[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15371319#comment-15371319
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user asfgit closed the pull request at:

https://github.com/apache/qpid-dispatch/pull/92


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15371318#comment-15371318
 ] 

ASF subversion and git services commented on DISPATCH-401:
--

Commit d7dc541a4ed325548571b7aed4bbc8175dd3bf4b in qpid-dispatch's branch 
refs/heads/master from [~ganeshmurthy]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-dispatch.git;h=d7dc541 ]

DISPATCH-401 - Made qdstat and qdmanage verify peer name by default. Added new 
option --ssl-disable-peer-name-verify to disable peer name verification


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15371135#comment-15371135
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user ganeshmurthy closed the pull request at:

https://github.com/apache/qpid-dispatch/pull/91


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15371144#comment-15371144
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

GitHub user ganeshmurthy opened a pull request:

https://github.com/apache/qpid-dispatch/pull/92

DISPATCH-401 - Made qdstat and qdmanage verify peer name by default. …

…Added new option --ssl-disable-peer-name-verify to disable peer name 
verification

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/ganeshmurthy/qpid-dispatch DISPATCH-401-4

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/qpid-dispatch/pull/92.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #92


commit d7dc541a4ed325548571b7aed4bbc8175dd3bf4b
Author: Ganesh Murthy 
Date:   2016-07-11T16:42:05Z

DISPATCH-401 - Made qdstat and qdmanage verify peer name by default. Added 
new option --ssl-disable-peer-name-verify to disable peer name verification




> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15371127#comment-15371127
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

GitHub user ganeshmurthy opened a pull request:

https://github.com/apache/qpid-dispatch/pull/91

DISPATCH-401 - Made qdstat and qdmanage verify peer name by default. …

…Added new option --ssl-disable-peer-name-verify to disable peer name 
verification

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/ganeshmurthy/qpid-dispatch DISPATCH-401-3

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/qpid-dispatch/pull/91.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #91


commit 23729780d4907bebc0b6fcc528bb2a74542c69a5
Author: Ganesh Murthy 
Date:   2016-07-11T16:42:05Z

DISPATCH-401 - Made qdstat and qdmanage verify peer name by default. Added 
new option --ssl-disable-peer-name-verify to disable peer name verification




> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-11 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15370941#comment-15370941
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user ganeshmurthy closed the pull request at:

https://github.com/apache/qpid-dispatch/pull/84


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-07-08 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15368223#comment-15368223
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user ted-ross commented on a diff in the pull request:

https://github.com/apache/qpid-dispatch/pull/84#discussion_r70125810
  
--- Diff: python/qpid_dispatch_internal/tools/command.py ---
@@ -83,6 +83,9 @@ def connection_options(options, title="Connection 
Options"):
  help="Trusted Certificate Authority Database file 
(PEM Format)")
 group.add_option("--ssl-password", action="store", type="string", 
metavar="PASSWORD",
  help="Certificate password, will be prompted if not 
specifed.")
+group.add_option("--ssl-allow-peer-name-mismatch", 
action="store_true", default=False,
+ help="Verify the peer host name matches the 
certificate. Default true, "
+  "setting to false is insecure .")
 return group
--- End diff --

The name of this option seems inverted.  Allowing a mismatch is insecure, 
no?  How about "--ssl-verify-hostname"?


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-23 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15346529#comment-15346529
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

GitHub user ganeshmurthy opened a pull request:

https://github.com/apache/qpid-dispatch/pull/84

DISPATCH-401 - Made qdstat and qdmanage verify host name by default. …

…Added --ssl-allow-peer-name-mismatch to allow peer name mismatch

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/ganeshmurthy/qpid-dispatch DISPATCH-401-2

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/qpid-dispatch/pull/84.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #84


commit 6752812bebb509642341d599efad7dfabd333d75
Author: Ganesh Murthy 
Date:   2016-06-23T14:34:58Z

DISPATCH-401 - Made qdstat and qdmanage verify host name by default. Added 
--ssl-allow-peer-name-mismatch to allow peer name mismatch




> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-22 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15344998#comment-15344998
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user ganeshmurthy commented on the issue:

https://github.com/apache/qpid-dispatch/pull/83
  
alanconway, 

@alanconway,  if I understood correctly, to disable hostname verification, 
one must do the following -

qdstat -c --verify-peer-name=false 
--ssl-trustfile=/home/gmurthy/opensource/dispatch/tests/config-2/ca-certificate.pem
 
--ssl-certificate=/home/gmurthy/opensource/dispatch/tests/config-2/client-certificate.pem
 
--ssl-key=/home/gmurthy/opensource/dispatch/tests/config-2/client-private-key.pem
 --ssl-password=client-password 



> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-22 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15344999#comment-15344999
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user ganeshmurthy closed the pull request at:

https://github.com/apache/qpid-dispatch/pull/83


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-22 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15344984#comment-15344984
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user grs commented on a diff in the pull request:

https://github.com/apache/qpid-dispatch/pull/83#discussion_r68114603
  
--- Diff: python/qpid_dispatch_internal/tools/command.py ---
@@ -83,6 +83,11 @@ def connection_options(options, title="Connection 
Options"):
  help="Trusted Certificate Authority Database file 
(PEM Format)")
 group.add_option("--ssl-password", action="store", type="string", 
metavar="PASSWORD",
  help="Certificate password, will be prompted if not 
specifed.")
+group.add_option("--no-verify-host-name", action="store_true", 
default=False,
--- End diff --

Maybe add 'ssl' to the option also.


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-22 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15344979#comment-15344979
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

Github user alanconway commented on a diff in the pull request:

https://github.com/apache/qpid-dispatch/pull/83#discussion_r68114202
  
--- Diff: python/qpid_dispatch_internal/tools/command.py ---
@@ -83,6 +83,11 @@ def connection_options(options, title="Connection 
Options"):
  help="Trusted Certificate Authority Database file 
(PEM Format)")
 group.add_option("--ssl-password", action="store", type="string", 
metavar="PASSWORD",
  help="Certificate password, will be prompted if not 
specifed.")
+group.add_option("--no-verify-host-name", action="store_true", 
default=False,
--- End diff --

I'd suggest: --verify-peer-name type=bool, default=true. Bool options with 
negative names are confusing and "host" is a bit vague - peer is more clearly 
the _other_ host. Also the help text is very long, maybe "Verify the peer host 
name matches the certificate. Default true, setting to false is insecure ."


> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Commented] (DISPATCH-401) qdstat and qdmanage client tools do not verify host name when using SSL

2016-06-22 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/DISPATCH-401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15344915#comment-15344915
 ] 

ASF GitHub Bot commented on DISPATCH-401:
-

GitHub user ganeshmurthy opened a pull request:

https://github.com/apache/qpid-dispatch/pull/83

DISPATCH-401 - Verified host name by default and added a --no-verify-…

…host-name to disable host name verification

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/ganeshmurthy/qpid-dispatch DISPATCH-401

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/qpid-dispatch/pull/83.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #83


commit 8ad0df8494eae79c6fc5ffac8ff12a71d932f08a
Author: Ganesh Murthy 
Date:   2016-06-22T18:09:50Z

DISPATCH-401 - Verified host name by default and added a 
--no-verify-host-name to disable host name verification




> qdstat and qdmanage client tools do not verify host name when using SSL
> ---
>
> Key: DISPATCH-401
> URL: https://issues.apache.org/jira/browse/DISPATCH-401
> Project: Qpid Dispatch
>  Issue Type: Bug
>  Components: Container
>Affects Versions: 0.6.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>
> qdstat and qdmanage tools do not ensure that when initiating an SSL 
> connection the host name in the URL to which qdstat and qdmanage connect to 
> matches the host name in the digital certificate that the peer sends back as 
> part of the SSL connection.
> Enable host name verification by default on qdstat and qdmanage. Add a 
> command line option called --no-verify-host-name which allows the host name 
> to not match. Add a warning to this command line option saying that it is 
> insecure and should not be used in production environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org