PROTON-1720: [ruby] Add ssl_domain connection option to enable SSL Added ssl_send to illustrate client use and updated broker.rb to illustrate server use.
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/bf8d90e1 Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/bf8d90e1 Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/bf8d90e1 Branch: refs/heads/go1 Commit: bf8d90e131b32b9c78cb1dfbf88f63cb5116cb68 Parents: 813aa43 Author: Alan Conway <[email protected]> Authored: Mon Dec 18 17:37:24 2017 -0500 Committer: Alan Conway <[email protected]> Committed: Mon Dec 18 17:37:24 2017 -0500 ---------------------------------------------------------------------- examples/ruby/broker.rb | 18 ++++- examples/ruby/example_test.rb | 7 ++ examples/ruby/ssl_certs/README.txt | 24 +++++++ examples/ruby/ssl_certs/tclient-certificate.p12 | Bin 0 -> 1032 bytes examples/ruby/ssl_certs/tclient-certificate.pem | 19 +++++ examples/ruby/ssl_certs/tclient-full.p12 | Bin 0 -> 2476 bytes examples/ruby/ssl_certs/tclient-private-key.pem | 30 ++++++++ examples/ruby/ssl_certs/tserver-certificate.p12 | Bin 0 -> 1032 bytes examples/ruby/ssl_certs/tserver-certificate.pem | 19 +++++ examples/ruby/ssl_certs/tserver-full.p12 | Bin 0 -> 2476 bytes examples/ruby/ssl_certs/tserver-private-key.pem | 30 ++++++++ examples/ruby/ssl_send.rb | 70 +++++++++++++++++++ proton-c/bindings/ruby/lib/core/connection.rb | 2 + proton-c/bindings/ruby/lib/core/container.rb | 4 +- proton-c/bindings/ruby/lib/core/ssl.rb | 3 +- proton-c/bindings/ruby/lib/core/transport.rb | 3 +- 16 files changed, 222 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/broker.rb ---------------------------------------------------------------------- diff --git a/examples/ruby/broker.rb b/examples/ruby/broker.rb index 9595e2f..b28ca76 100644 --- a/examples/ruby/broker.rb +++ b/examples/ruby/broker.rb @@ -75,11 +75,25 @@ class Broker < Qpid::Proton::MessagingHandler super() @url = url @queues = {} + begin # Optional SSL setup, ignore if we don't find cert files etc. + @ssl_domain = Qpid::Proton::SSLDomain.new(Qpid::Proton::SSLDomain::MODE_SERVER) + cert_passsword = "tserverpw" + if Gem.win_platform? # Use P12 certs for windows schannel + @ssl_domain.credentials("ssl_certs/tserver-certificate.p12", "", cert_passsword) + else + @ssl_domain.credentials("ssl_certs/tserver-certificate.pem", "ssl_certs/tserver-private-key.pem", cert_passsword) + end + @ssl_domain.allow_unsecured_client # SSL is optional, this is not secure. + rescue + # Don't worry if we can't set up SSL. + end end def on_container_start(container) - @listener = container.listen(@url) - STDOUT.puts "Listening on #{@url}"; STDOUT.flush + # Options for incoming connections, provide SSL configuration if we have it. + opts = {:ssl_domain => @ssl_domain} if @ssl_domain + @listener = container.listen(@url, Qpid::Proton::Listener::Handler.new(opts)) + STDOUT.puts "Listening on #{@url.inspect}"; STDOUT.flush end def queue(address) http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/example_test.rb ---------------------------------------------------------------------- diff --git a/examples/ruby/example_test.rb b/examples/ruby/example_test.rb index dc31a18..e19855d 100755 --- a/examples/ruby/example_test.rb +++ b/examples/ruby/example_test.rb @@ -65,6 +65,13 @@ EOS assert_output(want.strip, "simple_recv.rb", $url, __method__) end + def test_ssl_send_recv + out = run_script("ssl_send.rb", $url, __method__).read.strip + assert_match(/Connection secured with "...