qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cullen Davis <cullen.da...@commitent.com>
Subject Question about C++ broker, C++ client, and SSL encryption
Date Thu, 13 Aug 2009 22:19:29 GMT
I have two questions regarding SSL and the C++ broker / C++ client running qpidd (qpidc) version
0.5 from a trunk build.

1) Start c++ qpid broker as follows
   qpidd --log-enable debug:ssl --log-source yes \
      --log-function yes \
      --auth no \
      --load-module src/.libs/ssl.so \
      --ssl-cert-db /etc/pki/tls/qpid/test_cert_db 
      --ssl-cert-password-file /etc/pki/tls/private/qpid_ssl.pass \
      --ssl-cert-name commit.CjD \
      --ssl-require-client-authentication \
      --require-encryption

2) Run the c++ direct example on port 5672 
   ./examples/direct/declare_queues localhost 5672  
   ./examples/direct/direct_producer localhost 5672
   ./examples/direct/listener localhost 5672
The queue is created, populated, and read with no problems.

3) Run the c++ direct example on port 5671 (first set-up env variables) 
   QPID_LOAD_MODULE=./src/.libs/sslconnector.so
   QPID_SSL_CERT_DB=/etc/pki/tls/qpid/test_cert_db 
   ./examples/direct/declare_queues localhost 5671

At this point, the declare_queues example hangs until CTRL C is pressed.  When declare_queues
terminates, the broker outputs: 
debug qpid/sys/ssl/SslHandler.cpp:143:void qpid::sys::ssl::SslHandler::eof(qpid::sys::ssl::SslIO&):
DISCONNECTED [127.0.0.1:57801]


Question 1 - Why did the examples on port 5672 (#2) succeed?  I thought --load-module src/.libs/ssl.so
and --require-encryption would cause the connection to be rejected.

Question 2 - What is the declare_queue code from #3 blocking on?  Is SSL fully implemented
in the c++ client?

Any insights would be gratefully appreciated.

Cullen J. Davis
CommIT Enterprises, Inc.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org


Mime
View raw message