-dict --ssl-require-client-authentication --auth yes
--sasl-config=${sasl_config_dir} $MODULES"
}
ssl_cluster_broker() { # $1 = port
@@ -184,6 +188,13 @@ URL=amqp:ssl:$TEST_HOSTNAME:$PORT
MSG=`./qpid-receive -b $URL -a "foo;{create:always}" --messages 1`
test "$MSG" = "hello" || { echo "receive failed '$MSG' != 'hello'"; exit 1; }
+if [[ -a $AMQP_LIB ]] ; then
+ echo "Testing ssl over AMQP 1.0"
+ ./qpid-send --connection-options '{protocol:amqp1.0}' -b $URL
--content-string=hello -a "foo;{create:always}"
+ MSG=`./qpid-receive --connection-options '{protocol:amqp1.0}' -b $URL -a
"foo;{create:always}" --messages 1`
+ test "$MSG" = "hello" || { echo "receive failed for AMQP 1.0 '$MSG' !=
'hello'"; exit 1; }
+fi
+
## Test connection with a combination of URL and connection options (in
messaging API)
URL=$TEST_HOSTNAME:$PORT
./qpid-send -b $URL --connection-options '{transport:ssl,heartbeat:2}'
--content-string='hello again' -a "foo;{create:always}"
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
