[jira] [Commented] (QPID-8153) [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS handshake
[ https://issues.apache.org/jira/browse/QPID-8153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16439444#comment-16439444 ] ASF subversion and git services commented on QPID-8153: --- Commit 2f6732941cc1c5f677cb4384f29e8e2880a6f3c0 in qpid-jms-amqp-0-x's branch refs/heads/6.3.x from [~k-wall] [ https://git-wip-us.apache.org/repos/asf?p=qpid-jms-amqp-0-x.git;h=2f67329 ] QPID-8153: [Qpid JMS AMQP 0-x] Pass host/port through to the SSLEngine so that SNI may function (cherry picked from commit 78cf85c60fbedddfc08f978262aaa23061cae2b4) > [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS > handshake > --- > > Key: QPID-8153 > URL: https://issues.apache.org/jira/browse/QPID-8153 > Project: Qpid > Issue Type: Improvement > Components: JMS AMQP 0-x >Affects Versions: qpid-java-client-0-x-6.3.0 >Reporter: Alex Rudyy >Assignee: Keith Wall >Priority: Trivial > Fix For: qpid-java-client-0-x-6.3.1 > > > Qpid JMS AMQP 0-x client does not provide SNI as part of TLS handshake. The a > client should be able to indicate which hostname it is attempting to connect > to by using SNI TLS extension. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8153) [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS handshake
[ https://issues.apache.org/jira/browse/QPID-8153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16427110#comment-16427110 ] ASF subversion and git services commented on QPID-8153: --- Commit 78cf85c60fbedddfc08f978262aaa23061cae2b4 in qpid-jms-amqp-0-x's branch refs/heads/master from [~k-wall] [ https://git-wip-us.apache.org/repos/asf?p=qpid-jms-amqp-0-x.git;h=78cf85c ] QPID-8153: [Qpid JMS AMQP 0-x] Pass host/port through to the SSLEngine so that SNI may function > [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS > handshake > --- > > Key: QPID-8153 > URL: https://issues.apache.org/jira/browse/QPID-8153 > Project: Qpid > Issue Type: Improvement > Components: JMS AMQP 0-x >Affects Versions: qpid-java-client-0-x-6.3.0 >Reporter: Alex Rudyy >Priority: Trivial > Fix For: qpid-java-client-0-x-6.3.1 > > > Qpid JMS AMQP 0-x client does not provide SNI as part of TLS handshake. The a > client should be able to indicate which hostname it is attempting to connect > to by using SNI TLS extension. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8153) [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS handshake
[ https://issues.apache.org/jira/browse/QPID-8153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16425443#comment-16425443 ] Robbie Gemmell commented on QPID-8153: -- Indeed. Faulty memory, it happens :) > [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS > handshake > --- > > Key: QPID-8153 > URL: https://issues.apache.org/jira/browse/QPID-8153 > Project: Qpid > Issue Type: Improvement > Components: JMS AMQP 0-x >Affects Versions: qpid-java-client-0-x-6.3.0 >Reporter: Alex Rudyy >Priority: Trivial > Fix For: qpid-java-client-0-x-6.3.1 > > > Qpid JMS AMQP 0-x client does not provide SNI as part of TLS handshake. The a > client should be able to indicate which hostname it is attempting to connect > to by using SNI TLS extension. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8153) [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS handshake
[ https://issues.apache.org/jira/browse/QPID-8153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16425407#comment-16425407 ] Alex Rudyy commented on QPID-8153: -- Robbie, JMS AMQP 1-0 client does not set hostname/port on creation of SSLEngine as per [org.apache.qpid.transport.network.security.SecurityLayerFactory|https://github.com/apache/qpid-jms-amqp-0-x/blob/master/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java]. It creates SSLEngine with {{SSLContext#createSSLEngine()}}. > [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS > handshake > --- > > Key: QPID-8153 > URL: https://issues.apache.org/jira/browse/QPID-8153 > Project: Qpid > Issue Type: Improvement > Components: JMS AMQP 0-x >Affects Versions: qpid-java-client-0-x-6.3.0 >Reporter: Alex Rudyy >Priority: Trivial > Fix For: qpid-java-client-0-x-6.3.1 > > > Qpid JMS AMQP 0-x client does not provide SNI as part of TLS handshake. The a > client should be able to indicate which hostname it is attempting to connect > to by using SNI TLS extension. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8153) [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS handshake
[ https://issues.apache.org/jira/browse/QPID-8153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16425193#comment-16425193 ] Robbie Gemmell commented on QPID-8153: -- I haven't tried this but the JIRA surprised me as last I saw the code it seemed like it should work. SNI is done implicitly by the JVM if a hostname is passed to the SSLEngine when created. Note that it only works for FQDN's, so using "localhost" wont but "localhost.localdomain" will, in keeping with the SNI RFC. You can also explicitly set the SNI value used via configuration objects on Java 8+ though. > [JMS AMQP 0-x] JMS AMQP 0-x should be able to send SNI as part of TLS > handshake > --- > > Key: QPID-8153 > URL: https://issues.apache.org/jira/browse/QPID-8153 > Project: Qpid > Issue Type: Improvement > Components: JMS AMQP 0-x >Affects Versions: qpid-java-client-0-x-6.3.0 >Reporter: Alex Rudyy >Priority: Trivial > Fix For: qpid-java-client-0-x-6.3.1 > > > Qpid JMS AMQP 0-x client does not provide SNI as part of TLS handshake. The a > client should be able to indicate which hostname it is attempting to connect > to by using SNI TLS extension. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org