----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/23616/#review48126 -----------------------------------------------------------
Ship it! Looks good - I'll push the patch up to trunk. - Kenneth Giusti On July 17, 2014, 7:47 p.m., Ernie Allen wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/23616/ > ----------------------------------------------------------- > > (Updated July 17, 2014, 7:47 p.m.) > > > Review request for qpid, Kenneth Giusti and Rafael Schloming. > > > Repository: qpid > > > Description > ------- > > When the user explicitly sets ssl-skip-hostname-check to "false" in the > connection options, but does not supply a trustfile, an insecure connection > is created without an error or warning. > > The patch assumes that when ssl-skip-hostname-check is explicitly set, a > secure connection is desired. If no trustfile is given, then an exception > will be raised. > > This patch distinguishes between the cases where the ssl-skip-hostname-check > is set to "false" by the user, and where ssl-skip-hostname-check is defaulted > to "false" because it was not specified. The exception is raised only in the > former case and only when the trustfile is not supplied. > > > > Diffs > ----- > > /trunk/qpid/python/qpid/messaging/endpoints.py 1611448 > /trunk/qpid/python/qpid/messaging/transports.py 1611448 > > Diff: https://reviews.apache.org/r/23616/diff/ > > > Testing > ------- > > Verified exception is raised when ssl-skip-hostname-check is set to false in > the connection options but the trustfile is absent. > Verified exception is not raised when ssl-skip-hostname-check is set to false > in the connection options and trustfile is present. > Verified exception is not raised when ssl-skip-hostname-check in absent and > trustfile is absent. > > > Thanks, > > Ernie Allen > >
