Chuck, I created https://issues.apache.org/jira/browse/QPID-5302
Thanks, Albert. -----Original Message----- From: Chuck Rolke [mailto:[email protected]] Sent: Wednesday, October 30, 2013 6:57 AM To: [email protected] Subject: Re: SSL support in org.apache.qpid.messaging .NET API Hi Albert, Could you submit a jira for this issue? http://qpid.apache.org/issues.html Thanks, Chuck ----- Original Message ----- > From: "Albert Pomortsev" <[email protected]> > To: [email protected] > Sent: Tuesday, October 29, 2013 6:48:19 PM > Subject: RE: SSL support in org.apache.qpid.messaging .NET API > > Hi Gordon, > > Yes, I configured the certificate and all relevant options on the broker. > I've finally managed to make the .NET helloworld example work, to a > degree > though: it connects, sends and receives the message, but crashes on > exit with access violation in Connection destructor in > qpid\cpp\bindings\qpid\dotnet\src\Connection.cpp: > > // Finalizer > Connection::!Connection() > { > if (NULL != nativeObjPtr) > { > msclr::lock lk(privateLock); > > if (NULL != nativeObjPtr) > { > delete nativeObjPtr; // <= exception here, line 191 > nativeObjPtr = NULL; > } > } > } > > Attempted to read or write protected memory. This is often an > indication that other memory is corrupt. > > at qpid.messaging.Connection.{dtor}(Connection* ) > at qpid.messaging.Connection.__delDtor(Connection* , UInt32 A_0) > at Org.Apache.Qpid.Messaging.Connection.!Connection() > at Org.Apache.Qpid.Messaging.Connection.Dispose(Boolean A_0) > at Org.Apache.Qpid.Messaging.Connection.Finalize() > > Looks like deletion of an already disposed object to me. > > When I try running qpid-perftest as described in documentation I'm > also getting access violation. From the trace it looks like some > communication is going on between the tool and the broker but in the > end it crashes without reporting anything: > > D:\Projects\QPid\trunk\qpid\build\src\tests\Debug>qpid-perftest > --count 10000 -P ssl --port 5671 --broker broker.fqdn -t > 2013-10-29 15:32:35 [Client] debug Created IO thread: 0 > 2013-10-29 15:32:35 [Network] debug TCPConnector created for 0-10 > 2013-10-29 15:32:35 [Client] info Set TCP_NODELAY > 2013-10-29 15:32:35 [Security] debug SslConnector created for \x00- > > 2013-10-29 15:32:35 [Network] debug RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: INIT(0-10) > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionStartBody: > server-properties={qpid.federation_tag:V2:36:str16(df1f3306-21fa-4282- > a9b8-fc3979f62709)}; > mechanisms=str16 > {V2:9:str16(ANONYMOUS), V2:5:str16(PLAIN)}; > locales=str16{V2:5:str16(en_US)}; }] > 2013-10-29 15:32:35 [Security] debug WindowsSasl::start(ANONYMOUS > PLAIN) > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionStartOkBody: > client-properties={qpid.client_pid:F4:int32(7536),qpid.client_ppid:F4: > int32(0),qpid.client_process:V2:0:s > tr16(),qpid.session_flow:F4:int32(1)}; mechanism=PLAIN; > response=xxxxxx; locale=en_US; }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionTuneBody: channel-max=32767; max-frame-size=65535; > heartbeat-min=0; heartbeat-max=0; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionTuneOkBody: channel-max=32767; max-frame-size=65535; > heartbeat=0; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionOpenBody: virtual-host=; capabilities=void{}; insist=1; }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionOpenOkBody: known-hosts=str16{}; }] > 2013-10-29 15:32:35 [Client] debug Known-brokers for connection: > 2013-10-29 15:32:35 [Client] info Connection > [10.26.38.125:20730-broker.fqdn:5671] connected to ssl:alado-alb > ertp2.opentext.net:5671 > 2013-10-29 15:32:35 [Client] debug Connection > [10.26.38.125:20730-broker.fqdn:5671] no security layer in plac e > 2013-10-29 15:32:35 [Broker] debug SessionState::SessionState .: > 00A18D50 > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionAttachBody: name=aafa000f-2453-4ce6-9412-1add9be05c23; }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionAttachedBody: name=aafa000f-2453-4ce6-9412-1add9be05c23; }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCommandPointBody: command-id=0; command-offset=0; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionRequestTimeoutBody: timeout=0; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCommandPointBody: command-id=0; command-offset=0; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > ueDeclareBody: queue=qpid-perftest_pub_start; alternate-exchange=; > arguments={}; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > uePurgeBody: queue=qpid-perftest_pub_start; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Exe > cutionSyncBody: }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionTimeoutBody: timeout=0; }] > 2013-10-29 15:32:35 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCompletedBody: commands={ [0,2] }; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > ueDeclareBody: queue=qpid-perftest_pub_done; alternate-exchange=; > arguments={}; }] > 2013-10-29 15:32:35 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > uePurgeBody: queue=qpid-perftest_pub_done; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Exe > cutionSyncBody: }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCompletedBody: commands={ [0,5] }; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > ueDeclareBody: queue=qpid-perftest_sub_ready; alternate-exchange=; > arguments={}; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > uePurgeBody: queue=qpid-perftest_sub_ready; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Exe > cutionSyncBody: }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCompletedBody: commands={ [0,8] }; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > ueDeclareBody: queue=qpid-perftest_sub_done; alternate-exchange=; > arguments={}; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > uePurgeBody: queue=qpid-perftest_sub_done; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Exe > cutionSyncBody: }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCompletedBody: commands={ [0,11] }; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > ueDeclareBody: queue=qpid-perftest0; alternate-exchange=; > arguments={qpid.max_count:F4:int32(0),qpid.max_size:F4:int32(0)}; } ] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Que > uePurgeBody: queue=qpid-perftest0; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Exe > cutionSyncBody: }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionCompletedBody: commands={ [0,14] }; }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionDetachBody: name=aafa000f-2453-4ce6-9412-1add9be05c23; }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=1; {Ses > sionDetachedBody: name=aafa000f-2453-4ce6-9412-1add9be05c23; code=0; > }] > 2013-10-29 15:32:36 [Network] trace SENT > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionCloseBody: reply-code=200; reply-text=OK; }] > 2013-10-29 15:32:36 [Network] trace RECV > [[10.26.38.125:20730-broker.fqdn:5671]]: Frame[BEbe; channel=0; {Con > nectionCloseOkBody: }] > 2013-10-29 15:32:36 [System] debug Exception constructed: Closed by > client > > ERROR: ACCESS VIOLATION > > D:\Projects\QPid\trunk\qpid\build\src\tests\Debug> > > Thanks, > Albert. > > -----Original Message----- > From: Gordon Sim [mailto:[email protected]] > Sent: Tuesday, October 29, 2013 1:57 AM > To: [email protected] > Subject: Re: SSL support in org.apache.qpid.messaging .NET API > > On 10/29/2013 12:18 AM, Albert Pomortsev wrote: > > Hello qpid developers and users. > > > > I'm finding it impossible to use SSL from .NET messaging API. I > > built qpid/proton from trunk sources on Windows. I can successfully > > run the broker and, for example, run the csharp.example.helloworld > > .NET sample using both amqp 0-10 and 1.0 protocols. But configuring > > the client connection for SSL fails. By SSL I mean only server > > authentication and encryption, not client authentication. I was > > planning to use PLAIN SASL authentication with SSL. > > > > The C++ broker handbook states (p.42): > > > > 3. To open an SSL enabled connection in the Qpid Messaging API, set > > the protocol connection option to ssl. > > > > This does not work. I'm receiving the exception "Unsupported protocol: > > ssl". Additionally, this option clashes with the option "protocol:amqp1.0" > > making using them together apparently impossible. > > I tried "transport:ssl". With amqp 0-10 (no "protocol" option) I'm > > getting "Failed to connect (reconnect disabled)" exception. With > > amqp1.0 > > ("protocol:amqp1.0") I'm getting "No such transport: ssl" exception. > > The 'transport' option is what is needed. The protocol option refers > to AMQP > 1.0 v AMQP 0-10 as you state. > > > Can someone please explain: > > > > > > - Is SSL even supported in .NET messaging API? > > It should be for 0-10, but unfortunately it is not yet for 1.0 on windows. > > > - If yes, what is the correct way to enable it? > > There is a text document in the root of the cpp source tree: > https://svn.apache.org/repos/asf/qpid/trunk/qpid/cpp/SSL, which in the > second half describes how to get windows working from c++ and I > believe the same configuration options will work for .NET (using 0-10). > > Did you already specify these? If so, were there any errors on the > broker side when connecting over 0-10 and ssl? The error you got there > is a fairly generic one. Turning up the log level on the client may also help. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] For > additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] For > additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
