Steve Huston wrote:
I'm working on adding SSL client support for the C++ client on
Windows. This message contains the general plan - I welcome any input.
The current SSL support in the C++ client (and broker) uses NSS/NSPR.
The Windows code will use Schannel instead, as it is more integrated
with the Windows security architecture and management framework. This
also allows the SSL support in Windows to be added without another
optional piece of software to download and build.
The use of Schannel leads to some areas which are different from
Linux:
1. The options to specify the directory where the certificates, etc.
are not needed. Windows manages locating these by itself.
2. SSL support need not be an optional plug-in. Since the supporting
package is always available in the OS, the SSL support for Qpid can be
built in always. Does anyone see a problem with always building it in?
The idea for plugins is also not to bloat the runtime when options are
not used. This will come
down to a call on Windows, but I expect Windows will also do for kerb
support which gives
auth and encryption. When kerb is being run, there is no need for SSL.
Thus if it brings in a bunch
of stuff a plugin would be the better way to go.
Carl.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
