[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-05 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16352911#comment-16352911
 ] 

ASF subversion and git services commented on ARTEMIS-1649:
--

Commit 6501c3de1fc8d440923b241f95a4f7f0ead6a7c3 in activemq-artemis's branch 
refs/heads/master from [~pahli]
[ https://git-wip-us.apache.org/repos/asf?p=activemq-artemis.git;h=6501c3d ]

ARTEMIS-1649 - enable openssl provider for Netty


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16352912#comment-16352912
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user asfgit closed the pull request at:

https://github.com/apache/activemq-artemis/pull/1834


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16350501#comment-16350501
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1834
  
@rpahli, it would be appropriate to add the link to the documentation.


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16349895#comment-16349895
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user rpahli commented on the issue:

https://github.com/apache/activemq-artemis/pull/1834
  
Ok I'll add the new parameter to the documentation.
We need the openssl provider to use some special combinations of 
ciphersuites and elliptic curves.

see https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations

Should I add these link to the documentation too?


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16349170#comment-16349170
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1834
  
Could you update the SSL documentation in 
docs/user-manual/en/configuring-transports.md to include the new "sslProvider" 
parameter including a short explanation of why the JDK provider might be useful 
vs. the OpenSSL provider and vice-versa?  It's not clear from your commit what 
the functional benefit of this change actually is.


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348654#comment-16348654
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1834
  
Couple of things...

- All changes should be squashed into a single commit
- The commit message should follow the pattern described in the [Hacking 
Guide](https://github.com/apache/activemq-artemis/blob/master/docs/hacking-guide/en/maintainers.md#commit-messages).


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348481#comment-16348481
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user michaelandrepearce commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1834#discussion_r16533
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
 ---
@@ -841,7 +864,7 @@ private HttpUpgradeHandler(ChannelPipeline pipeline, 
HttpClientCodec httpClientC
* HTTP upgrade response will be decode by Netty as 2 objects:
* - 1 HttpObject corresponding to the 101 SWITCHING PROTOCOL headers
* - 1 EMPTY_LAST_CONTENT
-   *
+   * 
--- End diff --

Un-needed change, please remove.


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348335#comment-16348335
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user franz1981 commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1834#discussion_r165308928
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
 ---
@@ -530,48 +539,34 @@ public synchronized void start() {
if 
(System.getProperty(ACTIVEMQ_TRUSTSTORE_PASSWORD_PROP_NAME) != null) {
   realTrustStorePassword = 
System.getProperty(ACTIVEMQ_TRUSTSTORE_PASSWORD_PROP_NAME);
}
-   context = SSLSupport.createContext(realKeyStoreProvider, 
realKeyStorePath, realKeyStorePassword, realTrustStoreProvider, 
realTrustStorePath, realTrustStorePassword, trustAll, crlPath);
+
 }
  } catch (Exception e) {
 close();
 IllegalStateException ise = new IllegalStateException("Unable 
to create NettyConnector for " + host + ":" + port);
 ise.initCause(e);
 throw ise;
  }
-  } else {
- context = null; // Unused
   }
 
-  if (context != null && useServlet) {
- // TODO: Fix me
- //bootstrap.setOption("sslContext", context);
-  }
+  //if (context != null && useServlet) {
--- End diff --

If isn't needed anymore please remove it 


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348319#comment-16348319
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user michaelandrepearce commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1834#discussion_r165305348
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
 ---
@@ -530,48 +539,34 @@ public synchronized void start() {
if 
(System.getProperty(ACTIVEMQ_TRUSTSTORE_PASSWORD_PROP_NAME) != null) {
   realTrustStorePassword = 
System.getProperty(ACTIVEMQ_TRUSTSTORE_PASSWORD_PROP_NAME);
}
-   context = SSLSupport.createContext(realKeyStoreProvider, 
realKeyStorePath, realKeyStorePassword, realTrustStoreProvider, 
realTrustStorePath, realTrustStorePassword, trustAll, crlPath);
+
 }
  } catch (Exception e) {
 close();
 IllegalStateException ise = new IllegalStateException("Unable 
to create NettyConnector for " + host + ":" + port);
 ise.initCause(e);
 throw ise;
  }
-  } else {
- context = null; // Unused
   }
 
-  if (context != null && useServlet) {
- // TODO: Fix me
- //bootstrap.setOption("sslContext", context);
-  }
+  //if (context != null && useServlet) {
+  // TODO: Fix me
+  //bootstrap.setOption("sslContext", context);
+  //}
 
   bootstrap.handler(new ChannelInitializer() {
--- End diff --

this probably could be made a lamda.


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348316#comment-16348316
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user michaelandrepearce commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1834#discussion_r165304543
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
 ---
@@ -416,6 +421,13 @@ private String getHttpUpgradeInfo() {
   return ", activemqServerName=" + serverName + ", 
httpUpgradeEndpoint=" + acceptor;
}
 
+   private String realKeyStorePath;
--- End diff --

copying comment from old PR, please can we keep these method scope.


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348294#comment-16348294
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user rpahli commented on the issue:

https://github.com/apache/activemq-artemis/pull/1834
  
I closed the PR #1833 unintentionally


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348286#comment-16348286
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

GitHub user rpahli opened a pull request:

https://github.com/apache/activemq-artemis/pull/1834

ARTEMIS-1649 - enable openssl provider for Netty

We want to use the native Openssl Provider for netty to use the native 
openssl.
Added the supprt to switch between JDK and OpenSSL Provider.

see #1833

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/kiwigrid/activemq-artemis 
enable-openssl-provider

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/activemq-artemis/pull/1834.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1834


commit bb0bea377fb89e5b44bbe03818e2c78602448fc0
Author: rico.pahlisch 
Date:   2018-02-01T09:35:01Z

code formating




> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1649) enable openssl provider for Netty

2018-02-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ARTEMIS-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16348256#comment-16348256
 ] 

ASF GitHub Bot commented on ARTEMIS-1649:
-

Github user rpahli closed the pull request at:

https://github.com/apache/activemq-artemis/pull/1833


> enable openssl provider for Netty
> -
>
> Key: ARTEMIS-1649
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1649
> Project: ActiveMQ Artemis
>  Issue Type: New Feature
>Reporter: Rico Pahlisch
>Priority: Major
>
> We want to use the native Openssl Provider for netty to use the native 
> openssl.
> Added the supprt to switch between JDK and OpenSSL Provider.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)