[ 
https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16793023#comment-16793023
 ] 

ASF subversion and git services commented on PROTON-2014:
---------------------------------------------------------

Commit 97c7733f07712665f3d08091c82c393e4c3adbf7 in qpid-proton's branch 
refs/heads/master from Andrew Stitcher
[ https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733 ]

PROTON-2014: [c] Ensure SSL mutual authentication


> [c] Example broker can silently use anonymous ciphers when misconfigured
> ------------------------------------------------------------------------
>
>                 Key: PROTON-2014
>                 URL: https://issues.apache.org/jira/browse/PROTON-2014
>             Project: Qpid Proton
>          Issue Type: Bug
>            Reporter: Andrew Stitcher
>            Assignee: Andrew Stitcher
>            Priority: Major
>
> The example broker does not check the return value from 
> {color:#2e3436}pn_ssl_domain_set_credentials(){color} and if given a bad 
> certificate will allow anonymous ciphers without even displaying an error 
> message.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to