*\"\nAll 10 messages confirmed!/, out) + want = (0..9).reduce("") { |x,y| x << "Received: sequence #{y}\n" } + assert_output(want.strip, "simple_recv.rb", $url, __method__) + end + def test_direct_recv url = test_url p = run_script("direct_recv.rb", url, __method__) http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/README.txt ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/README.txt b/examples/ruby/ssl_certs/README.txt new file mode 100644 index 0000000..9a8a4f9 --- /dev/null +++ b/examples/ruby/ssl_certs/README.txt @@ -0,0 +1,24 @@ +This directory contains basic self signed test certificates for use by +proton examples. + +The ".pem" files are in the format expected by proton implementations +using OpenSSL. The ".p12" file are for Windows implementations using +SChannel. + +The commands used to generate the certificates follow. + + +make_pn_cert() +{ + name=$1 + subject=$2 + passwd=$3 + # create the pem files + openssl req -newkey rsa:2048 -keyout $name-private-key.pem -out $name-certificate.pem -subj $subject -passout pass:$passwd -x509 -days 3650 + # create the p12 files + openssl pkcs12 -export -out $name-full.p12 -passin pass:$passwd -passout pass:$passwd -inkey $name-private-key.pem -in $name-certificate.pem -name $name + openssl pkcs12 -export -out $name-certificate.p12 -in $name-certificate.pem -name $name -nokeys -passout pass: +} + +make_pn_cert tserver /CN=test_server/OU=proton_test tserverpw +make_pn_cert tclient /CN=test_client/OU=proton_test tclientpw http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tclient-certificate.p12 ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tclient-certificate.p12 b/examples/ruby/ssl_certs/tclient-certificate.p12 new file mode 100644 index 0000000..4d0e000 Binary files /dev/null and b/examples/ruby/ssl_certs/tclient-certificate.p12 differ http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tclient-certificate.pem ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tclient-certificate.pem b/examples/ruby/ssl_certs/tclient-certificate.pem new file mode 100644 index 0000000..8088e2e --- /dev/null +++ b/examples/ruby/ssl_certs/tclient-certificate.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDKzCCAhOgAwIBAgIJAIV7frIjftgcMA0GCSqGSIb3DQEBCwUAMCwxFDASBgNV +BAMMC3Rlc3RfY2xpZW50MRQwEgYDVQQLDAtwcm90b25fdGVzdDAeFw0xNTExMjcx +ODEwMzlaFw0yNTExMjQxODEwMzlaMCwxFDASBgNVBAMMC3Rlc3RfY2xpZW50MRQw +EgYDVQQLDAtwcm90b25fdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAPCIS4qUdOtQplUxZ6WW0LXcvosqFP6qOiCARLSEWpR3B8bq213rzefwwfcM +4TtMr88bP+huLKmlyMfwpl8yB88eXkscPgaAce2zk24urWkFXKSQ6GPitWBLGqBa +V+W0wJ4mfW7MwefVslWfGXI381QEUlBHjkFG30AtzMMTRj2GK2JqUlRXZPljGyB7 +WcXwxcoS+HkKV7FtHWSkLAzyXwQ9vsCUEYdWTUaGXfCUNRSRV7h1LIANbu03NxV0 +XdEl7WXcr7tuTw3axeUGhRFVhLegrxKLuZTTno4aAJnEr8uaDzjxvXnv3Ne2igvy +gRfZgOMx+XrZEob9OpAoRghQt4cCAwEAAaNQME4wHQYDVR0OBBYEFE4vbyiM0RjG +TLMLLGGhMZE/5x1GMB8GA1UdIwQYMBaAFE4vbyiM0RjGTLMLLGGhMZE/5x1GMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAErr/rvLS9Ig0UCMwh1J1lA9 +/gvXf93iIK/SjrFIAqYRmfZxg4husfoes8t2hFUeuqoH05TuSOoXG8p8DpgTSGmF +jAFe+T90vJZTm0oqZkkkI/hdzjGQoHURRp9/O2Z/lm39KSKGVAN5pUWCUDi/G5iS +P9LZPJN6a5syXMrR6x62IPxAXowlpXkRghKClF3zPOaOBTzT1V27EkI8IEgC+p45 +246EooLnw8ibB+ucNc3KHNzpgKGVd/622+I+Q5eg9AT9PLFttP+R2ECsrVDDPYuA +p0qaSnwgeozj/d6K3FOgKKEKbzBmpWgkv0jdcVk18aPMHypI/RDtZ/+3ET2Ksi8= +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tclient-full.p12 ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tclient-full.p12 b/examples/ruby/ssl_certs/tclient-full.p12 new file mode 100644 index 0000000..ad2d7d3 Binary files /dev/null and b/examples/ruby/ssl_certs/tclient-full.p12 differ http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tclient-private-key.pem ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tclient-private-key.pem b/examples/ruby/ssl_certs/tclient-private-key.pem new file mode 100644 index 0000000..e5c114d --- /dev/null +++ b/examples/ruby/ssl_certs/tclient-private-key.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQICy6ghWp45z4CAggA +MBQGCCqGSIb3DQMHBAiVdDoo4NIghQSCBMixGm1bm/omMxsaKnIPO7zm5dyLexJ+ +yTFpmh2KV7kQqmpzCyIOdoG6K8YqFnie2XdFWm3S8faRHoMq54bDmyEWIxfQPq5f +I1iYFbIZkbnhUvK53RActsEUMf0locS4xylU7VQK3XTAwp0TVip3Lp3ehEMEdcXL +iUWibGsoTPKcY9MIWGXZAJXsEXoeHt6k2hHo1G4E0/Bi6mLW1LY/cxZCjHTGD6qI +Kt54SCCDvinqVa+rixw6yX9F14EA6bhALami8e+Ccd3lqHOyYlXcBaSS1ezCg6ig +oNK97mC+gEGy1KlkZDKWXclFoOCBXRBe4DByre6Rlq3yeI9L42bvAuSBSmf5QT5g +73Yl8vjEAKR65awBT09dPuKu7t+Fb6vkwF8/t+uyj9IuL+42UuXhMLK3ohf+6DbU +8/zB4y3GXI80QmWM0+Wx4n6khFhPFLHt2q0Sn6V9PG1vtHyiq50oSCoyrPQLaecp +hefnMCFBYTcT3JUwmoVGGy0boIAwL7T4aGsMt7QhwOx5tU35tKFxyY7m4fX14AKo +2EIy+TPQwCGkGf3Puy/Pc9VA8IAxB5+WwSrjk+NeCv88eIX7gy43k4rCr+OmD9FF +wknr3xoP3KYhNXjdZ4Ep/1UHSK+JAtzzbNLQjDcqN+gQPg/yUX6ih0j5K3Wvh9bK +E/DvzbpJroUZPgzR+8z5O68CfsD+OIdpHBFTKqAFmzvUuqpADpr998LdCjD+lW+V +xZZgZa8KEblwgiH3fdGbYl46Ho1zrZisf439DbqyybAuBIQB4NSZcL/MAgVGO17k +QDpVElWZWYrFm4CFTcvS2HvIzRmbefF5m5oJedsN7Q6WQCp+3gnwYx1xIOknd7pW +N4AHNnqjscSj9yACj/EiBVKAKNnC5H7ZGZTsaAjMETZyjLXfI2AZ3Fviz4zFR+oz +NkAfFB6WUpRpl7H02FzrzYT7XkkLcXd6H6g+mv2iDa9uKWk/PS2QlqnJt8/dHEHD +JKTG331yDK5GHlKAVGF3nP5BwFGgTQMuSoeiOervMXPUwDpQ8OaYkuaRej0cZLgT +kAF9sUjqdsoYNcXDFHALp6y5g8qYkfrxrlIbKs82zIsmB5I+dtZbUaD3a0zAUrmW +5Xm3Pc9dVP0EXKwfHz6zqPReEw2yYLisB5IoHd4M2wa3GzHBdra1ij4QTmvd3o7e +buGFoX8KJQAcig0zpbYkoDP2gPhIh9rY4unVPQNX1Q8/wRsiJAZZsYvZY+A+SmuZ +bwSwk+8ZJRsFzdYYYhQeRytD5cDAIQiClcI5Yj4T9dWQV/gf0N/wIBDNTMp0jJAy +1l7PuXTfGZodNJWZH0oqsrNoWbn/k67NildvvofIKX+h09Nxszr670Pvj0qoHd5/ +CWq30lnxoJBUgbikFOz6ZuuHi/ZiCXL+haH+v8hJKN5ptRKnyYJQHchRB/IOGRoT +5lmWxo8a7K+yXhp0VBDHJfw3685ms0xQX8Xj4X3MEuN64zd0fB1JmhtP12ydK85J +ABawNKlRQPw5weckwtCviXQX+vX25S/xu3xA6IuqlHyqL/1t3DICzuxeOyT2mZxD +tKQxEgNihPvu32vn9m74qA3adEaxuWPRkPZuTeITHOkMTZolvqYX/5olBsSgYwka +7/g= +-----END ENCRYPTED PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tserver-certificate.p12 ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tserver-certificate.p12 b/examples/ruby/ssl_certs/tserver-certificate.p12 new file mode 100644 index 0000000..f38b67d Binary files /dev/null and b/examples/ruby/ssl_certs/tserver-certificate.p12 differ http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tserver-certificate.pem ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tserver-certificate.pem b/examples/ruby/ssl_certs/tserver-certificate.pem new file mode 100644 index 0000000..86231f3 --- /dev/null +++ b/examples/ruby/ssl_certs/tserver-certificate.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDKzCCAhOgAwIBAgIJAPnYOOQCJ3kDMA0GCSqGSIb3DQEBCwUAMCwxFDASBgNV +BAMMC3Rlc3Rfc2VydmVyMRQwEgYDVQQLDAtwcm90b25fdGVzdDAeFw0xNTExMjcx +ODEwMzlaFw0yNTExMjQxODEwMzlaMCwxFDASBgNVBAMMC3Rlc3Rfc2VydmVyMRQw +EgYDVQQLDAtwcm90b25fdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKJNB78lgw4KtXDAvXocTLud6mbn6zgfB6ETIF+kcrukOH9DnPxjLBBM4Lig +sp1+kmeudFK5/X8riDrvIW52b/rlEBLgLB+oDtI74m6OTbBs9L+FUFYOuxApetQF +qoJy2vf9pWfy4uku24vCpeo7eVLi6ypu4lXE3LR+Km3FruHI1NKonHBMhwXSOWqF +pYM6/4IZJ4fbV0+eU0Jrx+05s6XHg5vone2BVJKxeSIBje+zWnNnh8+qG0Z70Jgp +aMetME5KGnLNgD1okpH0vb3lwjvuqkkx4WswGVZGbLLkSqqBpXPyM9fCFVy5aKSL +DBq7IABQtO67O2nBzK3OyigHrUUCAwEAAaNQME4wHQYDVR0OBBYEFGV1PY0FCFbJ +gpcDVKI6JGiRTt3kMB8GA1UdIwQYMBaAFGV1PY0FCFbJgpcDVKI6JGiRTt3kMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAIx1TOTGWnnbpan4bse7wuvH +GYSNDJhoTVS+X1TC63xukJD1JBAsCNTqg/ZV6lN3XEl7vvOXfGoCiyXM6a9XOKUo +gSDtMrIr+wTh6Ss1yRO8QcCJmxH5JDXNu1ojtwsjFW/vneI4IL9kwpDsSlMQEX/E +EkkQwtAx/Cvfe7pecZL4qSeykJOUMTts9H8fCAZqEiRZBA3ugJxqF8jwLP3DoFVQ +6QZzKDY6CSPqfMnVb5i0MAIYVDpau+e3N9dgQpZD22F/zbua0OVbfAPdiRMnYxML +FT4sxLnh+5YVqwpVWbEKp4onHe2Fq6YIvAxUYAJ3SBA2C8O2RAVKWxf1jko3jYI= +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tserver-full.p12 ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tserver-full.p12 b/examples/ruby/ssl_certs/tserver-full.p12 new file mode 100644 index 0000000..d4a0e40 Binary files /dev/null and b/examples/ruby/ssl_certs/tserver-full.p12 differ http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_certs/tserver-private-key.pem ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_certs/tserver-private-key.pem b/examples/ruby/ssl_certs/tserver-private-key.pem new file mode 100644 index 0000000..91dcf0e --- /dev/null +++ b/examples/ruby/ssl_certs/tserver-private-key.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI1cT0c2J3GcQCAggA +MBQGCCqGSIb3DQMHBAi1hxSX2LJ+EgSCBMheHJ0iXr5A36Natjk/LcAEeKUMT9s+ +sMzoQceCWe8qMlQluWksr9iDdZ4JRIE8cpK8dbmx4dLY/SShUzdlhJHCSa4zZBHq +8cZ/jGUF/RF1rqdgjK589eUq+uOl3/gXKzG/SxBqayy6PSn12kX3qnvmlkXCmtwU +lg+iBm5wRcJ0MyVHaJkyA8sW8gr186C/VAau6Yu0crQXN7NRo9snrd4ewuYMIEhZ +hgaG9XsYQWB1bPhAaKj80CZGxsQbJyTwcbKKkB3IY4WXx8mmhuiNl+vKT3HBJ9Ju +YB6tgIjs8CJ4X2P4aU3yNJwG1QldgHSqmFGQ19bcZAw3s3kzwjdzRf4H2V16XOBd +zQ5AEs/ffVMzMIAfkb1gYwgunZ2CVwwDJ2mi1RcgkX+Og2aFQc+fxXcVOnDcGLxV +6fuCuZ2lsXfoiIyRh9kj3L75N12GtVUvgBdnMuOc1wPw6XnGQtDwt0acJpdexLMG +k0j57r/gcgzTcmF3qNM+y9L/HLssgrJkvVJw2Np5gmtIyfDocsDUWUbClS4dTpYf +oTngUTU+vWtHBuaUnb+f5/WJaRS/S7mmR8usbVG3i9WnEr/vlPJpbJFSjW2S6u/H +7cFxKUmmBZsSuEv/EKt9a+Sh62kprOChm4myqfCI1/gvNKfUZC6m0Vp8zf+2LgAq +2RgbMuqysMjWUtV4kDRZT7oCYckUDwsCHdbLES3nmVrtBk2ShMKHBpDp8/GoRuiV +jdV7/EjKM/M1kXtFYYe3z7Mxv++lKYIJ7bNwVrQ8nrhce/VwHw6D5emWXNCJXhKZ +FW7EM2ZOZ9eaKOlCsIi8sbjV6Yie9IY6HJKKmi3CpO0Tv5kLBdHkru8vGCSFm3O1 +n7wz7Ys5FBSlZ19X0NwQSCQX1Q4w+tido6i1SCRX0qJEdTNGuGwVXMHCf4/1zyHV +hj8vnxh8fzo79LFrwlTTgwLg1Mr8sEUFFDJ/raJ1AhFXi8n24trtNR8EHxRW8wtD +CLCKaqkEqfBiFXK/Yq3RrefCayPHiD+DaNsI8BwefMGpED3vD8YYCjAzXNPh/CSF +sc1i1jWMzbJhzOoFSPNXhlfusbUFMFQ/6olatmH47SY6HBBOL3DDP5uQ0jw8P454 +QBjlMOpEZmZxO6TcEtJwu0vzgog4rQ5g3NWy6SIpjWehNwTynLt7yM3R5WTI6cZs +0GTv/rqo2/SUoNsFmnGIUwj/DrBe4XOAq1nS2ZlEctxKhBsKH0hMFp6D1rXOzrgl +bwcq+oistoB0TLcThShyNgSqzW1znQ1n5SVUk9b5rRhSttJxn3yOMewH0i3v8bPo +HOhP5kaGjblPsCYyhlL/SNVF0OXEGTwLNey7FQdWFOwVwTRRXe7k+uGZ2d5hg+Jn +It/trDZ1RDYbVmB7/Qy73c16J4mvhOUJ2de5ZciFBjkidbiiUKLj9xnjK9k9Sauo +MKhNnDMAEU5VDQM3xNe5BRdX8dFLwfF5H64sU3nROF83aUnDgvfFEowYPnCuPYfm +m4aQHfoBSg4j3v1OeOwktcl+Q2TjxPHfWhbWeRBfxOTqQ/suYhnQChuFSK/qyo9K +ccgotqghhunRsWMoZT25H7AZM6yKb1sMz/0oyMRIKeGqoYh+ULM5XLY0xNYd4/xU +WtQ= +-----END ENCRYPTED PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/examples/ruby/ssl_send.rb ---------------------------------------------------------------------- diff --git a/examples/ruby/ssl_send.rb b/examples/ruby/ssl_send.rb new file mode 100644 index 0000000..4ff5da6 --- /dev/null +++ b/examples/ruby/ssl_send.rb @@ -0,0 +1,70 @@ +#-- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +#++ + +require 'qpid_proton' +require 'optparse' + +class SimpleSend < Qpid::Proton::MessagingHandler + + def initialize(url, address, expected) + super() + @url = url + @address = address + @sent = 0 + @confirmed = 0 + @expected = expected + end + + def on_container_start(container) + # Use a default client SSL domain + ssl_domain = Qpid::Proton::SSLDomain.new(Qpid::Proton::SSLDomain::MODE_CLIENT) + c = container.connect(@url, { :ssl_domain => ssl_domain }) + c.open_sender(@address) + end + + def on_connection_open(c) + raise "No security!" unless c.transport.ssl? + STDOUT.puts "Connection secured with #{c.transport.ssl.protocol_name.inspect}" + end + + def on_sendable(sender) + while sender.credit > 0 && @sent < @expected + msg = Qpid::Proton::Message.new("sequence #{@sent}", { :id => @sent } ) + sender.send(msg) + @sent = @sent + 1 + end + end + + def on_tracker_accept(tracker) + @confirmed = @confirmed + 1 + if @confirmed == @expected + puts "All #{@expected} messages confirmed!" + tracker.connection.close + end + end +end + +unless (2..3).include? ARGV.size + STDERR.puts "Usage: #{__FILE__} URL ADDRESS [COUNT]} +Connect to URL and send COUNT messages to ADDRESS" + return 1 +end +url, address, count = ARGV +count = Integer(count || 10) +Qpid::Proton::Container.new(SimpleSend.new(url, address, count)).run http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/proton-c/bindings/ruby/lib/core/connection.rb ---------------------------------------------------------------------- diff --git