qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jakub Scholz <ja...@scholz.cz>
Subject Re: Client applications in Python with SSL & EXTERNAL
Date Fri, 11 Mar 2011 13:25:37 GMT
I continued playing with the EXTERNAL authentication and I managed to
modify the python library to get the EXTERNAL authentication working.

I added the EXTERNAL authentication into the PlainClient class, method
start in sasl.py file. This enabled the usage of EXTERNAL
authentication. In transports.py file, tls class, method __init__ I
modified the wrap_socket call, to use correct certificates. Right now
I have the certificates, username etc. hard coded. I have to modify
the API, so that these parameters can be passed from the main
application via the Connection class.

Would there be some interest to get these changes committed into the
Qpid project?


On Thu, Mar 10, 2011 at 16:27, Jakub Scholz <jakub@scholz.cz> wrote:
> Hi,
> I was trying to write a Python script using the Python client API
> version 0.8 and Python 2.7.1 (client under Windows, broker MRG 1.3 on
> RHEL). Normal scripts with PLAIN authentication and no SSL encryption
> seem to be working fine. But when I tried to connect using SSL, I got
> following error message:
> c:\>python client.py
> 2011-03-10 15:12:26,859 DEBUG OPEN[d62d28]: rgd001:15160
> [Errno 1] _ssl.c:499: error:14094412:SSL
> routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> I started digging into the client libraries, and I found the call of
> the method wrap_socket(...) from the Python SSL library in
> transports.py, __init__ method of class tls. By adding a second
> parameter certfile with certificate, I was able to fix the problem and
> connect with PLAIN authentication over SSL. Is this a known problem?
> Or is it a problem which is specific for my combination of
> windows&python&qpid?
> Next, I tried to connect to my broker with the EXTERNAL
> authentication. But according to what I found out, the Python client
> isn't supporting EXTERNAL authentication. I'm I correct, can someone
> confirm it?
> Thanks & Regards
> JAkub Scholz

Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

View raw message