activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tab...@apache.org
Subject svn commit: r1645036 - in /activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp: SslTransport.cs SslTransportFactory.cs
Date Fri, 12 Dec 2014 19:08:21 GMT
Author: tabish
Date: Fri Dec 12 19:08:21 2014
New Revision: 1645036

URL: http://svn.apache.org/r1645036
Log:
Make SSL-Protocol configurable to use others than SSLProtocols.Default (which is SSL 3.0/TLS
1.0)

add transport.sslProtocol="Tls" etc to configure something other than default.
Fixes [AMQNET-AMQNET-476]. (See https://issues.apache.org/jira/browse/AMQNET-AMQNET-476)

Modified:
    activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransport.cs
    activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransportFactory.cs

Modified: activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransport.cs
URL: http://svn.apache.org/viewvc/activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransport.cs?rev=1645036&r1=1645035&r2=1645036&view=diff
==============================================================================
--- activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransport.cs
(original)
+++ activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransport.cs
Fri Dec 12 19:08:21 2014
@@ -33,6 +33,7 @@ namespace Apache.NMS.ActiveMQ.Transport.
         private string brokerCertFilename;
         private string keyStoreName;
         private string keyStoreLocation;
+        private string sslProtocol;
         private bool acceptInvalidBrokerCert = false;
 
         private SslStream sslStream;
@@ -117,6 +118,12 @@ namespace Apache.NMS.ActiveMQ.Transport.
             set { this.keyStoreLocation = value; }
         }
 
+        public string SslProtocol
+        {
+            get { return this.sslProtocol; }
+            set { this.sslProtocol = value; }
+        }
+
         protected override Stream CreateSocketStream()
         {
             if(this.sslStream != null)
@@ -138,8 +145,8 @@ namespace Apache.NMS.ActiveMQ.Transport.
             try
             {
                 string remoteCertName = this.serverName ?? this.RemoteAddress.Host;
-                Tracer.Debug("Authorizing as Client for Server: " + remoteCertName);
-                sslStream.AuthenticateAsClient(remoteCertName, LoadClientCertificates(),
SslProtocols.Default, false);
+                Tracer.DebugFormat("Authorizing as Client for Server: {0}", remoteCertName);
+                sslStream.AuthenticateAsClient(remoteCertName, LoadClientCertificates(),
GetAllowedProtocol(), false);
                 Tracer.Debug("Server is Authenticated = " + sslStream.IsAuthenticated);
                 Tracer.Debug("Server is Encrypted = " + sslStream.IsEncrypted);
             }
@@ -313,5 +320,15 @@ namespace Apache.NMS.ActiveMQ.Transport.
 
             return collection;
         }
+
+        private SslProtocols GetAllowedProtocol() 
+        {
+            if (!String.IsNullOrEmpty(SslProtocol))
+            {
+                return (SslProtocols)Enum.Parse(typeof(SslProtocols), SslProtocol, true);
+            }
+
+            return SslProtocols.Default;
+        }
     }
 }

Modified: activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransportFactory.cs
URL: http://svn.apache.org/viewvc/activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransportFactory.cs?rev=1645036&r1=1645035&r2=1645036&view=diff
==============================================================================
--- activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransportFactory.cs
(original)
+++ activemq/activemq-dotnet/Apache.NMS.ActiveMQ/trunk/src/main/csharp/Transport/Tcp/SslTransportFactory.cs
Fri Dec 12 19:08:21 2014
@@ -31,6 +31,7 @@ namespace Apache.NMS.ActiveMQ.Transport.
         private string brokerCertFilename;
         private string keyStoreName;
         private string keyStoreLocation;
+        private string sslProtocol;
         private bool acceptInvalidBrokerCert = false;
         
         public SslTransportFactory() : base()
@@ -85,6 +86,12 @@ namespace Apache.NMS.ActiveMQ.Transport.
             set { this.keyStoreLocation = value; }
         }
 
+        public string SslProtocol
+        {
+            get { return this.sslProtocol; }
+            set { this.sslProtocol = value; }
+        }
+
 		protected override ITransport DoCreateTransport(Uri location, Socket socket, IWireFormat
wireFormat )
 		{
             Tracer.Debug("Creating new instance of the SSL Transport.");
@@ -98,6 +105,7 @@ namespace Apache.NMS.ActiveMQ.Transport.
             transport.KeyStoreLocation = this.keyStoreLocation;
             transport.KeyStoreName = this.keyStoreName;
             transport.AcceptInvalidBrokerCert = this.acceptInvalidBrokerCert;
+            transport.SslProtocol = this.sslProtocol;
             
             return transport;
 		}		



Mime
View raw message