Excellent - contributions are always welcome! Here's the scoop on ssl ... We haven't begun work on it as of yet. We've been putting it off because we were waiting for official ssl support in apr. By the looks of things, ssl support is still only in their trunk ( http://apr.apache.org/docs/apr-util/trunk/). So if you'd like to take a shot at it, I would start by working from the apr-trunk. If apr still doesn't have a release with ssl by the time we're ready, we can just make a branch to hold the ssl code.
>From the user perspective, we want all of the SSL configuration embedded in the connection uri (e.g. "ssl://localhost:12121?sslProperty1=yadda"). The way I envisioned SSL fitting into the architecture was by making a SSLSocket class, similar to the one in the JDK ( http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/SSLSocket.html). We have already defined a Socket interface, which is implemented by TcpSocket. SSLSocket might extend TcpSocket or might simply be another socket altogether. We'll use the first bit of the connection uri (e.g. ssl://) to determine which transport/socket to create. I think we'll have to create a new SSLTransportFactory class that registers itself for the protocol "ssl" (see TcpTransportFactory). Alternatively, you could register TcpTransportFactory once for each "tcp" and "ssl". When created, TcpTransport ( https://svn.apache.org/repos/asf/activemq/activemq-cpp/trunk/src/main/activemq/transport/filters/TcpTransport.cpp) passes in the transport URI parameter (now will be one of "tcp" or "ssl") into SocketFactory ( https://svn.apache.org/repos/asf/activemq/activemq-cpp/trunk/src/main/activemq/network/SocketFactory.cpp). Some extra logic can be added to SocketFactory to decide whether to create a TcpSocket or a new SSLSocket. Once all of this is in place, the IOTransport ( https://svn.apache.org/repos/asf/activemq/activemq-cpp/trunk/src/main/activemq/transport/IOTransport.cpp) should work just as it would with a TcpSocket - no changes there. That's all I can think of right now. You can start by just digging around through the classes I pointed out and get a feel for how everything fits together. If you have any questions, feel free to ask. Thanks, Nate On 10/15/07, Teemu Torma <[EMAIL PROTECTED]> wrote: > > I known ssl support is targeted for 2.2 release, but we have a need for > one rather sooner. I am wondering if there are yet development plans > to see how to proceed. > > We could implement something internal and trash it once activemq-cpp > supports ssl natively, or develop something "real" and contribute it > back. > > If latter, are there any thoughts about the design and the api to manage > certificates, keys, verification and like? > > Teemu >