a/proton-c/bindings/ruby/lib/core/connection.rb b/proton-c/bindings/ruby/lib/core/connection.rb index e71e69b..b94eaff 100644 --- a/proton-c/bindings/ruby/lib/core/connection.rb +++ b/proton-c/bindings/ruby/lib/core/connection.rb @@ -114,6 +114,8 @@ module Qpid::Proton # @option opts [Boolean] :sasl_allow_insecure_mechs (false) Allow mechanisms send secrets in clear text # @option opts [String] :sasl_allowed_mechs SASL mechanisms allowed by this end of the connection # + # @option opts [SSLDomain] :ssl_domain SSL configuration domain. + # def open(opts=nil) return if local_active? apply opts if opts http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/proton-c/bindings/ruby/lib/core/container.rb ---------------------------------------------------------------------- diff --git a/proton-c/bindings/ruby/lib/core/container.rb b/proton-c/bindings/ruby/lib/core/container.rb index 9d9463e..e16323b 100644 --- a/proton-c/bindings/ruby/lib/core/container.rb +++ b/proton-c/bindings/ruby/lib/core/container.rb @@ -184,12 +184,12 @@ module Qpid::Proton def connect(url, opts=nil) not_stopped url = Qpid::Proton::uri url + opts ||= {} if url.user || url.password - opts ||= {} opts[:user] ||= url.user opts[:password] ||= url.password end - # TODO aconway 2017-10-26: Use SSL for amqps URLs + opts[:ssl_domain] ||= SSLDomain.new(SSLDomain::MODE_CLIENT) if url.scheme == "amqps" socket = begin TCPSocket.new(url.host, url.port) rescue => e http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/proton-c/bindings/ruby/lib/core/ssl.rb ---------------------------------------------------------------------- diff --git a/proton-c/bindings/ruby/lib/core/ssl.rb b/proton-c/bindings/ruby/lib/core/ssl.rb index bc4460a..af442ba 100644 --- a/proton-c/bindings/ruby/lib/core/ssl.rb +++ b/proton-c/bindings/ruby/lib/core/ssl.rb @@ -128,8 +128,7 @@ module Qpid::Proton # def protocol_name rc, name = Cproton.pn_ssl_get_protocol_name(@impl, 128) - retur name if rc - nil + name if rc end # Checks whether or not the state has resumed. http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/bf8d90e1/proton-c/bindings/ruby/lib/core/transport.rb ---------------------------------------------------------------------- diff --git a/proton-c/bindings/ruby/lib/core/transport.rb b/proton-c/bindings/ruby/lib/core/transport.rb index eb5fb01..e629b0c 100644 --- a/proton-c/bindings/ruby/lib/core/transport.rb +++ b/proton-c/bindings/ruby/lib/core/transport.rb @@ -344,7 +344,7 @@ module Qpid::Proton # @return [SSL] The SSL object. # def ssl(domain = nil, session_details = nil) - @ssl ||= SSL.create(self, domain, session_details) if @ssl.nil? + @ssl ||= SSL.create(self, domain, session_details) end # @private @@ -367,6 +367,7 @@ module Qpid::Proton # The transport #idle_timeout property is in *milliseconds* passed direct to C. # Direct use of the transport is deprecated. self.idle_timeout= (opts[:idle_timeout]*1000).round if opts.include? :idle_timeout + self.ssl(opts[:ssl_domain]) if opts[:ssl_domain] end can_raise_error :process, :error_class => TransportError --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
