This is an automated email from the ASF dual-hosted git repository.
tross pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/qpid-dispatch.git
The following commit(s) were added to refs/heads/master by this push:
new 136940b DISPATCH-1296 - Change use of pn_ssl_domain_allow_unsecured_client() to
pn_transport_require_encryption() This closes #469 - pn_ssl_domain_unsecured_client() is deprecated
and may be removed.
136940b is described below
commit 136940b55a6c0d269726f27e3c0087deafa492e5
Author: Andrew Stitcher <astitcher@apache.org>
AuthorDate: Mon Mar 18 15:30:38 2019 -0400
DISPATCH-1296 - Change use of pn_ssl_domain_allow_unsecured_client() to pn_transport_require_encryption()
This closes #469
- pn_ssl_domain_unsecured_client() is deprecated and may be removed.
---
src/server.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/server.c b/src/server.c
index 320adfe..4b28ed6 100644
--- a/src/server.c
+++ b/src/server.c
@@ -367,12 +367,6 @@ static qd_error_t listener_setup_ssl(qd_connection_t *ctx, const qd_server_confi
pn_ssl_domain_free(domain);
return qd_error(QD_ERROR_RUNTIME, "Cannot set SSL credentials");
}
- if (!config->ssl_required) {
- if (pn_ssl_domain_allow_unsecured_client(domain)) {
- pn_ssl_domain_free(domain);
- return qd_error(QD_ERROR_RUNTIME, "Cannot allow unsecured client");
- }
- }
// for peer authentication:
if (config->ssl_trusted_certificate_db) {
@@ -414,6 +408,11 @@ static qd_error_t listener_setup_ssl(qd_connection_t *ctx, const qd_server_confi
return qd_error(QD_ERROR_RUNTIME, "Cannot initialize SSL");
}
+ // By default adding ssl to a transport forces encryption to be required, so if it's
not set that here
+ if (!config->ssl_required) {
+ pn_transport_require_encryption(tport, false);
+ }
+
pn_ssl_domain_free(domain);
return QD_ERROR_NONE;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
|