[
https://issues.apache.org/jira/browse/QPID-3175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242223#comment-13242223
]
JAkub Scholz commented on QPID-3175:
------------------------------------
Hi,
It is great to see the fix committed to trunk. Nevertheless I found one related
problem ... it adds the support for EXTERNAL mechanism only to the PlainClient
class. But the WrapperClient class remained unchanged. And since on systems
where the python-saslwrapper is installed, it uses the WrapperClient and the
SASL library instead of the PlainClient, the EXTERNAL mechanism doesn't work.
I prepared and attached another patch which fixes this problem as well. It
modifies the messaging/driver.py to detect the EXTERNAL mechanism and sets the
"externaluser" attribute for the WrapperClient as well as for the PlainClient.
That makes the EXTERNAL mechanism really work in both situations ...
Regards
Jakub
> SSL support in Python client libraries
> --------------------------------------
>
> Key: QPID-3175
> URL: https://issues.apache.org/jira/browse/QPID-3175
> Project: Qpid
> Issue Type: Bug
> Components: Python Client
> Affects Versions: 0.8
> Environment: Windows XP, Python 2.7.1, (broker Red Hat MRG 1.3 on
> RHEL 5.5)
> Reporter: JAkub Scholz
> Assignee: Rafael H. Schloming
> Labels: possibly_complete
> Fix For: 0.15
>
> Attachments: QPID-3175.patch, QPID-3175a.patch
>
>
> I was trying to connect to my broker with SSL encrypted connection (both
> PLAIN and EXTERNAL authentication methods). However, it seems to be not
> working. I get following error messages:
> Traceback (most recent call last):
> File "ssl-external.py", line 20, in <module>
> connection.open()
> File "<string>", line 6, in open
> File
> "c:\opt\!_EUREX14\tests\qpid.python-0.8\python\qpid\messaging\endpoints.py",
> line 244, in open
> self.attach()
> File "<string>", line 6, in attach
> File
> "c:\opt\!_EUREX14\tests\qpid.python-0.8\python\qpid\messaging\endpoints.py",
> line 262, in attach
> self._ewait(lambda: self._transport_connected and not self._unlinked())
> File
> "c:\opt\!_EUREX14\tests\qpid.python-0.8\python\qpid\messaging\endpoints.py",
> line 197, in _ewait
> self.check_error()
> File
> "c:\opt\!_EUREX14\tests\qpid.python-0.8\python\qpid\messaging\endpoints.py",
> line 190, in check_error
> raise self.error
> qpid.messaging.exceptions.ConnectError: [Errno 1] _ssl.c:499:
> error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> In the source codes (messaging/transports.py), the SSL seems to be supported
> and implemented, but it is not working. I didn't found any possibilities how
> to pass the certificates to the SSL libraries and the wrap_socket call in
> transports.py is calling the wrap_socket without any additional attributes
> except the original socket.
> I didn't had the chance to test other platforms or Python versions, except
> Python 2.4.3 on RHEL 5.5, where the SSL is not supported at all (the SSL
> support in Python changed significantly with 2.6)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
