----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/53876/#review156298 -----------------------------------------------------------
Do we need the explicit sni setting? i.e. are there use cases where you really need to set SSL SNI = X and AMQP/SASL host = Y where X != Y? If there are then ship it. If not then I'd prefer to drop the ssl_sni option and make virtual_host the One True Fake Hostname for all security purposes. This story is confusing enough already. - Alan Conway On Nov. 18, 2016, 1:58 p.m., Gordon Sim wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/53876/ > ----------------------------------------------------------- > > (Updated Nov. 18, 2016, 1:58 p.m.) > > > Review request for qpid, Alan Conway, Justin Ross, Kenneth Giusti, and Robbie > Gemmell. > > > Repository: qpid-proton-git > > > Description > ------- > > Ulf's fix for https://issues.apache.org/jira/browse/PROTON-1355 allows you to > control the sni via the existing virtual host option. For cases where you > want the sni to be different from the hostname in the open frame, this patch > adds an explicit option. > > > Diffs > ----- > > proton-c/bindings/python/proton/reactor.py 3562aa9 > > Diff: https://reviews.apache.org/r/53876/diff/ > > > Testing > ------- > > > Thanks, > > Gordon Sim > >
