activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jan Kalina (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ARTEMIS-1299) Unable to configure comma delimited enabledProtocols
Date Tue, 25 Jul 2017 15:36:00 GMT

    [ https://issues.apache.org/jira/browse/ARTEMIS-1299?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16100215#comment-16100215
] 

Jan Kalina commented on ARTEMIS-1299:
-------------------------------------

This issue blocks https://issues.jboss.org/browse/JBEAP-11765 (Critical)

> Unable to configure comma delimited enabledProtocols
> ----------------------------------------------------
>
>                 Key: ARTEMIS-1299
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1299
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 1.5.5
>            Reporter: Jan Kalina
>            Priority: Critical
>
> When I want to configure enabled SSL protocols, Netty requires to use comma delimited
list to be passed into *enabledProtocols* param:
> {code}
> TLSv1,TLSv1.1,TLSv1.2
> {code}
> (see https://activemq.apache.org/artemis/docs/1.0.0/configuring-transports.html#configuring-netty-ssl
)
> But when comma is used in value in configuration string passed into *ActiveMQResourceAdapter.setConnectionParameters*,
parsing fails:
> {code}
> java.lang.IllegalArgumentException: Invalid expression TLSv1.1 at enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor;activemqServerName=default;httpUpgradeEnabled=true;port=8080;host=localhost
> 	at org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
> 	at org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:344)
> 	... 15 more
> {code}
> This is because parser use comma to deliminate individual configurations, so configuration
> {code}
> enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor
> {code}
> is parsed as
> {code}
> ["enabledProtocols=TLSv1","TLSv1.1","TLSv1.2;httpUpgradeEndpoint=http-acceptor"]
> {code}
> This is design issue - comma required by netty cannot be passed into ActiveMQ configuration
value.
> I set this as critical as it prevent setting more then one allowed SSLContext protocol.
(Problem especialy for IBM Java, where "TLS" does not work as alias for other TLSv*)



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message